1 files changed, 398 insertions, 0 deletions
diff --git a/security/nss/lib/pkcs12/pkcs12t.h b/security/nss/lib/pkcs12/pkcs12t.h
new file mode 100644
index 000000000..98d84d123
--- /dev/null
+++ b/security/nss/lib/pkcs12/pkcs12t.h
@@ -0,0 +1,398 @@
+/* ***** BEGIN LICENSE BLOCK *****
+ * Version: MPL 1.1/GPL 2.0/LGPL 2.1
+ *
+ * The contents of this file are subject to the Mozilla Public License Version
+ * 1.1 (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ * http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+ * for the specific language governing rights and limitations under the
+ * License.
+ *
+ * The Original Code is the Netscape security libraries.
+ *
+ * The Initial Developer of the Original Code is
+ * Netscape Communications Corporation.
+ * Portions created by the Initial Developer are Copyright (C) 1994-2000
+ * the Initial Developer. All Rights Reserved.
+ *
+ * Contributor(s):
+ *
+ * Alternatively, the contents of this file may be used under the terms of
+ * either the GNU General Public License Version 2 or later (the "GPL"), or
+ * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+ * in which case the provisions of the GPL or the LGPL are applicable instead
+ * of those above. If you wish to allow use of your version of this file only
+ * under the terms of either the GPL or the LGPL, and not to allow others to
+ * use your version of this file under the terms of the MPL, indicate your
+ * decision by deleting the provisions above and replace them with the notice
+ * and other provisions required by the GPL or the LGPL. If you do not delete
+ * the provisions above, a recipient may use your version of this file under
+ * the terms of any one of the MPL, the GPL or the LGPL.
+ *
+ * ***** END LICENSE BLOCK ***** */
+
+#ifndef _PKCS12T_H_
+#define _PKCS12T_H_
+
+#include "seccomon.h"
+#include "secoid.h"
+#include "cert.h"
+#include "key.h"
+#include "plarena.h"
+#include "secpkcs7.h"
+#include "secdig.h"	/* for SGNDigestInfo */
+
+typedef enum {
+  SECPKCS12TargetTokenNoCAs,		/* CA get loaded intothe fixed token,
+					 * User certs go to target token */
+  SECPKCS12TargetTokenIntermediateCAs,  /* User certs and intermediates go to
+					 * target token, root certs got to
+					 * fixed token */
+  SECPKCS12TargetTokenAllCAs		/* All certs go to target token */
+} SECPKCS12TargetTokenCAs;
+
+/* PKCS12 Structures */
+typedef struct SEC_PKCS12PFXItemStr SEC_PKCS12PFXItem;
+typedef struct SEC_PKCS12MacDataStr SEC_PKCS12MacData;
+typedef struct SEC_PKCS12AuthenticatedSafeStr SEC_PKCS12AuthenticatedSafe;
+typedef struct SEC_PKCS12BaggageItemStr SEC_PKCS12BaggageItem;
+typedef struct SEC_PKCS12BaggageStr SEC_PKCS12Baggage;
+typedef struct SEC_PKCS12Baggage_OLDStr SEC_PKCS12Baggage_OLD;
+typedef struct SEC_PKCS12ESPVKItemStr SEC_PKCS12ESPVKItem;
+typedef struct SEC_PKCS12PVKSupportingDataStr SEC_PKCS12PVKSupportingData;
+typedef struct SEC_PKCS12PVKAdditionalDataStr SEC_PKCS12PVKAdditionalData;
+typedef struct SEC_PKCS12SafeContentsStr SEC_PKCS12SafeContents;
+typedef struct SEC_PKCS12SafeBagStr SEC_PKCS12SafeBag;
+typedef struct SEC_PKCS12PrivateKeyStr SEC_PKCS12PrivateKey;
+typedef struct SEC_PKCS12PrivateKeyBagStr SEC_PKCS12PrivateKeyBag;
+typedef struct SEC_PKCS12CertAndCRLBagStr SEC_PKCS12CertAndCRLBag;
+typedef struct SEC_PKCS12CertAndCRLStr SEC_PKCS12CertAndCRL;
+typedef struct SEC_PKCS12X509CertCRLStr SEC_PKCS12X509CertCRL;
+typedef struct SEC_PKCS12SDSICertStr SEC_PKCS12SDSICert;
+typedef struct SEC_PKCS12SecretStr SEC_PKCS12Secret;
+typedef struct SEC_PKCS12SecretAdditionalStr SEC_PKCS12SecretAdditional;
+typedef struct SEC_PKCS12SecretItemStr SEC_PKCS12SecretItem;
+typedef struct SEC_PKCS12SecretBagStr SEC_PKCS12SecretBag;
+
+typedef SECItem *(* SEC_PKCS12PasswordFunc)(SECItem *args);
+
+/* PKCS12 types */
+
+/* stores shrouded keys */
+struct SEC_PKCS12BaggageStr
+{
+    PLArenaPool     *poolp;
+    SEC_PKCS12BaggageItem **bags;
+
+    int luggage_size;		/* used locally */
+};
+
+/* additional data to be associated with keys.	currently there
+ * is nothing defined to be stored here.  allows future expansion.
