1
/* This Source Code Form is subject to the terms of the Mozilla Public
2
* License, v. 2.0. If a copy of the MPL was not distributed with this
3
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
14
#include "secdig.h" /* for SGNDigestInfo */
17
SECPKCS12TargetTokenNoCAs, /* CA get loaded intothe fixed token,
18
* User certs go to target token */
19
SECPKCS12TargetTokenIntermediateCAs, /* User certs and intermediates go to
20
* target token, root certs got to
22
SECPKCS12TargetTokenAllCAs /* All certs go to target token */
23
} SECPKCS12TargetTokenCAs;
25
/* PKCS12 Structures */
26
typedef struct SEC_PKCS12PFXItemStr SEC_PKCS12PFXItem;
27
typedef struct SEC_PKCS12MacDataStr SEC_PKCS12MacData;
28
typedef struct SEC_PKCS12AuthenticatedSafeStr SEC_PKCS12AuthenticatedSafe;
29
typedef struct SEC_PKCS12BaggageItemStr SEC_PKCS12BaggageItem;
30
typedef struct SEC_PKCS12BaggageStr SEC_PKCS12Baggage;
31
typedef struct SEC_PKCS12Baggage_OLDStr SEC_PKCS12Baggage_OLD;
32
typedef struct SEC_PKCS12ESPVKItemStr SEC_PKCS12ESPVKItem;
33
typedef struct SEC_PKCS12PVKSupportingDataStr SEC_PKCS12PVKSupportingData;
34
typedef struct SEC_PKCS12PVKAdditionalDataStr SEC_PKCS12PVKAdditionalData;
35
typedef struct SEC_PKCS12SafeContentsStr SEC_PKCS12SafeContents;
36
typedef struct SEC_PKCS12SafeBagStr SEC_PKCS12SafeBag;
37
typedef struct SEC_PKCS12PrivateKeyStr SEC_PKCS12PrivateKey;
38
typedef struct SEC_PKCS12PrivateKeyBagStr SEC_PKCS12PrivateKeyBag;
39
typedef struct SEC_PKCS12CertAndCRLBagStr SEC_PKCS12CertAndCRLBag;
40
typedef struct SEC_PKCS12CertAndCRLStr SEC_PKCS12CertAndCRL;
41
typedef struct SEC_PKCS12X509CertCRLStr SEC_PKCS12X509CertCRL;
42
typedef struct SEC_PKCS12SDSICertStr SEC_PKCS12SDSICert;
43
typedef struct SEC_PKCS12SecretStr SEC_PKCS12Secret;
44
typedef struct SEC_PKCS12SecretAdditionalStr SEC_PKCS12SecretAdditional;
45
typedef struct SEC_PKCS12SecretItemStr SEC_PKCS12SecretItem;
46
typedef struct SEC_PKCS12SecretBagStr SEC_PKCS12SecretBag;
48
typedef SECItem *(* SEC_PKCS12PasswordFunc)(SECItem *args);
52
/* stores shrouded keys */
53
struct SEC_PKCS12BaggageStr
56
SEC_PKCS12BaggageItem **bags;
58
int luggage_size; /* used locally */
61
/* additional data to be associated with keys. currently there
62
* is nothing defined to be stored here. allows future expansion.
64
struct SEC_PKCS12PVKAdditionalDataStr
67
SECOidData *pvkAdditionalTypeTag; /* used locally */
68
SECItem pvkAdditionalType;
69
SECItem pvkAdditionalContent;
72
/* cert and other supporting data for private keys. used
73
* for both shrouded and non-shrouded keys.
75
struct SEC_PKCS12PVKSupportingDataStr
78
SGNDigestInfo **assocCerts;
81
SEC_PKCS12PVKAdditionalData pvkAdditional;
82
SECItem pvkAdditionalDER;
89
/* shrouded key structure. supports only pkcs8 shrouding
92
struct SEC_PKCS12ESPVKItemStr
94
PLArenaPool *poolp; /* used locally */
95
SECOidData *espvkTag; /* used locally */
97
SEC_PKCS12PVKSupportingData espvkData;
100
SECKEYEncryptedPrivateKeyInfo *pkcs8KeyShroud;
103
PRBool duplicate; /* used locally */
104
PRBool problem_cert; /* used locally */
105
PRBool single_cert; /* used locally */
106
int nCerts; /* used locally */
107
SECItem derCert; /* used locally */
110
/* generic bag store for the safe. safeBagType identifies
111
* the type of bag stored.
