andre@0: /* This Source Code Form is subject to the terms of the Mozilla Public andre@0: * License, v. 2.0. If a copy of the MPL was not distributed with this andre@0: * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ andre@0: andre@0: #ifndef NSSPKIT_H andre@0: #define NSSPKIT_H andre@0: andre@0: /* andre@0: * nsspkit.h andre@0: * andre@0: * This file defines the types of the top-level PKI objects. andre@0: */ andre@0: andre@0: #ifndef NSSBASET_H andre@0: #include "nssbaset.h" andre@0: #endif /* NSSBASET_H */ andre@0: andre@0: PR_BEGIN_EXTERN_C andre@0: andre@0: /* andre@0: * NSSCertificate andre@0: * andre@0: * This is the public representation of a Certificate. The certificate andre@0: * may be one found on a smartcard or other token, one decoded from data andre@0: * received as part of a protocol, one constructed from constituent andre@0: * parts, etc. Usually it is associated with ("in") a trust domain; as andre@0: * it can be verified only within a trust domain. The underlying type andre@0: * of certificate may be of any supported standard, e.g. PKIX, PGP, etc. andre@0: * andre@0: * People speak of "verifying (with) the server's, or correspondant's, andre@0: * certificate"; for simple operations we support that simplification andre@0: * by implementing public-key crypto operations as methods on this type. andre@0: */ andre@0: andre@0: struct NSSCertificateStr; andre@0: typedef struct NSSCertificateStr NSSCertificate; andre@0: andre@0: /* andre@0: * NSSUserCertificate andre@0: * andre@0: * A ``User'' certificate is one for which the private key is available. andre@0: * People speak of "using my certificate to sign my email" and "using andre@0: * my certificate to authenticate to (or login to) the server"; for andre@0: * simple operations, we support that simplification by implementing andre@0: * private-key crypto operations as methods on this type. andre@0: * andre@0: * The current design only weakly distinguishes between certificates andre@0: * and user certificates: as far as the compiler goes they're andre@0: * interchangeable; debug libraries only have one common pointer-tracker; andre@0: * etc. However, attempts to do private-key operations on a certificate andre@0: * for which the private key is not available will fail. andre@0: * andre@0: * Open design question: should these types be more firmly separated? andre@0: */ andre@0: andre@0: typedef NSSCertificate NSSUserCertificate; andre@0: andre@0: /* andre@0: * NSSPrivateKey andre@0: * andre@0: * This is the public representation of a Private Key. In general, andre@0: * the actual value of the key is not available, but operations may andre@0: * be performed with it. andre@0: */ andre@0: andre@0: struct NSSPrivateKeyStr; andre@0: typedef struct NSSPrivateKeyStr NSSPrivateKey; andre@0: andre@0: /* andre@0: * NSSPublicKey andre@0: * andre@0: */ andre@0: andre@0: struct NSSPublicKeyStr; andre@0: typedef struct NSSPublicKeyStr NSSPublicKey; andre@0: andre@0: /* andre@0: * NSSSymmetricKey andre@0: * andre@0: */ andre@0: andre@0: struct NSSSymmetricKeyStr; andre@0: typedef struct NSSSymmetricKeyStr NSSSymmetricKey; andre@0: andre@0: /* andre@0: * NSSTrustDomain andre@0: * andre@0: * A Trust Domain is the field in which certificates may be validated. andre@0: * A trust domain will generally have one or more cryptographic modules andre@0: * open; these modules perform the cryptographic operations, and andre@0: * provide the basic "root" trust information from which the trust in andre@0: * a specific certificate or key depends. andre@0: * andre@0: * A client program, or a simple server, would typically have one andre@0: * trust domain. A server supporting multiple "virtual servers" might andre@0: * have a separate trust domain for each virtual server. The separate andre@0: * trust domains might share some modules (e.g., a hardware crypto andre@0: * accelerator) but not others (e.g., the tokens storing the different andre@0: * servers' private keys, or the databases with each server's trusted andre@0: * root certificates). andre@0: * andre@0: * This object descends from the "permananet database" in the old code. andre@0: */ andre@0: andre@0: struct NSSTrustDomainStr; andre@0: typedef struct NSSTrustDomainStr NSSTrustDomain; andre@0: andre@0: /* andre@0: * NSSCryptoContext andre@0: * andre@0: * A Crypto Context is a short-term, "helper" object which is used andre@0: * for the lifetime of one ongoing "crypto operation." Such an andre@0: * operation may be the creation of a signed message, the use of an andre@0: * TLS socket connection, etc. Each