Back to index

lightning-sunbird  0.9+nobinonly
certdb.h
Go to the documentation of this file.
00001 /* ***** BEGIN LICENSE BLOCK *****
00002  * Version: MPL 1.1/GPL 2.0/LGPL 2.1
00003  *
00004  * The contents of this file are subject to the Mozilla Public License Version
00005  * 1.1 (the "License"); you may not use this file except in compliance with
00006  * the License. You may obtain a copy of the License at
00007  * http://www.mozilla.org/MPL/
00008  *
00009  * Software distributed under the License is distributed on an "AS IS" basis,
00010  * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
00011  * for the specific language governing rights and limitations under the
00012  * License.
00013  *
00014  * The Original Code is the Netscape security libraries.
00015  *
00016  * The Initial Developer of the Original Code is
00017  * Netscape Communications Corporation.
00018  * Portions created by the Initial Developer are Copyright (C) 1994-2000
00019  * the Initial Developer. All Rights Reserved.
00020  *
00021  * Contributor(s):
00022  *
00023  * Alternatively, the contents of this file may be used under the terms of
00024  * either the GNU General Public License Version 2 or later (the "GPL"), or
00025  * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
00026  * in which case the provisions of the GPL or the LGPL are applicable instead
00027  * of those above. If you wish to allow use of your version of this file only
00028  * under the terms of either the GPL or the LGPL, and not to allow others to
00029  * use your version of this file under the terms of the MPL, indicate your
00030  * decision by deleting the provisions above and replace them with the notice
00031  * and other provisions required by the GPL or the LGPL. If you do not delete
00032  * the provisions above, a recipient may use your version of this file under
00033  * the terms of any one of the MPL, the GPL or the LGPL.
00034  *
00035  * ***** END LICENSE BLOCK ***** */
00036 
00037 #ifndef _CERTDB_H_
00038 #define _CERTDB_H_
00039 
00040 
00041 /* common flags for all types of certificates */
00042 #define CERTDB_VALID_PEER   (1<<0)
00043 #define CERTDB_TRUSTED             (1<<1)
00044 #define CERTDB_SEND_WARN    (1<<2)
00045 #define CERTDB_VALID_CA            (1<<3)
00046 #define CERTDB_TRUSTED_CA   (1<<4) /* trusted for issuing server certs */
00047 #define CERTDB_NS_TRUSTED_CA       (1<<5)
00048 #define CERTDB_USER         (1<<6)
00049 #define CERTDB_TRUSTED_CLIENT_CA (1<<7) /* trusted for issuing client certs */
00050 #define CERTDB_INVISIBLE_CA (1<<8) /* don't show in UI */
00051 #define CERTDB_GOVT_APPROVED_CA    (1<<9) /* can do strong crypto in export ver */
00052 
00053 
00054 SEC_BEGIN_PROTOS
00055 
00056 CERTSignedCrl *
00057 SEC_FindCrlByKey(CERTCertDBHandle *handle, SECItem *crlKey, int type);
00058 
00059 CERTSignedCrl *
00060 SEC_FindCrlByName(CERTCertDBHandle *handle, SECItem *crlKey, int type);
00061 
00062 CERTSignedCrl *
00063 SEC_FindCrlByDERCert(CERTCertDBHandle *handle, SECItem *derCrl, int type);
00064 
00065 PRBool
00066 SEC_CertNicknameConflict(char *nickname, SECItem *derSubject,
00067                       CERTCertDBHandle *handle);
00068 CERTSignedCrl *
00069 SEC_NewCrl(CERTCertDBHandle *handle, char *url, SECItem *derCrl, int type);
00070 
00071 SECStatus
00072 SEC_DeletePermCRL(CERTSignedCrl *crl);
00073 
00074 
00075 SECStatus
00076 SEC_LookupCrls(CERTCertDBHandle *handle, CERTCrlHeadNode **nodes, int type);
00077 
00078 SECStatus 
00079 SEC_DestroyCrl(CERTSignedCrl *crl);
00080 
00081 CERTSignedCrl* SEC_DupCrl(CERTSignedCrl* acrl);
00082 
00083 SECStatus
00084 CERT_AddTempCertToPerm(CERTCertificate *cert, char *nickname,
00085                      CERTCertTrust *trust);
00086 
00087 SECStatus SEC_DeletePermCertificate(CERTCertificate *cert);
00088 
00089 PRBool
00090 SEC_CrlIsNewer(CERTCrl *inNew, CERTCrl *old);
00091 
00092 SECCertTimeValidity
00093 SEC_CheckCrlTimes(CERTCrl *crl, PRTime t);
00094 
00095 #ifdef notdef
00096 /*
00097 ** Add a DER encoded certificate to the permanent database.
