1 /* This Source Code Form is subject to the terms of the Mozilla Public
2  * License, v. 2.0. If a copy of the MPL was not distributed with this
3  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4 
5 #ifndef _CRLGEN_H_
6 #define _CRLGEN_H_
7 
8 #include "prio.h"
9 #include "prprf.h"
10 #include "plhash.h"
11 #include "seccomon.h"
12 #include "certt.h"
13 #include "secoidt.h"
14 
15 #define CRLGEN_UNKNOWN_CONTEXT 0
16 #define CRLGEN_ISSUER_CONTEXT 1
17 #define CRLGEN_UPDATE_CONTEXT 2
18 #define CRLGEN_NEXT_UPDATE_CONTEXT 3
19 #define CRLGEN_ADD_EXTENSION_CONTEXT 4
20 #define CRLGEN_ADD_CERT_CONTEXT 6
21 #define CRLGEN_CHANGE_RANGE_CONTEXT 7
22 #define CRLGEN_RM_CERT_CONTEXT 8
23 
24 #define CRLGEN_TYPE_DATE 0
25 #define CRLGEN_TYPE_ZDATE 1
26 #define CRLGEN_TYPE_DIGIT 2
27 #define CRLGEN_TYPE_DIGIT_RANGE 3
28 #define CRLGEN_TYPE_OID 4
29 #define CRLGEN_TYPE_STRING 5
30 #define CRLGEN_TYPE_ID 6
31 
32 typedef struct CRLGENGeneratorDataStr CRLGENGeneratorData;
33 typedef struct CRLGENEntryDataStr CRLGENEntryData;
34 typedef struct CRLGENExtensionEntryStr CRLGENExtensionEntry;
35 typedef struct CRLGENCertEntrySrt CRLGENCertEntry;
36 typedef struct CRLGENCrlFieldStr CRLGENCrlField;
37 typedef struct CRLGENEntriesSortedDataStr CRLGENEntriesSortedData;
38 
39 /* Exported functions */
40 
41 /* Used for initialization of extension handles for crl and certs
42  * extensions from existing CRL data then modifying existing CRL.*/
43 extern SECStatus CRLGEN_ExtHandleInit(CRLGENGeneratorData *crlGenData);
44 
45 /* Commits all added entries and their's extensions into CRL. */
46 extern SECStatus CRLGEN_CommitExtensionsAndEntries(CRLGENGeneratorData *crlGenData);
47 
48 /* Lunches the crl generation script parse */
49 extern SECStatus CRLGEN_StartCrlGen(CRLGENGeneratorData *crlGenData);
50 
51 /* Closes crl generation script file and frees crlGenData */
52 extern void CRLGEN_FinalizeCrlGeneration(CRLGENGeneratorData *crlGenData);
53 
54 /* Parser initialization function. Creates CRLGENGeneratorData structure
55  *  for the current thread */
56 extern CRLGENGeneratorData *CRLGEN_InitCrlGeneration(CERTSignedCrl *newCrl,
57                                                      PRFileDesc *src);
58 
59 /* This lock is defined in crlgen_lex.c(derived from crlgen_lex.l).
60  * It controls access to invocation of yylex, allows to parse one
61  * script at a time */
62 extern void CRLGEN_InitCrlGenParserLock();
63 extern void CRLGEN_DestroyCrlGenParserLock();
64 
65 /* The following function types are used to define functions for each of
66  * CRLGENExtensionEntryStr, CRLGENCertEntrySrt, CRLGENCrlFieldStr to
67  * provide functionality needed for these structures*/
68 typedef SECStatus updateCrlFn_t(CRLGENGeneratorData *crlGenData, void *str);
69 typedef SECStatus setNextDataFn_t(CRLGENGeneratorData *crlGenData, void *str,
70                                   void *data, unsigned short dtype);
71 typedef SECStatus createNewLangStructFn_t(CRLGENGeneratorData *crlGenData,
72                                           void *str, unsigned i);
73 
74 /* Sets reports failure to parser if anything goes wrong */
75 extern void crlgen_setFailure(CRLGENGeneratorData *str, char *);
76 
77 /* Collects data in to one of the current data structure that corresponds
78  * to the correct context type. This function gets called after each token
79  * is found for a particular line */
80 extern SECStatus crlgen_setNextData(CRLGENGeneratorData *str, void *data,
81                                     unsigned short dtype);
82 
83 /* initiates crl update with collected data. This function is called at the
84  * end of each line */
85 extern SECStatus crlgen_updateCrl(CRLGENGeneratorData *str);
86 
87 /* Creates new context structure depending on token that was parsed
88  * at the beginning of a line */
89 extern SECStatus crlgen_createNewLangStruct(CRLGENGeneratorData *str,
90                                             unsigned structType);
91 
92 /* CRLGENExtensionEntry is used to store addext request data for either
93  * CRL extensions or CRL entry extensions. The differentiation between
94  * is based on order and type of extension been added.
