Mercurial > trustbridge > nss-cmake-static
comparison nss/lib/smime/smime.h @ 0:1e5118fa0cb1
This is NSS with a Cmake Buildsyste
To compile a static NSS library for Windows we've used the
Chromium-NSS fork and added a Cmake buildsystem to compile
it statically for Windows. See README.chromium for chromium
changes and README.trustbridge for our modifications.
author | Andre Heinecke <andre.heinecke@intevation.de> |
---|---|
date | Mon, 28 Jul 2014 10:47:06 +0200 |
parents | |
children |
comparison
equal
deleted
inserted
replaced
-1:000000000000 | 0:1e5118fa0cb1 |
---|---|
1 /* This Source Code Form is subject to the terms of the Mozilla Public | |
2 * License, v. 2.0. If a copy of the MPL was not distributed with this | |
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | |
4 | |
5 /* | |
6 * Header file for routines specific to S/MIME. Keep things that are pure | |
7 * pkcs7 out of here; this is for S/MIME policy, S/MIME interoperability, etc. | |
8 */ | |
9 | |
10 #ifndef _SMIME_H_ | |
11 #define _SMIME_H_ 1 | |
12 | |
13 #include "cms.h" | |
14 | |
15 | |
16 /************************************************************************/ | |
17 SEC_BEGIN_PROTOS | |
18 | |
19 /* | |
20 * Initialize the local recording of the user S/MIME cipher preferences. | |
21 * This function is called once for each cipher, the order being | |
22 * important (first call records greatest preference, and so on). | |
23 * When finished, it is called with a "which" of CIPHER_FAMILID_MASK. | |
24 * If the function is called again after that, it is assumed that | |
25 * the preferences are being reset, and the old preferences are | |
26 * discarded. | |
27 * | |
28 * XXX This is for a particular user, and right now the storage is | |
29 * XXX local, static. The preference should be stored elsewhere to allow | |
30 * XXX for multiple uses of one library? How does SSL handle this; | |
31 * XXX it has something similar? | |
32 * | |
33 * - The "which" values are defined in ciferfam.h (the SMIME_* values, | |
34 * for example SMIME_DES_CBC_56). | |
35 * - If "on" is non-zero then the named cipher is enabled, otherwise | |
36 * it is disabled. (It is not necessary to call the function for | |
37 * ciphers that are disabled, however, as that is the default.) | |
38 * | |
39 * If the cipher preference is successfully recorded, SECSuccess | |
40 * is returned. Otherwise SECFailure is returned. The only errors | |
41 * are due to failure allocating memory or bad parameters/calls: | |
42 * SEC_ERROR_XXX ("which" is not in the S/MIME cipher family) | |
43 * SEC_ERROR_XXX (function is being called more times than there | |
44 * are known/expected ciphers) | |
45 */ | |
46 extern SECStatus NSS_SMIMEUtil_EnableCipher(long which, int on); | |
47 | |
48 /* | |
49 * Initialize the local recording of the S/MIME policy. | |
50 * This function is called to allow/disallow a particular cipher. | |
51 * | |
52 * XXX This is for the current module, I think, so local, static storage | |
53 * XXX is okay. Is that correct, or could multiple uses of the same | |
54 * XXX library expect to operate under different policies? | |
55 * | |
56 * - The "which" values are defined in ciferfam.h (the SMIME_* values, | |
57 * for example SMIME_DES_CBC_56). | |
58 * - If "on" is non-zero then the named cipher is enabled, otherwise | |
59 * it is disabled. | |
60 */ | |
61 extern SECStatus NSS_SMIMEUtils_AllowCipher(long which, int on); | |
62 | |
63 /* | |
64 * Does the current policy allow S/MIME decryption of this particular | |
65 * algorithm and keysize? | |
66 */ | |
67 extern PRBool NSS_SMIMEUtil_DecryptionAllowed(SECAlgorithmID *algid, PK11SymKey *key); | |
68 | |
69 /* | |
70 * Does the current policy allow *any* S/MIME encryption (or decryption)? | |
71 * | |
72 * This tells whether or not *any* S/MIME encryption can be done, | |
73 * according to policy. Callers may use this to do nicer user interface | |
74 * (say, greying out a checkbox so a user does not even try to encrypt | |
75 * a message when they are not allowed to) or for any reason they want | |
76 * to check whether S/MIME encryption (or decryption, for that matter) | |
77 * may be done. | |
78 * | |
79 * It takes no arguments. The return value is a simple boolean: | |
80 * PR_TRUE means encryption (or decryption) is *possible* | |
81 * (but may still fail due to other reasons, like because we cannot | |
82 * find all the necessary certs, etc.; PR_TRUE is *not* a guarantee) | |
83 * PR_FALSE means encryption (or decryption) is not permitted | |
84 * | |
85 * There are no errors from this routine. | |
86 */ | |
87 extern PRBool NSS_SMIMEUtil_EncryptionPossible(void); | |
88 | |
89 /* | |
90 * NSS_SMIMEUtil_CreateSMIMECapabilities - get S/MIME capabilities attr value | |
91 * | |
92 * scans the list of allowed and enabled ciphers and construct a PKCS9-compliant | |
93 * S/MIME capabilities attribute value. | |
94 */ | |
95 extern SECStatus NSS_SMIMEUtil_CreateSMIMECapabilities(PLArenaPool *poolp, SECItem *dest); | |
96 | |
97 /* | |
98 * NSS_SMIMEUtil_CreateSMIMEEncKeyPrefs - create S/MIME encryption key preferences attr value | |
99 */ | |
100 extern SECStatus NSS_SMIMEUtil_CreateSMIMEEncKeyPrefs(PLArenaPool *poolp, SECItem *dest, CERTCertificate *cert); | |
101 | |
102 /* | |
103 * NSS_SMIMEUtil_CreateMSSMIMEEncKeyPrefs - create S/MIME encryption key preferences attr value using MS oid | |
104 */ | |
105 extern SECStatus NSS_SMIMEUtil_CreateMSSMIMEEncKeyPrefs(PLArenaPool *poolp, SECItem *dest, CERTCertificate *cert); | |
106 | |
107 /* | |
108 * NSS_SMIMEUtil_GetCertFromEncryptionKeyPreference - find cert marked by EncryptionKeyPreference | |
109 * attribute | |
110 */ | |
111 extern CERTCertificate *NSS_SMIMEUtil_GetCertFromEncryptionKeyPreference(CERTCertDBHandle *certdb, SECItem *DERekp); | |
112 | |
113 /* | |
114 * NSS_SMIMEUtil_FindBulkAlgForRecipients - find bulk algorithm suitable for all recipients | |
115 */ | |
116 extern SECStatus | |
117 NSS_SMIMEUtil_FindBulkAlgForRecipients(CERTCertificate **rcerts, SECOidTag *bulkalgtag, int *keysize); | |
118 | |
119 /* | |
120 * Return a boolean that indicates whether the underlying library | |
121 * will perform as the caller expects. | |
122 * | |
123 * The only argument is a string, which should be the version | |
124 * identifier of the NSS library. That string will be compared | |
125 * against a string that represents the actual build version of | |
126 * the S/MIME library. | |
127 */ | |
128 extern PRBool NSSSMIME_VersionCheck(const char *importedVersion); | |
129 | |
130 /* | |
131 * Returns a const string of the S/MIME library version. | |
132 */ | |
133 extern const char *NSSSMIME_GetVersion(void); | |
134 | |
135 /************************************************************************/ | |
136 SEC_END_PROTOS | |
137 | |
138 #endif /* _SECMIME_H_ */ |