andre@0: /* This Source Code Form is subject to the terms of the Mozilla Public andre@0: * License, v. 2.0. If a copy of the MPL was not distributed with this andre@0: * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ andre@0: /* andre@0: * pkix_pl_cert.h andre@0: * andre@0: * Certificate Object Definitions andre@0: * andre@0: */ andre@0: andre@0: #ifndef _PKIX_PL_CERT_H andre@0: #define _PKIX_PL_CERT_H andre@0: andre@0: #include "pkix_pl_common.h" andre@0: andre@0: #ifdef __cplusplus andre@0: extern "C" { andre@0: #endif andre@0: andre@0: struct PKIX_PL_CertStruct { andre@0: CERTCertificate *nssCert; /* Must be the first field. The andre@0: * cert_NSSCertFromPKIXCert function in andre@0: * lib/certhigh/certvfypkix.c depends on andre@0: * this. */ andre@0: CERTGeneralName *nssSubjAltNames; andre@0: PLArenaPool *arenaNameConstraints; andre@0: PKIX_PL_X500Name *issuer; andre@0: PKIX_PL_X500Name *subject; andre@0: PKIX_List *subjAltNames; andre@0: PKIX_Boolean subjAltNamesAbsent; andre@0: PKIX_PL_OID *publicKeyAlgId; andre@0: PKIX_PL_PublicKey *publicKey; andre@0: PKIX_PL_BigInt *serialNumber; andre@0: PKIX_List *critExtOids; andre@0: PKIX_PL_ByteArray *subjKeyId; andre@0: PKIX_Boolean subjKeyIdAbsent; andre@0: PKIX_PL_ByteArray *authKeyId; andre@0: PKIX_Boolean authKeyIdAbsent; andre@0: PKIX_List *extKeyUsages; andre@0: PKIX_Boolean extKeyUsagesAbsent; andre@0: PKIX_PL_CertBasicConstraints *certBasicConstraints; andre@0: PKIX_Boolean basicConstraintsAbsent; andre@0: PKIX_List *certPolicyInfos; andre@0: PKIX_Boolean policyInfoAbsent; andre@0: PKIX_Boolean policyMappingsAbsent; andre@0: PKIX_List *certPolicyMappings; /* List of PKIX_PL_CertPolicyMap */ andre@0: PKIX_Boolean policyConstraintsProcessed; andre@0: PKIX_Int32 policyConstraintsExplicitPolicySkipCerts; andre@0: PKIX_Int32 policyConstraintsInhibitMappingSkipCerts; andre@0: PKIX_Boolean inhibitAnyPolicyProcessed; andre@0: PKIX_Int32 inhibitAnySkipCerts; andre@0: PKIX_PL_CertNameConstraints *nameConstraints; andre@0: PKIX_Boolean nameConstraintsAbsent; andre@0: PKIX_Boolean cacheFlag; andre@0: PKIX_CertStore *store; andre@0: PKIX_List *authorityInfoAccess; /* list of PKIX_PL_InfoAccess */ andre@0: PKIX_List *subjectInfoAccess; /* list of PKIX_PL_InfoAccess */ andre@0: PKIX_Boolean isUserTrustAnchor; andre@0: PKIX_List *crldpList; /* list of CRL DPs based on der in nssCert arena. andre@0: * Destruction is needed for pkix object and andre@0: * not for undelying der as it is a part andre@0: * nssCert arena. */ andre@0: }; andre@0: andre@0: /* see source file for function documentation */ andre@0: andre@0: PKIX_Error * andre@0: pkix_pl_Cert_RegisterSelf(void *plContext); andre@0: andre@0: PKIX_Error * andre@0: pkix_pl_Cert_CreateWithNSSCert( andre@0: CERTCertificate *nssCert, andre@0: PKIX_PL_Cert **pCert, andre@0: void *plContext); andre@0: andre@0: PKIX_Error * andre@0: pkix_pl_Cert_CreateToList( andre@0: SECItem *derCertItem, andre@0: PKIX_List *certList, andre@0: void *plContext); andre@0: andre@0: PKIX_Error * andre@0: pkix_pl_Cert_CheckSubjectAltNameConstraints( andre@0: PKIX_PL_Cert *cert, andre@0: PKIX_PL_CertNameConstraints *nameConstraints, andre@0: PKIX_Boolean matchAll, andre@0: void *plContext); andre@0: andre@0: PKIX_Error * andre@0: pkix_pl_Cert_ToString_Helper( andre@0: PKIX_PL_Cert *cert, andre@0: PKIX_Boolean partialString, andre@0: PKIX_PL_String **pString, andre@0: void *plContext); andre@0: andre@0: PKIX_Error * andre@0: pkix_pl_Cert_CheckExtendedKeyUsage( andre@0: PKIX_PL_Cert *cert, andre@0: PKIX_UInt32 requiredExtendedKeyUsages, andre@0: PKIX_Boolean *pPass, andre@0: void *plContext); andre@0: andre@0: #ifdef __cplusplus andre@0: } andre@0: #endif andre@0: andre@0: #endif /* _PKIX_PL_CERT_H */