diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 09:22:09 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 09:22:09 +0000 |
commit | 43a97878ce14b72f0981164f87f2e35e14151312 (patch) | |
tree | 620249daf56c0258faa40cbdcf9cfba06de2a846 /security/nss/lib/jar/jar.h | |
parent | Initial commit. (diff) | |
download | firefox-upstream.tar.xz firefox-upstream.zip |
Adding upstream version 110.0.1.upstream/110.0.1upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'security/nss/lib/jar/jar.h')
-rw-r--r-- | security/nss/lib/jar/jar.h | 372 |
1 files changed, 372 insertions, 0 deletions
diff --git a/security/nss/lib/jar/jar.h b/security/nss/lib/jar/jar.h new file mode 100644 index 0000000000..8b0c26d955 --- /dev/null +++ b/security/nss/lib/jar/jar.h @@ -0,0 +1,372 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#ifndef __JAR_h_ +#define __JAR_h_ + +/* + * In general, any functions that return pointers + * have memory owned by the caller. + * + */ + +/* security includes */ +#include "cert.h" +#include "hasht.h" + +/* nspr 2.0 includes */ +#include "prio.h" + +#define ZHUGEP + +#include <stdio.h> + +/* various types */ + +typedef enum { + jarTypeMF = 2, + jarTypeSF = 3, + jarTypeMeta = 6, + jarTypePhy = 7, + jarTypeSign = 10, + jarTypeSect = 11, + jarTypeOwner = 13 +} jarType; + +/* void data in ZZList's contain JAR_Item type */ +typedef struct JAR_Item_ { + char *pathname; /* relative. inside zip file */ + jarType type; /* various types */ + size_t size; /* size of data below */ + void *data; /* totally opaque */ +} JAR_Item; + +/* hashes */ +typedef enum { + jarHashNone = 0, + jarHashBad = 1, + jarHashPresent = 2 +} jarHash; + +typedef struct JAR_Digest_ { + jarHash md5_status; + unsigned char md5[MD5_LENGTH]; + jarHash sha1_status; + unsigned char sha1[SHA1_LENGTH]; +} JAR_Digest; + +/* physical archive formats */ +typedef enum { + jarArchGuess = 0, + jarArchNone = 1, + jarArchZip = 2, + jarArchTar = 3 +} jarArch; + +#include "jar-ds.h" + +struct JAR_; + +typedef int jar_settable_callback_fn(int status, struct JAR_ *jar, + const char *metafile, char *pathname, + char *errortext); + +/* jar object */ +typedef struct JAR_ { + jarArch format; /* physical archive format */ + + char *url; /* Where it came from */ + char *filename; /* Disk location */ + FILE *fp; /* For multiple extractions */ + /* JAR_FILE */ + + /* various linked lists */ + ZZList *manifest; /* Digests of MF sections */ + ZZList *hashes; /* Digests of actual signed files */ + ZZList *phy; /* Physical layout of JAR file */ + ZZList *metainfo; /* Global metainfo */ + + JAR_Digest *globalmeta; /* digest of .MF global portion */ + + /* Below will change to a linked list to support multiple sigs */ + int pkcs7; /* Enforced opaqueness */ + int valid; /* PKCS7 signature validated */ + + ZZList *signers; /* the above, per signer */ + + /* Window context, very necessary for PKCS11 now */ + void *mw; /* MWContext window context */ + + /* Signal callback function */ + jar_settable_callback_fn *signal; +} JAR; + +/* + * Iterator + * + * Context for iterative operations. Certain operations + * require iterating multiple linked lists because of + * multiple signers. "nextsign" is used for this purpose. + * + */ +typedef struct JAR_Context_ { + JAR *jar; /* Jar we are searching */ + char *pattern; /* Regular expression */ + jarType finding; /* Type of item to find */ + ZZLink *next; /* Next item in find */ + ZZLink *nextsign; /* Next signer, sometimes */ +} JAR_Context; + +typedef struct JAR_Signer_ { + int pkcs7; /* Enforced opaqueness */ + int valid; /* PKCS7 signature validated */ + char *owner; /* name of .RSA file */ + JAR_Digest *digest; /* of .SF file */ + ZZList *sf; /* Linked list of .SF file contents */ + ZZList *certs; /* Signing information */ +} JAR_Signer; + +/* Meta informaton, or "policy", from the manifest file. + Right now just one tuple per JAR_Item. */ +typedef struct JAR_Metainfo_ { + char *header; + char *info; +} JAR_Metainfo; + +/* This should not be global */ +typedef struct JAR_Physical_ { + unsigned char compression; + unsigned long offset; + unsigned long length; + unsigned long uncompressed_length; +#if defined(XP_UNIX) + PRUint16 mode; +#endif +} JAR_Physical; + +typedef struct JAR_Cert_ { + size_t length; + void *key; + CERTCertificate *cert; +} JAR_Cert; + +/* certificate stuff */ +typedef enum { + jarCertCompany = 1, + jarCertCA = 2, + jarCertSerial = 3, + jarCertExpires = 4, + jarCertNickname = 5, + jarCertFinger = 6, + jarCertJavaHack = 100 +} jarCert; + +/* callback types */ +#define JAR_CB_SIGNAL 1 + +/* + * This is the base for the JAR error codes. It will + * change when these are incorporated into allxpstr.c, + * but right now they won't let me put them there. + * + */ +#ifndef SEC_ERR_BASE +#define SEC_ERR_BASE (-0x2000) +#endif + +#define JAR_BASE SEC_ERR_BASE + 300 + +/* Jar specific error definitions */ + +#define JAR_ERR_GENERAL (JAR_BASE + 1) +#define JAR_ERR_FNF (JAR_BASE + 2) +#define JAR_ERR_CORRUPT (JAR_BASE + 3) +#define JAR_ERR_MEMORY (JAR_BASE + 4) +#define JAR_ERR_DISK (JAR_BASE + 5) +#define JAR_ERR_ORDER (JAR_BASE + 6) +#define JAR_ERR_SIG (JAR_BASE + 7) +#define JAR_ERR_METADATA (JAR_BASE + 8) +#define JAR_ERR_ENTRY (JAR_BASE + 9) +#define JAR_ERR_HASH (JAR_BASE + 10) +#define