andre@0: /* This Source Code Form is subject to the terms of the Mozilla Public andre@0: * License, v. 2.0. If a copy of the MPL was not distributed with this andre@0: * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ andre@0: /* andre@0: * This file defines functions associated with the PKIX_CertChainChecker type. andre@0: * andre@0: */ andre@0: andre@0: #ifndef _PKIX_CHECKER_H andre@0: #define _PKIX_CHECKER_H andre@0: andre@0: #include "pkixt.h" andre@0: andre@0: #ifdef __cplusplus andre@0: extern "C" { andre@0: #endif andre@0: andre@0: /* General andre@0: * andre@0: * Please refer to the libpkix Programmer's Guide for detailed information andre@0: * about how to use the libpkix library. Certain key warnings and notices from andre@0: * that document are repeated here for emphasis. andre@0: * andre@0: * All identifiers in this file (and all public identifiers defined in andre@0: * libpkix) begin with "PKIX_". Private identifiers only intended for use andre@0: * within the library begin with "pkix_". andre@0: * andre@0: * A function returns NULL upon success, and a PKIX_Error pointer upon failure. andre@0: * andre@0: * Unless otherwise noted, for all accessor (gettor) functions that return a andre@0: * PKIX_PL_Object pointer, callers should assume that this pointer refers to a andre@0: * shared object. Therefore, the caller should treat this shared object as andre@0: * read-only and should not modify this shared object. When done using the andre@0: * shared object, the caller should release the reference to the object by andre@0: * using the PKIX_PL_Object_DecRef function. andre@0: * andre@0: * While a function is executing, if its arguments (or anything referred to by andre@0: * its arguments) are modified, free'd, or destroyed, the function's behavior andre@0: * is undefined. andre@0: * andre@0: */ andre@0: andre@0: /* PKIX_CertChainChecker andre@0: * andre@0: * PKIX_CertChainCheckers provide a standard way for the caller to insert their andre@0: * own custom checks to validate certificates. This may be useful in many andre@0: * scenarios, including when the caller wishes to validate private certificate andre@0: * extensions. The CheckCallback allows custom certificate processing to take andre@0: * place. Additionally, a CertChainChecker can optionally maintain state andre@0: * between successive calls to the CheckCallback. This certChainCheckerState andre@0: * must be an Object (although any object type), allowing it to be andre@0: * reference-counted and allowing it to provide the standard Object functions andre@0: * (Equals, Hashcode, ToString, Compare, Duplicate). If the caller wishes andre@0: * their CertChainChecker to be used during chain building, their andre@0: * certChainCheckerState object must implement an appropriate Duplicate andre@0: * function. The builder uses this Duplicate function when backtracking. andre@0: * andre@0: * Once the caller has created a CertChainChecker object, the caller then andre@0: * specifies a CertChainChecker object in a ProcessingParams object andre@0: * and passes the ProcessingParams object to PKIX_ValidateChain or andre@0: * PKIX_BuildChain, which uses the objects to call the user's callback andre@0: * functions as needed during the validation or building process. andre@0: * andre@0: * A CertChainChecker may be presented certificates in the "reverse" direction andre@0: * (from trust anchor to target) or in the "forward" direction (from target to andre@0: * trust anchor). All CertChainCheckers must support "reverse checking", while andre@0: * support for "forward checking" is optional, but recommended. If "forward andre@0: * checking" is not supported, building chains may be much less efficient. The andre@0: * PKIX_CertChainChecker_IsForwardCheckingSupported function is used to andre@0: * determine whether forward checking is supported, and the andre@0: * PKIX_CertChainChecker_IsForwardDirectionExpected function is used to andre@0: * determine whether the CertChainChecker has been initialized to expect the andre@0: * certificates to be presented in the "forward" direction. andre@0: */ andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_CertChainChecker_CheckCallback andre@0: * DESCRIPTION: andre@0: * andre@0: * This callback function checks whether the specified Cert pointed to by andre@0: * "cert" is valid using "checker's" internal certChainCheckerState (if any) andre@0: * and removes the critical extensions that it processes (if any) from the andre@0: * List of OIDs (possibly empty) pointed to by "unresolvedCriticalExtensions". andre@0: * If the checker finds that the certificate is not valid, an Error pointer is andre@0: * returned. andre@0: * andre@0: * If the checker uses non-blocking I/O, the address of a platform-dependent andre@0: * non-blocking I/O context ("nbioContext") will be stored at "pNBIOContext", andre@0: * which the caller may