Mercurial > trustbridge > nss-cmake-static
comparison nss/lib/pkcs7/p7local.h @ 0:1e5118fa0cb1
This is NSS with a Cmake Buildsyste
To compile a static NSS library for Windows we've used the
Chromium-NSS fork and added a Cmake buildsystem to compile
it statically for Windows. See README.chromium for chromium
changes and README.trustbridge for our modifications.
| author | Andre Heinecke <andre.heinecke@intevation.de> |
|---|---|
| date | Mon, 28 Jul 2014 10:47:06 +0200 |
| parents | |
| children |
comparison
equal
deleted
inserted
replaced
| -1:000000000000 | 0:1e5118fa0cb1 |
|---|---|
| 1 /* This Source Code Form is subject to the terms of the Mozilla Public | |
| 2 * License, v. 2.0. If a copy of the MPL was not distributed with this | |
| 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | |
| 4 | |
| 5 /* | |
| 6 * Support routines for PKCS7 implementation, none of which are exported. | |
| 7 * This file should only contain things that are needed by both the | |
| 8 * encoding/creation side *and* the decoding/decryption side. Anything | |
| 9 * else should just be static routines in the appropriate file. | |
| 10 * | |
| 11 * Do not export this file! If something in here is really needed outside | |
| 12 * of pkcs7 code, first try to add a PKCS7 interface which will do it for | |
| 13 * you. If that has a problem, then just move out what you need, changing | |
| 14 * its name as appropriate! | |
| 15 */ | |
| 16 | |
| 17 #ifndef _P7LOCAL_H_ | |
| 18 #define _P7LOCAL_H_ | |
| 19 | |
| 20 #include "secpkcs7.h" | |
| 21 #include "secasn1t.h" | |
| 22 | |
| 23 extern const SEC_ASN1Template sec_PKCS7ContentInfoTemplate[]; | |
| 24 | |
| 25 /* opaque objects */ | |
| 26 typedef struct sec_pkcs7_cipher_object sec_PKCS7CipherObject; | |
| 27 | |
| 28 | |
| 29 /************************************************************************/ | |
| 30 SEC_BEGIN_PROTOS | |
| 31 | |
| 32 /* | |
| 33 * Look through a set of attributes and find one that matches the | |
| 34 * specified object ID. If "only" is true, then make sure that | |
| 35 * there is not more than one attribute of the same type. Otherwise, | |
| 36 * just return the first one found. (XXX Does anybody really want | |
| 37 * that first-found behavior? It was like that when I found it...) | |
| 38 */ | |
| 39 extern SEC_PKCS7Attribute *sec_PKCS7FindAttribute (SEC_PKCS7Attribute **attrs, | |
| 40 SECOidTag oidtag, | |
| 41 PRBool only); | |
| 42 /* | |
| 43 * Return the single attribute value, doing some sanity checking first: | |
| 44 * - Multiple values are *not* expected. | |
| 45 * - Empty values are *not* expected. | |
| 46 */ | |
| 47 extern SECItem *sec_PKCS7AttributeValue (SEC_PKCS7Attribute *attr); | |
| 48 | |
| 49 /* | |
| 50 * Encode a set of attributes (found in "src"). | |
| 51 */ | |
| 52 extern SECItem *sec_PKCS7EncodeAttributes (PLArenaPool *poolp, | |
| 53 SECItem *dest, void *src); | |
| 54 | |
| 55 /* | |
| 56 * Make sure that the order of the attributes guarantees valid DER | |
| 57 * (which must be in lexigraphically ascending order for a SET OF); | |
| 58 * if reordering is necessary it will be done in place (in attrs). | |
| 59 */ | |
| 60 extern SECStatus sec_PKCS7ReorderAttributes (SEC_PKCS7Attribute **attrs); | |
| 61 | |
| 62 | |
| 63 /* | |
| 64 * Create a context for decrypting, based on the given key and algorithm. | |
| 65 */ | |
| 66 extern sec_PKCS7CipherObject * | |
