pjs/security/nss/cmd/crlutil/crlgen.h

183 строки
7.2 KiB
C

#ifndef _CRLGEN_H_
#define _CRLGEN_H_
#include "prio.h"
#include "prprf.h"
#include "plhash.h"
#include "seccomon.h"
#include "certt.h"
#include "secoidt.h"
#define CRLGEN_UNKNOWN_CONTEXT 0
#define CRLGEN_ISSUER_CONTEXT 1
#define CRLGEN_UPDATE_CONTEXT 2
#define CRLGEN_NEXT_UPDATE_CONTEXT 3
#define CRLGEN_ADD_EXTENSION_CONTEXT 4
#define CRLGEN_ADD_CERT_CONTEXT 6
#define CRLGEN_CHANGE_RANGE_CONTEXT 7
#define CRLGEN_RM_CERT_CONTEXT 8
#define CRLGEN_TYPE_DATE 0
#define CRLGEN_TYPE_ZDATE 1
#define CRLGEN_TYPE_DIGIT 2
#define CRLGEN_TYPE_DIGIT_RANGE 3
#define CRLGEN_TYPE_OID 4
#define CRLGEN_TYPE_STRING 5
#define CRLGEN_TYPE_ID 6
typedef struct CRLGENGeneratorDataStr CRLGENGeneratorData;
typedef struct CRLGENEntryDataStr CRLGENEntryData;
typedef struct CRLGENExtensionEntryStr CRLGENExtensionEntry;
typedef struct CRLGENCertEntrySrt CRLGENCertEntry;
typedef struct CRLGENCrlFieldStr CRLGENCrlField;
typedef struct CRLGENEntriesSortedDataStr CRLGENEntriesSortedData;
/* Exported functions */
/* Used for initialization of extension handles for crl and certs
* extensions from existing CRL data then modifying existing CRL.*/
extern SECStatus CRLGEN_ExtHandleInit(CRLGENGeneratorData *crlGenData);
/* Commits all added entries and their's extensions into CRL. */
extern SECStatus CRLGEN_CommitExtensionsAndEntries(CRLGENGeneratorData *crlGenData);
/* Lunches the crl generation script parse */
extern SECStatus CRLGEN_StartCrlGen(CRLGENGeneratorData *crlGenData);
/* Closes crl generation script file and frees crlGenData */
extern void CRLGEN_FinalizeCrlGeneration(CRLGENGeneratorData *crlGenData);
/* Parser initialization function. Creates CRLGENGeneratorData structure
* for the current thread */
extern CRLGENGeneratorData* CRLGEN_InitCrlGeneration(CERTSignedCrl *newCrl,
PRFileDesc *src);
/* This lock is defined in crlgen_lex.c(derived from crlgen_lex.l).
* It controls access to invocation of yylex, allows to parse one
* script at a time */
extern void CRLGEN_InitCrlGenParserLock();
extern void CRLGEN_DestroyCrlGenParserLock();
/* The following function types are used to define functions for each of
* CRLGENExtensionEntryStr, CRLGENCertEntrySrt, CRLGENCrlFieldStr to
* provide functionality needed for these structures*/
typedef SECStatus updateCrlFn_t(CRLGENGeneratorData *crlGenData, void *str);
typedef SECStatus setNextDataFn_t(CRLGENGeneratorData *crlGenData, void *str,
void *data, unsigned short dtype);
typedef SECStatus createNewLangStructFn_t(CRLGENGeneratorData *crlGenData,
void *str, unsigned i);
/* Sets reports failure to parser if anything goes wrong */
extern void crlgen_setFailure(CRLGENGeneratorData *str, char *);
/* Collects data in to one of the current data structure that corresponds
* to the correct context type. This function gets called after each token
* is found for a particular line */
extern SECStatus crlgen_setNextData(CRLGENGeneratorData *str, void *data,
unsigned short dtype);
/* initiates crl update with collected data. This function is called at the
* end of each line */
extern SECStatus crlgen_updateCrl(CRLGENGeneratorData *str);
/* Creates new context structure depending on token that was parsed
* at the beginning of a line */
extern SECStatus crlgen_createNewLangStruct(CRLGENGeneratorData *str,
unsigned structType);
/* CRLGENExtensionEntry is used to store addext request data for either
* CRL extensions or CRL entry extensions. The differentiation between
* is based on order and type of extension been added.
* - extData : all data in request staring from name of the extension are
* in saved here.
* - nextUpdatedData: counter of elements added to extData
*/
struct CRLGENExtensionEntryStr {
char **extData;
int nextUpdatedData;
updateCrlFn_t *updateCrlFn;
setNextDataFn_t *setNextDataFn;
};
/* CRLGENCeryestEntry is used to store addcert request data
* - certId : certificate id or range of certificate with dash as a delimiter
* All certs from range will be inclusively added to crl
* - revocationTime: revocation time of cert(s)
*/
struct CRLGENCertEntrySrt {
char *certId;
char *revocationTime;
updateCrlFn_t *updateCrlFn;
setNextDataFn_t *setNextDataFn;
};
/* CRLGENCrlField is used to store crl fields record like update time, next
* update time, etc.
* - value: value of the parsed field data*/
struct CRLGENCrlFieldStr {
char *value;
updateCrlFn_t *updateCrlFn;
setNextDataFn_t *setNextDataFn;
};
/* Can not create entries extension until completely done with parsing.
* Therefore need to keep joined data
* - certId : serial number of certificate
* - extHandle: head pointer to a list of extensions that belong to
* entry
* - entry : CERTCrlEntry structure pointer*/
struct CRLGENEntryDataStr {
SECItem *certId;
void *extHandle;
CERTCrlEntry *entry;
};
/* Crl generator/parser main structure. Keeps info regarding current state of
* parser(context, status), parser helper functions pointers, parsed data and
* generated data.
* - contextId : current parsing context. Context in this parser environment
* defines what type of crl operations parser is going through
* in the current line of crl generation script.
* setting or new cert or an extension addition, etc.
* - createNewLangStructFn: pointer to top level function which creates
* data structures according contextId
* - setNextDataFn : pointer to top level function which sets new parsed data
* in temporary structure
* - updateCrlFn : pointer to top level function which triggers actual
* crl update functions with gathered data
* - union : data union create according to contextId
* - rangeFrom, rangeTo : holds last range in which certs was added
* - newCrl : pointer to CERTSignedCrl newly created crl
* - crlExtHandle : pointer to crl extension handle
* - entryDataHashTable: hash of CRLGENEntryData.
* key: cert serial number
* data: CRLGENEntryData pointer
* - parserStatus : current status of parser. Triggers parser to abort when
* set to SECFailure
* - src : PRFileDesc structure pointer of crl generator config file
* - parsedLineNum : currently parsing line. Keeping it to report errors */
struct CRLGENGeneratorDataStr {
unsigned short contextId;
CRLGENCrlField *crlField;
CRLGENCertEntry *certEntry;
CRLGENExtensionEntry *extensionEntry;
PRUint64 rangeFrom;
PRUint64 rangeTo;
CERTSignedCrl *signCrl;
void *crlExtHandle;
PLHashTable *entryDataHashTable;
PRFileDesc *src;
int parsedLineNum;
};
#endif /* _CRLGEN_H_ */