+ */
+struct SEC_PKCS12PVKAdditionalDataStr
+{
+    PLArenaPool	*poolp;
+    SECOidData	*pvkAdditionalTypeTag;	/* used locally */
+    SECItem     pvkAdditionalType;
+    SECItem     pvkAdditionalContent;
+};
+
+/* cert and other supporting data for private keys.  used
+ * for both shrouded and non-shrouded keys.
+ */
+struct SEC_PKCS12PVKSupportingDataStr
+{
+    PLArenaPool		*poolp;
+    SGNDigestInfo 	**assocCerts;
+    SECItem		regenerable;
+    SECItem         	nickname;
+    SEC_PKCS12PVKAdditionalData     pvkAdditional;
+    SECItem		pvkAdditionalDER;
+
+    SECItem		uniNickName;
+    /* used locally */
+    int			nThumbs;
+};
+
+/* shrouded key structure.  supports only pkcs8 shrouding
+ * currently.
+ */
+struct SEC_PKCS12ESPVKItemStr
+{
+    PLArenaPool *poolp;		/* used locally */
+    SECOidData	*espvkTag;	/* used locally */
+    SECItem	espvkOID;
+    SEC_PKCS12PVKSupportingData espvkData;
+    union
+    {
+	SECKEYEncryptedPrivateKeyInfo *pkcs8KeyShroud;
+    } espvkCipherText;
+
+    PRBool duplicate;	/* used locally */
+    PRBool problem_cert; 	/* used locally */
+    PRBool single_cert;		/* used locally */
+    int nCerts;			/* used locally */
+    SECItem derCert;		/* used locally */
+};
+
+/* generic bag store for the safe.  safeBagType identifies
+ * the type of bag stored.
+ */
+struct SEC_PKCS12SafeBagStr
+{
+    PLArenaPool *poolp;
+    SECOidData	*safeBagTypeTag;	/* used locally */
+    SECItem     safeBagType;
+    union
+    {
+	SEC_PKCS12PrivateKeyBag	*keyBag;
+	SEC_PKCS12CertAndCRLBag *certAndCRLBag;
+	SEC_PKCS12SecretBag     *secretBag;
+    } safeContent;
+
+    SECItem	derSafeContent;
+    SECItem 	safeBagName;
+
+    SECItem	uniSafeBagName;
+};
+
+/* stores private keys and certificates in a list.  each safebag
+ * has an ID identifying the type of content stored.
+ */
+struct SEC_PKCS12SafeContentsStr
+{
+    PLArenaPool     	*poolp;
+    SEC_PKCS12SafeBag	**contents;
+
+    /* used for tracking purposes */
+    int safe_size;
+    PRBool old;
+    PRBool swapUnicode;
+    PRBool possibleSwapUnicode;
+};
+
+/* private key structure which holds encrypted private key and
+ * supporting data including nickname and certificate thumbprint.