| 67 sec_PKCS7CreateDecryptObject (PK11SymKey *key, SECAlgorithmID *algid); | |
| 68 | |
| 69 /* | |
| 70 * Create a context for encrypting, based on the given key and algorithm, | |
| 71 * and fill in the algorithm id. | |
| 72 */ | |
| 73 extern sec_PKCS7CipherObject * | |
| 74 sec_PKCS7CreateEncryptObject (PLArenaPool *poolp, PK11SymKey *key, | |
| 75 SECOidTag algtag, SECAlgorithmID *algid); | |
| 76 | |
| 77 /* | |
| 78 * Destroy the given decryption or encryption object. | |
| 79 */ | |
| 80 extern void sec_PKCS7DestroyDecryptObject (sec_PKCS7CipherObject *obj); | |
| 81 extern void sec_PKCS7DestroyEncryptObject (sec_PKCS7CipherObject *obj); | |
| 82 | |
| 83 /* | |
| 84 * What will be the output length of the next call to encrypt/decrypt? | |
| 85 * Result can be used to perform memory allocations. Note that the amount | |
| 86 * is exactly accurate only when not doing a block cipher or when final | |
| 87 * is false, otherwise it is an upper bound on the amount because until | |
| 88 * we see the data we do not know how many padding bytes there are | |
| 89 * (always between 1 and the cipher block size). | |
| 90 * | |
| 91 * Note that this can return zero, which does not mean that the cipher | |
| 92 * operation can be skipped! (It simply means that there are not enough | |
| 93 * bytes to make up an entire block; the bytes will be reserved until | |
| 94 * there are enough to encrypt/decrypt at least one block.) However, | |
| 95 * if zero is returned it *does* mean that no output buffer need be | |
| 96 * passed in to the subsequent cipher operation, as no output bytes | |
| 97 * will be stored. | |
| 98 */ | |
| 99 extern unsigned int sec_PKCS7DecryptLength (sec_PKCS7CipherObject *obj, | |
| 100 unsigned int input_len, | |
| 101 PRBool final); | |
| 102 extern unsigned int sec_PKCS7EncryptLength (sec_PKCS7CipherObject *obj, | |
| 103 unsigned int input_len, | |
| 104 PRBool final); | |
| 105 | |
| 106 /* | |
| 107 * Decrypt a given length of input buffer (starting at "input" and | |
| 108 * containing "input_len" bytes), placing the decrypted bytes in | |
| 109 * "output" and storing the output length in "*output_len_p". | |
| 110 * "obj" is the return value from sec_PKCS7CreateDecryptObject. | |
| 111 * When "final" is true, this is the last of the data to be decrypted. | |
| 112 */ | |
| 113 extern SECStatus sec_PKCS7Decrypt (sec_PKCS7CipherObject *obj, | |
| 114 unsigned char *output, | |
| 115 unsigned int *output_len_p, | |
| 116 unsigned int max_output_len, | |
| 117 const unsigned char *input, | |
| 118 unsigned int input_len, | |
| 119 PRBool final); | |
| 120 | |
| 121 /* | |
| 122 * Encrypt a given length of input buffer (starting at "input" and | |
| 123 * containing "input_len" bytes), placing the encrypted bytes in | |
| 124 * "output" and storing the output length in "*output_len_p". | |
| 125 * "obj" is the return value from sec_PKCS7CreateEncryptObject. | |
| 126 * When "final" is true, this is the last of the data to be encrypted. | |
| 127 */ | |
| 128 extern SECStatus sec_PKCS7Encrypt (sec_PKCS7CipherObject *obj, | |
| 129 unsigned char *output, | |
| 130 unsigned int *output_len_p, | |
| 131 unsigned int max_output_len, | |
| 132 const unsigned char *input, | |
| 133 unsigned int input_len, | |
| 134 PRBool final); | |
| 135 | |
| 136 /************************************************************************/ | |
| 137 SEC_END_PROTOS | |
| 138 | |
| 139 #endif /* _P7LOCAL_H_ */ |