95  *    - extData : all data in request staring from name of the extension are
96  *                in saved here.
97  *    - nextUpdatedData: counter of elements added to extData
98  */
99 struct CRLGENExtensionEntryStr {
100     char **extData;
101     int nextUpdatedData;
102     updateCrlFn_t *updateCrlFn;
103     setNextDataFn_t *setNextDataFn;
104 };
105 
106 /* CRLGENCeryestEntry is used to store addcert request data
107  *   - certId : certificate id or range of certificate with dash as a delimiter
108  *              All certs from range will be inclusively added to crl
109  *   - revocationTime: revocation time of cert(s)
110  */
111 struct CRLGENCertEntrySrt {
112     char *certId;
113     char *revocationTime;
114     updateCrlFn_t *updateCrlFn;
115     setNextDataFn_t *setNextDataFn;
116 };
117 
118 /* CRLGENCrlField is used to store crl fields record like update time, next
119  * update time, etc.
120  *  - value: value of the parsed field data*/
121 struct CRLGENCrlFieldStr {
122     char *value;
123     updateCrlFn_t *updateCrlFn;
124     setNextDataFn_t *setNextDataFn;
125 };
126 
127 /* Can not create entries extension until completely done with parsing.
128  * Therefore need to keep joined data
129  *   - certId : serial number of certificate
130  *   - extHandle: head pointer to a list of extensions that belong to
131  *                 entry
132  *   - entry : CERTCrlEntry structure pointer*/
133 struct CRLGENEntryDataStr {
134     SECItem *certId;
135     void *extHandle;
136     CERTCrlEntry *entry;
137 };
138 
139 /* Crl generator/parser main structure. Keeps info regarding current state of
140  * parser(context, status), parser helper functions pointers, parsed data and
141  * generated data.
142  *  - contextId : current parsing context. Context in this parser environment
143  *                defines what type of crl operations parser is going through
144  *                in the current line of crl generation script.
145  *                setting or new cert or an extension addition, etc.
146  *  - createNewLangStructFn: pointer to top level function which creates
147  *                             data structures according contextId
148  *  - setNextDataFn : pointer to top level function which sets new parsed data
149  *                    in temporary structure
150  *  - updateCrlFn   : pointer to top level function which triggers actual
151  *                    crl update functions with gathered data
152  *  - union         : data union create according to contextId
153  *  - rangeFrom, rangeTo : holds last range in which certs was added
154  *  - newCrl        : pointer to CERTSignedCrl newly created crl
155  *  - crlExtHandle : pointer to crl extension handle
156  *  - entryDataHashTable: hash of CRLGENEntryData.
157  *                     key: cert serial number
158  *                     data: CRLGENEntryData pointer
159  *  - parserStatus  : current status of parser. Triggers parser to abort when
160  *                    set to SECFailure
161  *  - src : PRFileDesc structure pointer of crl generator config file
162  *  - parsedLineNum : currently parsing line. Keeping it to report errors */
163 struct CRLGENGeneratorDataStr {
164     unsigned short contextId;
165     CRLGENCrlField *crlField;
166     CRLGENCertEntry *certEntry;
167     CRLGENExtensionEntry *extensionEntry;
168     PRUint64 rangeFrom;
169     PRUint64 rangeTo;
170     CERTSignedCrl *signCrl;
171     void *crlExtHandle;
172     PLHashTable *entryDataHashTable;
173 
174     PRFileDesc *src;
175     int parsedLineNum;
176 };
177 
178 #endif /* _CRLGEN_H_ */
179