JAR_ERR_PK7 (JAR_BASE + 11) +#define JAR_ERR_PNF (JAR_BASE + 12) + +/* Function declarations */ + +extern JAR *JAR_new(void); + +extern void PR_CALLBACK JAR_destroy(JAR *jar); + +extern char *JAR_get_error(int status); + +extern int JAR_set_callback(int type, JAR *jar, jar_settable_callback_fn *fn); + +extern void +JAR_init_callbacks(char *(*string_cb)(int), + void *(*find_cx)(void), + void *(*init_cx)(void)); + +/* + * JAR_set_context + * + * PKCS11 may require a password to be entered by the user + * before any crypto routines may be called. This will require + * a window context if used from inside Mozilla. + * + * Call this routine with your context before calling + * verifying or signing. If you have no context, call with NULL + * and one will be chosen for you. + * + */ +int JAR_set_context(JAR *jar, void /*MWContext*/ *mw); + +/* + * Iterative operations + * + * JAR_find sets up for repeated calls with JAR_find_next. + * I never liked findfirst and findnext, this is nicer. + * + * Pattern contains a relative pathname to match inside the + * archive. It is currently assumed to be "*". + * + * To use: + * + * JAR_Item *item; + * JAR_find (jar, "*.class", jarTypeMF); + * while (JAR_find_next (jar, &item) >= 0) + * { do stuff } + * + */ + +/* Replacement functions with an external context */ + +extern JAR_Context *JAR_find(JAR *jar, char *pattern, jarType type); + +extern int JAR_find_next(JAR_Context *ctx, JAR_Item **it); + +extern void JAR_find_end(JAR_Context *ctx); + +/* + * Function to parse manifest file: + * + * Many signatures may be attached to a single filename located + * inside the zip file. We only support one. + * + * Several manifests may be included in the zip file. + * + * You must pass the MANIFEST.MF file before any .SF files. + * + * Right now this returns a big ole list, privately in the jar structure. + * If you need to traverse it, use JAR_find if possible. + * + * The path is needed to determine what type of binary signature is + * being passed, though it is technically not needed for manifest files. + * + * When parsing an ASCII file, null terminate the ASCII raw_manifest + * prior to sending it, and indicate a length of 0. For binary digital + * signatures only, indicate the true length of the signature. + * (This is legacy behavior.) + * + * You may free the manifest after parsing it. + * + */ + +extern int +JAR_parse_manifest(JAR *jar, char *raw_manifest, long length, const char *path, + const char *url); + +/* + * Verify data (nonstreaming). The signature is actually + * checked by JAR_parse_manifest or JAR_pass_archive. + * + */ + +extern JAR_Digest *PR_CALLBACK +JAR_calculate_digest(void *data, long length); + +extern int PR_CALLBACK +JAR_verify_digest(JAR *jar, const char *name, JAR_Digest *dig); + +extern int +JAR_digest_file(char *filename, JAR_Digest *dig); + +/* + * Meta information + * + * Currently, since this call does not support passing of an owner + * (certificate, or physical name of the .sf file), it is restricted to + * returning information located in the manifest.mf file. + * + * Meta information is a name/value pair inside the archive file. Here, + * the name is passed in *header and value returned in **info. + * + * Pass a NULL as the name to retrieve metainfo from the global section. + * + * Data is returned in **info, of size *length. The return value + * will indicate if no data was found. + * + */ + +extern int +JAR_get_metainfo(JAR *jar, char *name, char *header, void **info, + unsigned long *length); + +extern char *JAR_get_filename(JAR *jar); + +extern char *JAR_get_url(JAR *jar); + +/* save the certificate with this fingerprint in persistent + storage, somewhere, for retrieval in a future session when there + is no corresponding JAR structure. */ +extern int PR_CALLBACK +JAR_stash_cert(JAR *jar, long keylen, void *key); + +/* retrieve a certificate presumably stashed with the above + function, but may be any certificate. Type is &CERTCertificate */ +CERTCertificate * +JAR_fetch_cert(long length, void *key); + +/* + * New functions to handle archives alone + * (call JAR_new beforehand) + * + * JAR_pass_archive acts much like parse_manifest. Certificates + * are returned in the JAR structure but as opaque data. When calling + * JAR_verified_extract you still need to decide which of these + * certificates to honor. + * + * Code to examine a JAR structure is in jarbert.c. You can obtain both + * a list of filenames and certificates from traversing the linked list. + * + */ +extern int +JAR_pass_archive(JAR *jar, jarArch format, char *filename, const char *url); + +/* + * Same thing, but don't check signatures + */ +extern int +JAR_pass_archive_unverified(JAR *jar, jarArch format, char *filename, + const char *url); + +/* + * Extracts a relative pathname from the archive and places it + * in the filename specified. + * + * Call JAR_set_nailed if you want to keep the file descriptors + * open between multiple calls to JAR_verify_extract. + * + */ +extern int +JAR_verified_extract(JAR *jar, char *path, char *outpath); + +/* + * JAR_extract does no crypto checking. This can be used if you + * need to extract a manifest file or signature, etc. + * + */ +extern int +JAR_extract(JAR *jar, char *path, char *outpath); + +#endif /* __JAR_h_ */ |