crypto context is "in" a andre@0: * specific trust domain, and it may have associated with it a andre@0: * distinguished certificate, public key, private key, and/or andre@0: * symmetric key. It can also temporarily hold and use temporary andre@0: * data (e.g. intermediate certificates) which is not stored andre@0: * permanently in the trust domain. andre@0: * andre@0: * In OO terms, this interface inherits interfaces from the trust andre@0: * domain, the certificates, and the keys. It also provides andre@0: * streaming crypto operations. andre@0: * andre@0: * This object descends from the "temporary database" concept in the andre@0: * old code, but it has changed a lot as a result of what we've andre@0: * learned. andre@0: */ andre@0: andre@0: typedef struct NSSCryptoContextStr NSSCryptoContext; andre@0: andre@0: /* andre@0: * fgmr others andre@0: */ andre@0: andre@0: /* andre@0: * OBJECT IDENTIFIER andre@0: * andre@0: * This is the basic OID that crops up everywhere. andre@0: */ andre@0: andre@0: struct NSSOIDStr; /* unused opaque structure */ andre@0: typedef struct NSSOIDStr NSSOID; andre@0: andre@0: /* andre@0: * NSSTime andre@0: * andre@0: * Unfortunately, we need an "exceptional" value to indicate andre@0: * an error upon return, or "no value" on input. Note that zero andre@0: * is a perfectly valid value for both time_t and PRTime. andre@0: * andre@0: * If we were to create a "range" object, with two times for andre@0: * Not Before and Not After, we would have an obvious place for andre@0: * the somewhat arbitrary logic involved in comparing them. andre@0: * andre@0: * Failing that, let's have an NSSTime_CompareRanges function. andre@0: */ andre@0: andre@0: struct NSSTimeStr; andre@0: typedef struct NSSTimeStr NSSTime; andre@0: andre@0: struct NSSTrustStr; andre@0: typedef struct NSSTrustStr NSSTrust; andre@0: andre@0: /* andre@0: * NSSUsage andre@0: * andre@0: * This is trickier than originally planned; I'll write up a andre@0: * doc on it. andre@0: * andre@0: * We'd still like nsspki.h to have a list of common usages, andre@0: * e.g.: andre@0: * andre@0: * extern const NSSUsage *NSSUsage_ClientAuth; andre@0: * extern const NSSUsage *NSSUsage_ServerAuth; andre@0: * extern const NSSUsage *NSSUsage_SignEmail; andre@0: * extern const NSSUsage *NSSUsage_EncryptEmail; andre@0: * etc. andre@0: */ andre@0: andre@0: struct NSSUsageStr; andre@0: typedef struct NSSUsageStr NSSUsage; andre@0: andre@0: /* andre@0: * NSSPolicies andre@0: * andre@0: * Placeholder, for now. andre@0: */ andre@0: andre@0: struct NSSPoliciesStr; andre@0: typedef struct NSSPoliciesStr NSSPolicies; andre@0: andre@0: /* andre@0: * NSSAlgorithmAndParameters andre@0: * andre@0: * Algorithm is an OID andre@0: * Parameters depend on the algorithm andre@0: */ andre@0: andre@0: struct NSSAlgorithmAndParametersStr; andre@0: typedef struct NSSAlgorithmAndParametersStr NSSAlgorithmAndParameters; andre@0: andre@0: /* andre@0: * NSSCallback andre@0: * andre@0: * At minimum, a "challenge" method and a closure argument. andre@0: * Usually the challenge will just be prompting for a password. andre@0: * How OO do we want to make it? andre@0: */ andre@0: andre@0: typedef struct NSSCallbackStr NSSCallback; andre@0: andre@0: struct NSSCallbackStr { andre@0: /* Prompt for a password to initialize a slot. */ andre@0: PRStatus (* getInitPW)(NSSUTF8 *slotName, void *arg, andre@0: NSSUTF8 **ssoPW, NSSUTF8 **userPW); andre@0: /* Prompt for oldPW and newPW in order to change the andre@0: * password on a slot. andre@0: */ andre@0: PRStatus (* getNewPW)(NSSUTF8 *slotName, PRUint32 *retries, void *arg, andre@0: NSSUTF8 **oldPW, NSSUTF8 **newPW); andre@0: /* Prompt for slot password. */ andre@0: PRStatus (* getPW)(NSSUTF8 *slotName, PRUint32 *retries, void *arg, andre@0: NSSUTF8 **password); andre@0: void *arg; andre@0: }; andre@0: andre@0: /* set errors - user cancelled, ... */ andre@0: andre@0: typedef PRUint32 NSSOperations; andre@0: /* 1) Do we want these to be preprocessor definitions or constants? */ andre@0: /* 2) What is the correct and complete list? */ andre@0: andre@0: #define NSSOperations_ENCRYPT 0x0001 andre@0: #define NSSOperations_DECRYPT 0x0002 andre@0: #define NSSOperations_WRAP 0x0004 andre@0: #define NSSOperations_UNWRAP 0x0008 andre@0: #define NSSOperations_SIGN 0x0010 andre@0: #define NSSOperations_SIGN_RECOVER 0x0020 andre@0: #define NSSOperations_VERIFY 0x0040 andre@0: #define NSSOperations_VERIFY_RECOVER 0x0080 andre@0: andre@0: struct NSSPKIXCertificateStr; andre@0: andre@0: PR_END_EXTERN_C andre@0: andre@0: #endif /* NSSPKIT_H */