113
struct SEC_PKCS12SafeBagStr
116
SECOidData *safeBagTypeTag; /* used locally */
120
SEC_PKCS12PrivateKeyBag *keyBag;
121
SEC_PKCS12CertAndCRLBag *certAndCRLBag;
122
SEC_PKCS12SecretBag *secretBag;
125
SECItem derSafeContent;
128
SECItem uniSafeBagName;
131
/* stores private keys and certificates in a list. each safebag
132
* has an ID identifying the type of content stored.
134
struct SEC_PKCS12SafeContentsStr
137
SEC_PKCS12SafeBag **contents;
139
/* used for tracking purposes */
143
PRBool possibleSwapUnicode;
146
/* private key structure which holds encrypted private key and
147
* supporting data including nickname and certificate thumbprint.
149
struct SEC_PKCS12PrivateKeyStr
152
SEC_PKCS12PVKSupportingData pvkData;
153
SECKEYPrivateKeyInfo pkcs8data; /* borrowed from PKCS 8 */
155
PRBool duplicate; /* used locally */
156
PRBool problem_cert;/* used locally */
157
PRBool single_cert; /* used locally */
158
int nCerts; /* used locally */
159
SECItem derCert; /* used locally */
162
/* private key bag, holds a (null terminated) list of private key
165
struct SEC_PKCS12PrivateKeyBagStr
168
SEC_PKCS12PrivateKey **privateKeys;
170
int bag_size; /* used locally */
173
/* container to hold certificates. currently supports x509
174
* and sdsi certificates
176
struct SEC_PKCS12CertAndCRLStr
179
SECOidData *BagTypeTag; /* used locally */
183
SEC_PKCS12X509CertCRL *x509;
184
SEC_PKCS12SDSICert *sdsi;
188
SECItem nickname; /* used locally */
189
PRBool duplicate; /* used locally */
192
/* x509 certificate structure. typically holds the der encoding
193
* of the x509 certificate. thumbprint contains a digest of the
196
struct SEC_PKCS12X509CertCRLStr
199
SEC_PKCS7ContentInfo certOrCRL;
200
SGNDigestInfo thumbprint;
202
SECItem *derLeafCert; /* used locally */
205
/* sdsi certificate structure. typically holds the der encoding
206
* of the sdsi certificate. thumbprint contains a digest of the
209
struct SEC_PKCS12SDSICertStr
213
SGNDigestInfo thumbprint;
216
/* contains a null terminated list of certs and crls */
217
struct SEC_PKCS12CertAndCRLBagStr
220
SEC_PKCS12CertAndCRL **certAndCRLs;
222
int bag_size; /* used locally */
225
/* additional secret information. currently no information
226
* stored in this structure.
228
struct SEC_PKCS12SecretAdditionalStr
231
SECOidData *secretTypeTag; /* used locally */
232
SECItem secretAdditionalType;
233
SECItem secretAdditionalContent;
236
/* secrets container. this will be used to contain currently
237
* unspecified secrets. (it's a secret)
239
struct SEC_PKCS12SecretStr
244
SEC_PKCS12SecretAdditional secretAdditional;
246
SECItem uniSecretName;
249
struct SEC_PKCS12SecretItemStr
252
SEC_PKCS12Secret secret;
253
SEC_PKCS12SafeBag subFolder;
256
/* a bag of secrets. holds a null terminated list of secrets.
