1 /* This Source Code Form is subject to the terms of the Mozilla Public
2  * License, v. 2.0. If a copy of the MPL was not distributed with this
3  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4 
5 #ifndef _P12T_H_
6 #define _P12T_H_
7 
8 #include "secoid.h"
9 #include "keythi.h"
10 #include "pkcs11.h"
11 #include "secpkcs7.h"
12 #include "secdig.h" /* for SGNDigestInfo */
13 #include "pkcs12t.h"
14 
15 #define SEC_PKCS12_VERSION 3
16 
17 /* structure declarations */
18 typedef struct sec_PKCS12PFXItemStr sec_PKCS12PFXItem;
19 typedef struct sec_PKCS12MacDataStr sec_PKCS12MacData;
20 typedef struct sec_PKCS12AuthenticatedSafeStr sec_PKCS12AuthenticatedSafe;
21 typedef struct sec_PKCS12SafeContentsStr sec_PKCS12SafeContents;
22 typedef struct sec_PKCS12SafeBagStr sec_PKCS12SafeBag;
23 typedef struct sec_PKCS12PKCS8ShroudedKeyBagStr sec_PKCS12PKCS8ShroudedKeyBag;
24 typedef struct sec_PKCS12CertBagStr sec_PKCS12CertBag;
25 typedef struct sec_PKCS12CRLBagStr sec_PKCS12CRLBag;
26 typedef struct sec_PKCS12SecretBag sec_PKCS12SecretBag;
27 typedef struct sec_PKCS12AttributeStr sec_PKCS12Attribute;
28 
29 struct sec_PKCS12CertBagStr {
30     /* what type of cert is stored? */
31     SECItem bagID;
32 
33     /* certificate information */
34     union {
35         SECItem x509Cert;
36         SECItem SDSICert;
37     } value;
38 };
39 
40 struct sec_PKCS12CRLBagStr {
41     /* what type of cert is stored? */
42     SECItem bagID;
43 
44     /* certificate information */
45     union {
46         SECItem x509CRL;
47     } value;
48 };
49 
50 struct sec_PKCS12SecretBag {
51     /* what type of secret? */
52     SECItem secretType;
53 
54     /* secret information.  ssshhhh be vewy vewy quiet. */
55     SECItem secretContent;
56 };
57 
58 struct sec_PKCS12AttributeStr {
59     SECItem attrType;
60     SECItem **attrValue;
61 };
62 
63 struct sec_PKCS12SafeBagStr {
64 
65     /* What type of bag are we using? */
66     SECItem safeBagType;
67 
68     /* Dependent upon the type of bag being used. */
69     union {
70         SECKEYPrivateKeyInfo *pkcs8KeyBag;
71         SECKEYEncryptedPrivateKeyInfo *pkcs8ShroudedKeyBag;
72         sec_PKCS12CertBag *certBag;
73         sec_PKCS12CRLBag *crlBag;
74         sec_PKCS12SecretBag *secretBag;
75         sec_PKCS12SafeContents *safeContents;
76     } safeBagContent;
77 
78     sec_PKCS12Attribute **attribs;
79 
80     /* used locally */
81     SECOidData *bagTypeTag;
82     PLArenaPool *arena;
83     unsigned int nAttribs;
84 
85     /* used for validation/importing */
86     PRBool problem, noInstall, validated, hasKey, unused, installed;
87     int error;
88 
89     PRBool swapUnicodeBytes;
90     PK11SlotInfo *slot;
91     SECItem *pwitem;
92     PRBool oldBagType;
93     SECPKCS12TargetTokenCAs tokenCAs;
94 };
95 
96 struct sec_PKCS12SafeContentsStr {
97     sec_PKCS12SafeBag **safeBags;
98     SECItem **encodedSafeBags;
99 
100     /* used locally */
101     PLArenaPool *arena;
102     unsigned int bagCount;
103 };
104 
105 struct sec_PKCS12MacDataStr {
106     SGNDigestInfo safeMac;
107     SECItem macSalt;
108     SECItem iter;
109 };
110 
111 struct sec_PKCS12PFXItemStr {
112 
113     SECItem version;
114 
115     /* Content type will either be Data (password integrity mode)
116      * or signedData (public-key integrity mode)
117      */
118     SEC_PKCS7ContentInfo *authSafe;
119     SECItem encodedAuthSafe;
120 
121     /* Only present in password integrity mode */
122     sec_PKCS12MacData macData;
123     SECItem encodedMacData;
124 };
125 
126 struct sec_PKCS12AuthenticatedSafeStr {
127     /* Content type will either be encryptedData (password privacy mode)
128      * or envelopedData (public-key privacy mode)
129      */
130     SEC_PKCS7ContentInfo **safes;
131     SECItem **encodedSafes;
132 
133     /* used locally */
134     unsigned int safeCount;
135     SECItem dummySafe;
136 };
137 
138 extern const SEC_ASN1Template sec_PKCS12PFXItemTemplate[];
139 extern const SEC_ASN1Template sec_PKCS12MacDataTemplate[];
140 extern const SEC_ASN1Template sec_PKCS12AuthenticatedSafeTemplate[];
141 extern const SEC_ASN1Template sec_PKCS12SafeContentsTemplate[];
142 extern const SEC_ASN1Template sec_PKCS12SafeContentsDecodeTemplate[];
143 extern const SEC_ASN1Template sec_PKCS12NestedSafeContentsDecodeTemplate[];
144 extern const SEC_ASN1Template sec_PKCS12CertBagTemplate[];
145 extern const SEC_ASN1Template sec_PKCS12CRLBagTemplate[];
146 extern const SEC_ASN1Template sec_PKCS12SecretBagTemplate[];
147 extern const SEC_ASN1Template sec_PKCS12PointerToCertBagTemplate[];
148 extern const SEC_ASN1Template sec_PKCS12PointerToCRLBagTemplate[];
149 extern const SEC_ASN1Template sec_PKCS12PointerToSecretBagTemplate[];
150 extern const SEC_ASN1Template sec_PKCS12PointerToSafeContentsTemplate[];
151 extern const SEC_ASN1Template sec_PKCS12AttributeTemplate[];
152 extern const SEC_ASN1Template sec_PKCS12PointerToContentInfoTemplate[];
153 extern const SEC_ASN1Template sec_PKCS12SafeBagTemplate[];
154 
155 #endif
156