+ */
+struct SEC_PKCS12PrivateKeyStr
+{
+    PLArenaPool *poolp;
+    SEC_PKCS12PVKSupportingData pvkData;
+    SECKEYPrivateKeyInfo	pkcs8data;   /* borrowed from PKCS 8 */
+
+    PRBool duplicate;	/* used locally */
+    PRBool problem_cert;/* used locally */
+    PRBool single_cert;	/* used locally */
+    int nCerts;		/* used locally */
+    SECItem derCert;	/* used locally */
+};
+
+/* private key bag, holds a (null terminated) list of private key
+ * structures.
+ */
+struct SEC_PKCS12PrivateKeyBagStr
+{
+    PLArenaPool     *poolp;
+    SEC_PKCS12PrivateKey 	**privateKeys;
+
+    int bag_size;	/* used locally */
+};
+
+/* container to hold certificates.  currently supports x509
+ * and sdsi certificates
+ */
+struct SEC_PKCS12CertAndCRLStr
+{
+    PLArenaPool     *poolp;
+    SECOidData	    *BagTypeTag;    /* used locally */
+    SECItem         BagID;
+    union
+    {
+    	SEC_PKCS12X509CertCRL	*x509;
+    	SEC_PKCS12SDSICert	*sdsi;
+    } value;
+
+    SECItem derValue;
+    SECItem nickname;		/* used locally */
+    PRBool duplicate;		/* used locally */
+};
+
+/* x509 certificate structure.	typically holds the der encoding
+ * of the x509 certificate.  thumbprint contains a digest of the
+ * certificate
+ */
+struct SEC_PKCS12X509CertCRLStr
+{
+    PLArenaPool     		*poolp;
+    SEC_PKCS7ContentInfo	certOrCRL;
+    SGNDigestInfo		thumbprint;
+
+    SECItem *derLeafCert;	/* used locally */
+};
+
+/* sdsi certificate structure.	typically holds the der encoding
+ * of the sdsi certificate.  thumbprint contains a digest of the
+ * certificate
+ */
+struct SEC_PKCS12SDSICertStr
+{
+    PLArenaPool     *poolp;
+    SECItem         value;
+    SGNDigestInfo   thumbprint;
+};
+
+/* contains a null terminated list of certs and crls */
+struct SEC_PKCS12CertAndCRLBagStr
+{
+    PLArenaPool     		*poolp;
+    SEC_PKCS12CertAndCRL	**certAndCRLs;
+
+    int bag_size;	/* used locally */
+};
+
+/* additional secret information.  currently no information
+ * stored in this structure.
+ */
+struct SEC_PKCS12SecretAdditionalStr
+{
+    PLArenaPool     *poolp;
+    SECOidData	    *secretTypeTag;         /* used locally */
+    SECItem         secretAdditionalType;
+    SECItem         secretAdditionalContent;
+};
+
+/* secrets container.  this will be used to contain currently
+ * unspecified secrets.  (it's a secret)
+ */
+struct SEC_PKCS12SecretStr
+{
+    PLArenaPool     *poolp;
+    SECItem	secretName;
+    SECItem	value;
+    SEC_PKCS12SecretAdditional	secretAdditional;
+
+    SECItem	uniSecretName;
+};
+
+struct SEC_PKCS12SecretItemStr
+{
+    PLArenaPool     *poolp;
+    SEC_PKCS12Secret	secret;
+    SEC_PKCS12SafeBag	subFolder;
+};    
+
+/* a bag of secrets.  holds a null terminated list of secrets.
