1/* This Source Code Form is subject to the terms of the Mozilla Public
2 * License, v. 2.0. If a copy of the MPL was not distributed with this
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4
5#ifndef _SECOID_H_
6#define _SECOID_H_
7
8#include "utilrename.h"
9
10/*
11 * secoid.h - public data structures and prototypes for ASN.1 OID functions
12 */
13
14#include "plarena.h"
15
16#include "seccomon.h"
17#include "secoidt.h"
18#include "secasn1t.h"
19
20SEC_BEGIN_PROTOS
21
22extern const SEC_ASN1Template SECOID_AlgorithmIDTemplate[];
23
24/* This functions simply returns the address of the above-declared template. */
25SEC_ASN1_CHOOSER_DECLARE(SECOID_AlgorithmIDTemplate)
26
27/*
28 * OID handling routines
29 */
30extern SECOidData *SECOID_FindOID(const SECItem *oid);
31extern SECOidTag SECOID_FindOIDTag(const SECItem *oid);
32extern SECOidData *SECOID_FindOIDByTag(SECOidTag tagnum);
33extern SECOidData *SECOID_FindOIDByMechanism(unsigned long mechanism);
34
35/****************************************/
36/*
37** Algorithm id handling operations
38*/
39
40/*
41** Fill in an algorithm-ID object given a tag and some parameters.
42** "aid" where the DER encoded algorithm info is stored (memory
43** is allocated)
44** "tag" the tag number defining the algorithm
45** "params" if not NULL, the parameters to go with the algorithm
46*/
47extern SECStatus SECOID_SetAlgorithmID(PLArenaPool *arena, SECAlgorithmID *aid,
48 SECOidTag tag, SECItem *params);
49
50/*
51** Copy the "src" object to "dest". Memory is allocated in "dest" for
52** each of the appropriate sub-objects. Memory in "dest" is not freed
53** before memory is allocated (use SECOID_DestroyAlgorithmID(dest, PR_FALSE)
54** to do that).
55*/
56extern SECStatus SECOID_CopyAlgorithmID(PLArenaPool *arena, SECAlgorithmID *dest,
57 const SECAlgorithmID *src);
58
59/*
60** Get the tag number for the given algorithm-id object.
61*/
62extern SECOidTag SECOID_GetAlgorithmTag(const SECAlgorithmID *aid);
63
64/*
65** Destroy an algorithm-id object.
66** "aid" the certificate-request to destroy
67** "freeit" if PR_TRUE then free the object as well as its sub-objects
68*/
69extern void SECOID_DestroyAlgorithmID(SECAlgorithmID *aid, PRBool freeit);
70
71/*
72** Compare two algorithm-id objects, returning the difference between
73** them.
74*/
75extern SECComparison SECOID_CompareAlgorithmID(SECAlgorithmID *a,
76 SECAlgorithmID *b);
77
78extern PRBool SECOID_KnownCertExtenOID(SECItem *extenOid);
79
80/* Given a tag number, return a string describing it.
81 */
82extern const char *SECOID_FindOIDTagDescription(SECOidTag tagnum);
83
84/* Add a dynamic SECOidData to the dynamic OID table.
85** Routine copies the src entry, and returns the new SECOidTag.
86** Returns SEC_OID_INVALID if failed to add for some reason.
87*/
88extern SECOidTag SECOID_AddEntry(const SECOidData *src);
89
90/*
91 * initialize the oid data structures.
92 */
93extern SECStatus SECOID_Init(void);
94
95/*
96 * free up the oid data structures.
97 */
98extern SECStatus SECOID_Shutdown(void);
99
100/* if to->data is not NULL, and to->len is large enough to hold the result,
101 * then the resultant OID will be copyed into to->data, and to->len will be
102 * changed to show the actual OID length.
103 * Otherwise, memory for the OID will be allocated (from the caller's
104 * PLArenaPool, if pool is non-NULL) and to->data will receive the address
105 * of the allocated data, and to->len will receive the OID length.
106 * The original value of to->data is not freed when a new buffer is allocated.
107 *
108 * The input string may begin with "OID." and this still be ignored.
109 * The length of the input string is given in len. If len == 0, then
110 * len will be computed as strlen(from), meaning it must be NUL terminated.
111 * It is an error if from == NULL, or if *from == '\0'.
112 */
113extern SECStatus SEC_StringToOID(PLArenaPool *pool, SECItem *to,
114 const char *from, PRUint32 len);
115
116extern void UTIL_SetForkState(PRBool forked);
117
118/*
119 * Accessor functions for new opaque extended SECOID table.
120 * Any of these functions may return SECSuccess or SECFailure with the error
121 * code set to SEC_ERROR_UNKNOWN_OBJECT_TYPE if the SECOidTag is out of range.
122 */
123
124/* The Get function outputs the 32-bit value associated with the SECOidTag.
125 * Flags bits are the NSS_USE_ALG_ #defines in "secoidt.h".
126 * Default value for any algorithm is 0xffffffff (enabled for all purposes).
127 * No value is output if function returns SECFailure.
128 */
129extern SECStatus NSS_GetAlgorithmPolicy(SECOidTag tag, PRUint32 *pValue);
130
131/* The Set function modifies the stored value according to the following
132 * algorithm:
133 * policy[tag] = (policy[tag] & ~clearBits) | setBits;
134 */
135extern SECStatus
136NSS_SetAlgorithmPolicy(SECOidTag tag, PRUint32 setBits, PRUint32 clearBits);
137
138SEC_END_PROTOS
139
140#endif /* _SECOID_H_ */
141