From 26a029d407be480d791972afb5975cf62c9360a6 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Fri, 19 Apr 2024 02:47:55 +0200 Subject: Adding upstream version 124.0.1. Signed-off-by: Daniel Baumann --- .../nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_cert.h | 107 +++++++++++++++++++++ 1 file changed, 107 insertions(+) create mode 100644 security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_cert.h (limited to 'security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_cert.h') diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_cert.h b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_cert.h new file mode 100644 index 0000000000..56fe64228d --- /dev/null +++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_cert.h @@ -0,0 +1,107 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +/* + * pkix_pl_cert.h + * + * Certificate Object Definitions + * + */ + +#ifndef _PKIX_PL_CERT_H +#define _PKIX_PL_CERT_H + +#include "pkix_pl_common.h" + +#ifdef __cplusplus +extern "C" { +#endif + +struct PKIX_PL_CertStruct { + CERTCertificate *nssCert; /* Must be the first field. The + * cert_NSSCertFromPKIXCert function in + * lib/certhigh/certvfypkix.c depends on + * this. */ + CERTGeneralName *nssSubjAltNames; + PLArenaPool *arenaNameConstraints; + PKIX_PL_X500Name *issuer; + PKIX_PL_X500Name *subject; + PKIX_List *subjAltNames; + PKIX_Boolean subjAltNamesAbsent; + PKIX_PL_OID *publicKeyAlgId; + PKIX_PL_PublicKey *publicKey; + PKIX_PL_BigInt *serialNumber; + PKIX_List *critExtOids; + PKIX_PL_ByteArray *subjKeyId; + PKIX_Boolean subjKeyIdAbsent; + PKIX_PL_ByteArray *authKeyId; + PKIX_Boolean authKeyIdAbsent; + PKIX_List *extKeyUsages; + PKIX_Boolean extKeyUsagesAbsent; + PKIX_PL_CertBasicConstraints *certBasicConstraints; + PKIX_Boolean basicConstraintsAbsent; + PKIX_List *certPolicyInfos; + PKIX_Boolean policyInfoAbsent; + PKIX_Boolean policyMappingsAbsent; + PKIX_List *certPolicyMappings; /* List of PKIX_PL_CertPolicyMap */ + PKIX_Boolean policyConstraintsProcessed; + PKIX_Int32 policyConstraintsExplicitPolicySkipCerts; + PKIX_Int32 policyConstraintsInhibitMappingSkipCerts; + PKIX_Boolean inhibitAnyPolicyProcessed; + PKIX_Int32 inhibitAnySkipCerts; + PKIX_PL_CertNameConstraints *nameConstraints; + PKIX_Boolean nameConstraintsAbsent; + PKIX_Boolean cacheFlag; + PKIX_CertStore *store; + PKIX_List *authorityInfoAccess; /* list of PKIX_PL_InfoAccess */ + PKIX_List *subjectInfoAccess; /* list of PKIX_PL_InfoAccess */ + PKIX_Boolean isUserTrustAnchor; + PKIX_List *crldpList; /* list of CRL DPs based on der in nssCert arena. + * Destruction is needed for pkix object and + * not for undelying der as it is a part + * nssCert arena. */ +}; + +/* see source file for function documentation */ + +PKIX_Error * +pkix_pl_Cert_RegisterSelf(void *plContext); + +PKIX_Error * +pkix_pl_Cert_CreateWithNSSCert( + CERTCertificate *nssCert, + PKIX_PL_Cert **pCert, + void *plContext); + +PKIX_Error * +pkix_pl_Cert_CreateToList( + SECItem *derCertItem, + PKIX_List *certList, + void *plContext); + +PKIX_Error * +pkix_pl_Cert_CheckSubjectAltNameConstraints( + PKIX_PL_Cert *cert, + PKIX_PL_CertNameConstraints *nameConstraints, + PKIX_Boolean matchAll, + void *plContext); + +PKIX_Error * +pkix_pl_Cert_ToString_Helper( + PKIX_PL_Cert *cert, + PKIX_Boolean partialString, + PKIX_PL_String **pString, + void *plContext); + +PKIX_Error * +pkix_pl_Cert_CheckExtendedKeyUsage( + PKIX_PL_Cert *cert, + PKIX_UInt32 requiredExtendedKeyUsages, + PKIX_Boolean *pPass, + void *plContext); + +#ifdef __cplusplus +} +#endif + +#endif /* _PKIX_PL_CERT_H */ -- cgit v1.2.3