00098 **     "derCert" is the DER encoded certificate.
00099 **     "nickname" is the nickname to use for the cert
00100 **     "trust" is the trust parameters for the cert
00101 */
00102 SECStatus SEC_AddPermCertificate(PCERTCertDBHandle *handle, SECItem *derCert,
00103                             char *nickname, PCERTCertTrust *trust);
00104 
00105 certDBEntryCert *
00106 SEC_FindPermCertByKey(PCERTCertDBHandle *handle, SECItem *certKey);
00107 
00108 certDBEntryCert
00109 *SEC_FindPermCertByName(PCERTCertDBHandle *handle, SECItem *name);
00110 
00111 SECStatus SEC_OpenPermCertDB(PCERTCertDBHandle *handle,
00112                           PRBool readOnly,
00113                           PCERTDBNameFunc namecb,
00114                           void *cbarg);
00115 
00116 
00117 typedef SECStatus (PR_CALLBACK * PermCertCallback)(PCERTCertificate *cert,
00118                                                    SECItem *k, void *pdata);
00119 /*
00120 ** Traverse the entire permanent database, and pass the certs off to a
00121 ** user supplied function.
00122 **     "certfunc" is the user function to call for each certificate
00123 **     "udata" is the user's data, which is passed through to "certfunc"
00124 */
00125 SECStatus
00126 PCERT_TraversePermCerts(PCERTCertDBHandle *handle,
00127                     PermCertCallback certfunc,
00128                     void *udata );
00129 
00130 SECStatus
00131 SEC_AddTempNickname(PCERTCertDBHandle *handle, char *nickname, SECItem *certKey);
00132 
00133 SECStatus
00134 SEC_DeleteTempNickname(PCERTCertDBHandle *handle, char *nickname);
00135 
00136 
00137 PRBool
00138 SEC_CertDBKeyConflict(SECItem *derCert, PCERTCertDBHandle *handle);
00139 
00140 SECStatus
00141 SEC_GetCrlTimes(PCERTCrl *dates, PRTime *notBefore, PRTime *notAfter);
00142 
00143 PCERTSignedCrl *
00144 SEC_AddPermCrlToTemp(PCERTCertDBHandle *handle, certDBEntryRevocation *entry);
00145 
00146 SECStatus
00147 SEC_DeleteTempCrl(PCERTSignedCrl *crl);
00148 
00149 
00150 SECStatus
00151 SEC_CheckKRL(PCERTCertDBHandle *handle,SECKEYLowPublicKey *key,
00152             PCERTCertificate *rootCert, int64 t, void *wincx);
00153 
00154 SECStatus
00155 SEC_CheckCRL(PCERTCertDBHandle *handle,PCERTCertificate *cert,
00156             PCERTCertificate *caCert, int64 t, void *wincx);
00157 
00158 SECStatus
00159 SEC_CrlReplaceUrl(PCERTSignedCrl *crl,char *url);
00160 
00161 /* Compare two certificate validity structures and return which cert should be
00162 ** preferred, based first on newer notAfter, then on newer notBefore.
00163 */
00164 CERTCompareValidityStatus
00165 CERT_CompareValidityTimes(CERTValidity* val_a, CERTValidity* val_b);
00166 
00167 #endif
00168 
00169 SEC_END_PROTOS
00170 
00171 #endif /* _CERTDB_H_ */