258
struct SEC_PKCS12SecretBagStr
261
SEC_PKCS12SecretItem **secrets;
263
int bag_size; /* used locally */
266
struct SEC_PKCS12MacDataStr
268
SGNDigestInfo safeMac;
272
/* outer transfer unit */
273
struct SEC_PKCS12PFXItemStr
276
SEC_PKCS12MacData macData;
277
SEC_PKCS7ContentInfo authSafe;
279
/* for compatibility with beta */
281
SGNDigestInfo old_safeMac;
284
/* compatibility between platforms for unicode swapping */
288
struct SEC_PKCS12BaggageItemStr {
290
SEC_PKCS12ESPVKItem **espvks;
291
SEC_PKCS12SafeBag **unencSecrets;
297
/* stores shrouded keys */
298
struct SEC_PKCS12Baggage_OLDStr
301
SEC_PKCS12ESPVKItem **espvks;
303
int luggage_size; /* used locally */
306
/* authenticated safe, stores certs, keys, and shrouded keys */
307
struct SEC_PKCS12AuthenticatedSafeStr
311
SECOidData *transportTypeTag; /* local not part of encoding*/
312
SECItem transportMode;
314
SEC_PKCS12Baggage baggage;
315
SEC_PKCS7ContentInfo *safe;
317
/* used for beta compatibility */
320
SEC_PKCS12Baggage_OLD old_baggage;
321
SEC_PKCS7ContentInfo old_safe;
324
#define SEC_PKCS12_PFX_VERSION 1 /* what we create */
328
/* PKCS 12 Templates */
329
extern const SEC_ASN1Template SEC_PKCS12PFXItemTemplate_OLD[];
330
extern const SEC_ASN1Template SEC_PKCS12AuthenticatedSafeTemplate_OLD[];
331
extern const SEC_ASN1Template SEC_PKCS12BaggageTemplate_OLD[];
332
extern const SEC_ASN1Template SEC_PKCS12PFXItemTemplate[];
333
extern const SEC_ASN1Template SEC_PKCS12MacDataTemplate[];
334
extern const SEC_ASN1Template SEC_PKCS12AuthenticatedSafeTemplate[];
335
extern const SEC_ASN1Template SEC_PKCS12BaggageTemplate[];
336
extern const SEC_ASN1Template SEC_PKCS12ESPVKItemTemplate[];
337
extern const SEC_ASN1Template SEC_PKCS12PVKSupportingDataTemplate[];
338
extern const SEC_ASN1Template SEC_PKCS12PVKAdditionalTemplate[];
339
extern const SEC_ASN1Template SEC_PKCS12SafeContentsTemplate_OLD[];
340
extern const SEC_ASN1Template SEC_PKCS12SafeContentsTemplate[];
341
extern const SEC_ASN1Template SEC_PKCS12SafeBagTemplate[];
342
extern const SEC_ASN1Template SEC_PKCS12PrivateKeyTemplate[];
343
extern const SEC_ASN1Template SEC_PKCS12PrivateKeyBagTemplate[];
344
extern const SEC_ASN1Template SEC_PKCS12CertAndCRLTemplate[];
345
extern const SEC_ASN1Template SEC_PKCS12CertAndCRLBagTemplate[];
346
extern const SEC_ASN1Template SEC_PKCS12X509CertCRLTemplate_OLD[];
347
extern const SEC_ASN1Template SEC_PKCS12X509CertCRLTemplate[];
348
extern const SEC_ASN1Template SEC_PKCS12SDSICertTemplate[];
349
extern const SEC_ASN1Template SEC_PKCS12SecretBagTemplate[];
350
extern const SEC_ASN1Template SEC_PKCS12SecretTemplate[];
351
extern const SEC_ASN1Template SEC_PKCS12SecretItemTemplate[];
352
extern const SEC_ASN1Template SEC_PKCS12SecretAdditionalTemplate[];
353
extern const SEC_ASN1Template SGN_DigestInfoTemplate[];
354
extern const SEC_ASN1Template SEC_PointerToPKCS12KeyBagTemplate[];
355
extern const SEC_ASN1Template SEC_PointerToPKCS12CertAndCRLBagTemplate[];
356
extern const SEC_ASN1Template SEC_PointerToPKCS12CertAndCRLBagTemplate_OLD[];
357
extern const SEC_ASN1Template SEC_PointerToPKCS12SecretBagTemplate[];
358
extern const SEC_ASN1Template SEC_PointerToPKCS12X509CertCRLTemplate_OLD[];
359
extern const SEC_ASN1Template SEC_PointerToPKCS12X509CertCRLTemplate[];
360
extern const SEC_ASN1Template SEC_PointerToPKCS12SDSICertTemplate[];
361
extern const SEC_ASN1Template SEC_PKCS12CodedSafeBagTemplate[];
362
extern const SEC_ASN1Template SEC_PKCS12CodedCertBagTemplate[];
363
extern const SEC_ASN1Template SEC_PKCS12CodedCertAndCRLBagTemplate[];
364
extern const SEC_ASN1Template SEC_PKCS12PVKSupportingDataTemplate_OLD[];
365
extern const SEC_ASN1Template SEC_PKCS12ESPVKItemTemplate_OLD[];