use, in a platform-dependent way, to wait, poll, or andre@0: * otherwise determine when to try again. If the checker does not use andre@0: * non-blocking I/O, NULL will always be stored at "pNBIOContext". If a non-NULL andre@0: * value was stored, on a subsequent call the checker will attempt to complete andre@0: * the pending I/O and, if successful, NULL will be stored at "pNBIOContext". andre@0: * andre@0: * PARAMETERS: andre@0: * "checker" andre@0: * Address of CertChainChecker whose certChainCheckerState and andre@0: * CheckCallback logic is to be used. Must be non-NULL. andre@0: * "cert" andre@0: * Address of Cert that is to be validated using "checker". andre@0: * Must be non-NULL. andre@0: * "unresolvedCriticalExtensions" andre@0: * Address of List of OIDs that represents the critical certificate andre@0: * extensions that have yet to be resolved. This parameter may be andre@0: * modified during the function call. Must be non-NULL. andre@0: * "pNBIOContext" andre@0: * Address at which is stored a platform-dependent structure indicating andre@0: * whether checking was suspended for non-blocking I/O. Must be non-NULL. andre@0: * "plContext" andre@0: * Platform-specific context pointer. andre@0: * THREAD SAFETY: andre@0: * Thread Safe andre@0: * andre@0: * Multiple threads must be able to safely call this function without andre@0: * worrying about conflicts, even if they're operating on the same object. andre@0: * RETURNS: andre@0: * Returns NULL if the function succeeds. andre@0: * Returns a CertChainChecker Error if the function fails in a non-fatal way. andre@0: * Returns a Fatal Error if the function fails in an unrecoverable way. andre@0: */ andre@0: typedef PKIX_Error * andre@0: (*PKIX_CertChainChecker_CheckCallback)( andre@0: PKIX_CertChainChecker *checker, andre@0: PKIX_PL_Cert *cert, andre@0: PKIX_List *unresolvedCriticalExtensions, /* list of PKIX_PL_OID */ andre@0: void **pNBIOContext, andre@0: void *plContext); andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_CertChainChecker_Create andre@0: * DESCRIPTION: andre@0: * andre@0: * Creates a new CertChainChecker and stores it at "pChecker". The new andre@0: * CertChainChecker uses the CheckCallback pointed to by "callback" as its andre@0: * callback function. It uses the Object pointed to by "initialState" (if andre@0: * any) as its initial state. As noted above, the initial state Object must andre@0: * provide a custom implementation of PKIX_PL_Object_Duplicate if the andre@0: * CertChainChecker is to be used during certificate chain building. andre@0: * andre@0: * A CertChainChecker may be presented certificates in the "reverse" andre@0: * direction (from trust anchor to target) or in the "forward" direction andre@0: * (from target to trust anchor). All CertChainCheckers must support andre@0: * "reverse checking", while support for "forward checking" is optional. The andre@0: * CertChainChecker is initialized with two Boolean flags that deal with this andre@0: * distinction: "forwardCheckingSupported" and "forwardDirectionExpected". andre@0: * If the "forwardCheckingSupported" Boolean flag is TRUE, it indicates that andre@0: * this CertChainChecker is capable of checking certificates in the "forward" andre@0: * direction (as well as the "reverse" direction, which all CertChainCheckers andre@0: * MUST support). The "forwardDirectionExpected" Boolean flag indicates in andre@0: * which direction the CertChainChecker should expect the certificates to be andre@0: * presented. This is particularly useful for CertChainCheckers that are andre@0: * capable of checking in either the "forward" direction or the "reverse" andre@0: * direction, but have different processing steps depending on the direction. andre@0: * andre@0: * The CertChainChecker also uses the List of OIDs pointed to by "extensions" andre@0: * as the supported certificate extensions. All certificate extensions that andre@0: * the CertChainChecker might possibly recognize and be able to process andre@0: * should be included in the List of supported extensions. If "checker" does andre@0: * not recognize or process any certificate extensions, "extensions" should andre@0: * be set to NULL. andre@0: * andre@0: * PARAMETERS: andre@0: * "callback" andre@0: * The CheckCallback function to be used. Must be non-NULL. andre@0: * "forwardCheckingSupported" andre@0: * A Boolean value indicating whether or not this CertChainChecker is andre@0: * capable of checking certificates in the "forward" direction. andre@0: * "forwardDirectionExpected" andre@0: * A Boolean value indicating whether or not this CertChainChecker should andre@0: * be used to check in the "forward" direction. andre@0: * "extensions" andre@0: * Address of List of OIDs representing the supported extensions. andre@0: * "initialState" andre@0: * Address of Object representing the CertChainChecker's initial state andre@0: * (if any). andre@0: * "pChecker" andre@0: * Address where object pointer will be stored. Must be non-NULL. andre@0: * "plContext" andre@0: * Platform-specific context pointer. andre@0: * THREAD SAFETY: andre@0: * Thread Safe (see Thread Safety Definitions in Programmer's Guide) andre@0: * RETURNS: andre@0: * Returns NULL if the function succeeds. andre@0: * Returns a CertChainChecker Error if the function fails in a non-fatal way. andre@0: * Returns a Fatal Error if the function fails in an unrecoverable way. andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_CertChainChecker_Create( andre@0: PKIX_CertChainChecker_CheckCallback callback, andre@0: PKIX_Boolean forwardCheckingSupported, andre@0: PKIX_Boolean forwardDirectionExpected, andre@0: PKIX_List *extensions, /* list of PKIX_PL_OID */ andre@0: PKIX_PL_Object *initialState, andre@0: PKIX_CertChainChecker **pChecker, andre@0: void *plContext); andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_CertChainChecker_GetCheckCallback andre@0: * DESCRIPTION: andre@0: * andre@0: * Retrieves a pointer to "checker's" Check callback function and puts it in andre@0: * "pCallback". andre@0: * andre@0: * PARAMETERS: andre@0: * "checker" andre@0: * The CertChainChecker whose Check callback is desired. Must be non-NULL. andre@0: * "pCallback" andre@0: * Address where Check callback function pointer will be stored. andre@0: * Must be non-NULL. andre@0: * "plContext" andre@0: * Platform-specific context pointer. andre@0: * THREAD SAFETY: andre@0: * Thread Safe (see Thread Safety Definitions in Programmer's Guide) andre@0: * RETURNS: andre@0: * Returns NULL if the function succeeds. andre@0: * Returns a CertChainChecker Error if the function fails in a non-fatal way. andre@0: * Returns a Fatal Error if the function fails in an unrecoverable way. andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_CertChainChecker_GetCheckCallback( andre@0: PKIX_CertChainChecker *checker, andre@0: PKIX_CertChainChecker_CheckCallback *pCallback, andre@0: void *plContext); andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_CertChainChecker_IsForwardCheckingSupported andre@0: * DESCRIPTION: andre@0: * andre@0: * Checks whether forward checking is supported by the CertChainChecker andre@0: * pointed to by "checker" and stores the Boolean result at andre@0: * "pForwardCheckingSupported". andre@0: * andre@0: * A CertChainChecker may be presented certificates in the "reverse" andre@0: * direction (from trust anchor to target) or in the "forward" direction andre@0: * (from target to trust anchor). All CertChainCheckers must support andre@0: * "reverse checking", while support for "forward checking" is optional. This andre@0: * function is used to determine whether forward checking is supported. andre@0: * andre@0: * PARAMETERS: andre@0: * "checker" andre@0: * The CertChainChecker whose ability to validate certificates in the andre@0: * "forward" direction is to be checked. Must be non-NULL. andre@0: * "pForwardCheckingSupported" andre@0: * Destination of the Boolean result. Must be non-NULL. andre@0: * "plContext" andre@0: * Platform-specific context pointer. andre@0: * THREAD SAFETY: andre@0: * Thread Safe (see Thread Safety Definitions in Programmer's Guide) andre@0: * RETURNS: andre@0: * Returns NULL if the function succeeds. andre@0: * Returns a CertChainChecker Error if the function fails in a non-fatal way. andre@0: * Returns a Fatal Error if the function fails in an unrecoverable way. andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_CertChainChecker_IsForwardCheckingSupported( andre@0: PKIX_CertChainChecker *checker, andre@0: PKIX_Boolean *pForwardCheckingSupported, andre@0: void *plContext); andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_CertChainChecker_IsForwardDirectionExpected andre@0: * DESCRIPTION: andre@0: * andre@0: * Checks whether the CertChainChecker pointed to by "checker" has been andre@0: * initialized to expect the certificates to be presented in the "forward" andre@0: * direction and stores the Boolean result at "pForwardDirectionExpected". andre@0: * andre@0: * A CertChainChecker may be presented certificates in the "reverse" andre@0: * direction (from trust anchor to target) or in the "forward" direction andre@0: * (from target to trust anchor). All CertChainCheckers must support andre@0: * "reverse checking", while support for "forward checking" is optional. This andre@0: * function is used to determine in which direction the CertChainChecker andre@0: * expects the certificates to be presented. andre@0: * andre@0: * PARAMETERS: andre@0: * "checker" andre@0: * The CertChainChecker that has been initialized to expect certificates andre@0: * in either the "forward" or "reverse" directions. Must be non-NULL. andre@0: * "pForwardDirectionExpected" andre@0: * Destination of the Boolean result. Must be non-NULL. andre@0: * "plContext" andre@0: * Platform-specific context pointer. andre@0: * THREAD SAFETY: andre@0: * Thread Safe (see Thread Safety Definitions in Programmer's Guide) andre@0: * RETURNS: andre@0: * Returns NULL if the function succeeds. andre@0: * Returns a CertChainChecker Error if the function fails in a non-fatal way. andre@0: * Returns a Fatal Error if the function fails in an unrecoverable way. andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_CertChainChecker_IsForwardDirectionExpected( andre@0: PKIX_CertChainChecker *checker, andre@0: PKIX_Boolean *pForwardDirectionExpected, andre@0: void *plContext); andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_CertChainChecker_GetSupportedExtensions andre@0: * DESCRIPTION: andre@0: * andre@0: * Retrieves a pointer to a List of OIDs (each OID corresponding to a andre@0: * certificate extension supported by the CertChainChecker pointed to by andre@0: * "checker") and stores it at "pExtensions". All certificate extensions that andre@0: * the CertChainChecker might possibly recognize and be able to process andre@0: * should be included in the List of supported extensions. If "checker" does andre@0: * not recognize or process any certificate extensions, this function stores andre@0: * NULL at "pExtensions". andre@0: * andre@0: * Note that the List returned by this function is immutable. andre@0: * andre@0: * PARAMETERS: andre@0: * "checker" andre@0: * Address of CertChainChecker whose supported extension OIDs are to be andre@0: * stored. Must be non-NULL. andre@0: * "pExtensions" andre@0: * Address where object pointer will be stored. Must be non-NULL. andre@0: * "plContext" andre@0: * Platform-specific context pointer. andre@0: * THREAD SAFETY: andre@0: * Thread Safe (see Thread Safety Definitions in Programmer's Guide) andre@0: * RETURNS: andre@0: * Returns NULL if the function succeeds. andre@0: * Returns a CertChainChecker Error if the function fails in a non-fatal way. andre@0: * Returns a Fatal Error if the function fails in an unrecoverable way. andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_CertChainChecker_GetSupportedExtensions( andre@0: PKIX_CertChainChecker *checker, andre@0: PKIX_List **pExtensions, /* list of PKIX_PL_OID */ andre@0: void *plContext); andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_CertChainChecker_GetCertChainCheckerState andre@0: * DESCRIPTION: andre@0: * andre@0: * Retrieves a pointer to a PKIX_PL_Object representing the internal state andre@0: * (if any) of the CertChainChecker pointed to by "checker" and stores it at andre@0: * "pCertChainCheckerState". andre@0: * andre@0: * PARAMETERS: andre@0: * "checker" andre@0: * Address of CertChainChecker whose state is to be stored. andre@0: * Must be non-NULL. andre@0: * "pCertChainCheckerState" andre@0: * Address where object pointer will be stored. Must be non-NULL. andre@0: * "plContext" andre@0: * Platform-specific context pointer. andre@0: * THREAD SAFETY: andre@0: * Conditionally Thread Safe andre@0: * (see Thread Safety Definitions in Programmer's Guide) andre@0: * RETURNS: andre@0: * Returns NULL if the function succeeds. andre@0: * Returns a CertChainChecker Error if the function fails in a non-fatal way. andre@0: * Returns a Fatal Error if the function fails in an unrecoverable way. andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_CertChainChecker_GetCertChainCheckerState( andre@0: PKIX_CertChainChecker *checker, andre@0: PKIX_PL_Object **pCertChainCheckerState, andre@0: void *plContext); andre@0: andre@0: /* andre@0: * FUNCTION: PKIX_CertChainChecker_SetCertChainCheckerState andre@0: * DESCRIPTION: andre@0: * andre@0: * Sets the internal state of the CertChainChecker pointed to by "checker" andre@0: * using the Object pointed to by "certChainCheckerState". If "checker" needs andre@0: * a NULL internal state, "certChainCheckerState" should be set to NULL. andre@0: * andre@0: * PARAMETERS: andre@0: * "checker" andre@0: * Address of CertChainChecker whose state is to be set. Must be non-NULL. andre@0: * "certChainCheckerState" andre@0: * Address of Object representing internal state. andre@0: * "plContext" andre@0: * Platform-specific context pointer. andre@0: * THREAD SAFETY: andre@0: * Not Thread Safe - assumes exclusive access to "checker" andre@0: * (see Thread Safety Definitions in Programmer's Guide) andre@0: * RETURNS: andre@0: * Returns NULL if the function succeeds. andre@0: * Returns a CertChainChecker Error if the function fails in a non-fatal way. andre@0: * Returns a Fatal Error if the function fails in an unrecoverable way. andre@0: */ andre@0: PKIX_Error * andre@0: PKIX_CertChainChecker_SetCertChainCheckerState( andre@0: PKIX_CertChainChecker *checker, andre@0: PKIX_PL_Object *certChainCheckerState, andre@0: void *plContext); andre@0: andre@0: #ifdef __cplusplus andre@0: } andre@0: #endif andre@0: andre@0: #endif /* _PKIX_CHECKER_H */