+ */
+struct SEC_PKCS12SecretBagStr
+{
+    PLArenaPool     	*poolp;
+    SEC_PKCS12SecretItem	**secrets;
+
+    int bag_size;	/* used locally */
+};
+
+struct SEC_PKCS12MacDataStr
+{
+    SGNDigestInfo	safeMac;
+    SECItem		macSalt;
+};
+
+/* outer transfer unit */
+struct SEC_PKCS12PFXItemStr
+{
+    PLArenaPool		*poolp;
+    SEC_PKCS12MacData	macData;
+    SEC_PKCS7ContentInfo	authSafe; 
+
+    /* for compatibility with beta */
+    PRBool		old;
+    SGNDigestInfo 	old_safeMac;
+    SECItem		old_macSalt;
+
+    /* compatibility between platforms for unicode swapping */
+    PRBool		swapUnicode;
+};
+
+struct SEC_PKCS12BaggageItemStr {
+    PLArenaPool	    *poolp;
+    SEC_PKCS12ESPVKItem	**espvks;
+    SEC_PKCS12SafeBag	**unencSecrets;
+
+    int nEspvks;
+    int nSecrets; 
+};
+    
+/* stores shrouded keys */
+struct SEC_PKCS12Baggage_OLDStr
+{
+    PLArenaPool     *poolp;
+    SEC_PKCS12ESPVKItem **espvks;
+
+    int luggage_size;		/* used locally */
+};
+
+/* authenticated safe, stores certs, keys, and shrouded keys */
+struct SEC_PKCS12AuthenticatedSafeStr
+{
+    PLArenaPool     *poolp;
+    SECItem         version;
+    SECOidData	    *transportTypeTag;	/* local not part of encoding*/
+    SECItem         transportMode;
+    SECItem         privacySalt;
+    SEC_PKCS12Baggage	  baggage;
+    SEC_PKCS7ContentInfo  *safe;
+
+    /* used for beta compatibility */
+    PRBool old;
+    PRBool emptySafe;
+    SEC_PKCS12Baggage_OLD old_baggage;
+    SEC_PKCS7ContentInfo old_safe;
+    PRBool swapUnicode;
+};
+#define SEC_PKCS12_PFX_VERSION		1		/* what we create */
+
+
+
+/* PKCS 12 Templates */
+extern const SEC_ASN1Template SEC_PKCS12PFXItemTemplate_OLD[];
+extern const SEC_ASN1Template SEC_PKCS12AuthenticatedSafeTemplate_OLD[];
+extern const SEC_ASN1Template SEC_PKCS12BaggageTemplate_OLD[];
+extern const SEC_ASN1Template SEC_PKCS12PFXItemTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12MacDataTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12AuthenticatedSafeTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12BaggageTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12ESPVKItemTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12PVKSupportingDataTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12PVKAdditionalTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12SafeContentsTemplate_OLD[];
+extern const SEC_ASN1Template SEC_PKCS12SafeContentsTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12SafeBagTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12PrivateKeyTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12PrivateKeyBagTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12CertAndCRLTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12CertAndCRLBagTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12X509CertCRLTemplate_OLD[];
+extern const SEC_ASN1Template SEC_PKCS12X509CertCRLTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12SDSICertTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12SecretBagTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12SecretTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12SecretItemTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12SecretAdditionalTemplate[];
+extern const SEC_ASN1Template SGN_DigestInfoTemplate[];
+extern const SEC_ASN1Template SEC_PointerToPKCS12KeyBagTemplate[];
+extern const SEC_ASN1Template SEC_PointerToPKCS12CertAndCRLBagTemplate[];
+extern const SEC_ASN1Template SEC_PointerToPKCS12CertAndCRLBagTemplate_OLD[];
+extern const SEC_ASN1Template SEC_PointerToPKCS12SecretBagTemplate[];
+extern const SEC_ASN1Template SEC_PointerToPKCS12X509CertCRLTemplate_OLD[];
+extern const SEC_ASN1Template SEC_PointerToPKCS12X509CertCRLTemplate[];
+extern const SEC_ASN1Template SEC_PointerToPKCS12SDSICertTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12CodedSafeBagTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12CodedCertBagTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12CodedCertAndCRLBagTemplate[];
+extern const SEC_ASN1Template SEC_PKCS12PVKSupportingDataTemplate_OLD[];
+extern const SEC_ASN1Template SEC_PKCS12ESPVKItemTemplate_OLD[];
+#endif