1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
use libc::{c_char, c_uint, c_int, c_void};
use nspr::{PLArenaPool, PRBool, PRUint32, PRCList};
use super::{SECItem, SECAlgorithmID, NSSTrustDomainStr, NSSCertificateStr, PK11SlotInfo, CK_OBJECT_HANDLE, SECStatus};
pub type CERTCertList = CERTCertListStr;
pub type CERTCertListNode = CERTCertListNodeStr;
pub type CERTCertificate = CERTCertificateStr;
pub type CERTSignedData = CERTSignedDataStr;
pub type CERTName = CERTNameStr;
pub type CERTRDN = CERTRDNStr;
pub type CERTAVA = CERTAVAStr;
pub type CERTValidity = CERTValidityStr;
pub type CERTSubjectPublicKeyInfo = CERTSubjectPublicKeyInfoStr;
pub type CERTCertExtension = CERTCertExtensionStr;
pub type CERTCertDBHandle = NSSTrustDomainStr;
pub type CERTOKDomainName = CERTOKDomainNameStr;
pub type CERTCertTrust = CERTCertTrustStr;
pub type CERTSubjectList = CERTSubjectListStr;
pub type CERTSubjectNode = CERTSubjectNodeStr;
pub type CERTAuthKeyID = CERTAuthKeyIDStr;
pub type CERTGeneralName = CERTGeneralNameStr;
#[derive(Debug)]
#[repr(C)]
pub struct CERTCertListStr {
pub list: PRCList,
pub arena: *mut PLArenaPool,
}
#[derive(Debug)]
#[repr(C)]
pub struct CERTCertListNodeStr {
pub links: PRCList,
pub cert: *mut CERTCertificate,
pub appData: *mut c_void,
}
#[derive(Debug)]
#[repr(C)]
pub struct CERTCertificateStr {
pub arena: *mut PLArenaPool,
pub subjectName: *mut c_char,
pub issuerName: *mut c_char,
pub signatureWrap: CERTSignedData,
pub derCert: SECItem,
pub derIssuer: SECItem,
pub derSubject: SECItem,
pub derPublicKey: SECItem,
pub certKey: SECItem,
pub version: SECItem,
pub serialNumber: SECItem,
pub signature: SECAlgorithmID,
pub issuer: CERTName,
pub validity: CERTValidity,
pub subject: CERTName,
pub subjectPublicKeyInfo: CERTSubjectPublicKeyInfo,
pub issuerID: SECItem,
pub subjectID: SECItem,
pub extensions: *mut *mut CERTCertExtension,
pub emailAddr: *mut c_char,
pub dbhandle: *mut CERTCertDBHandle,
pub subjectKeyID: SECItem,
pub keyIDGenerated: PRBool,
pub keyUsage: c_uint,
pub rawKeyUsage: c_uint,
pub keyUsagePresent: PRBool,
pub nsCertType: PRUint32,
pub keepSession: PRBool,
pub timeOK: PRBool,
pub domainOK: *mut CERTOKDomainName,
pub isperm: PRBool,
pub istemp: PRBool,
pub nickname: *mut c_char,
pub dbnickname: *mut c_char,
pub nssCertificate: *mut NSSCertificateStr,
pub trust: *mut CERTCertTrust,
pub referenceCount: c_int,
pub subjectList: *mut CERTSubjectList,
pub authKeyID: *mut CERTAuthKeyID,
pub isRoot: PRBool,
pub options: usize,
pub series: c_int,
pub slot: *mut PK11SlotInfo,
pub pkcs11ID: CK_OBJECT_HANDLE,
pub ownSlot: PRBool,
}
#[derive(Debug)]
#[repr(C)]
pub struct CERTSignedDataStr {
pub data: SECItem,
pub signatureAlgorithm: SECAlgorithmID,
pub signature: SECItem,
}
#[derive(Debug)]
#[repr(C)]
pub struct CERTNameStr {
pub arena: *mut PLArenaPool,
pub rdns: *mut *mut CERTRDN,
}
#[derive(Debug)]
#[repr(C)]
pub struct CERTRDNStr {
pub avas: *mut *mut CERTAVA,
}
#[derive(Debug)]
#[repr(C)]
pub struct CERTAVAStr {
pub type_: SECItem,
pub value: SECItem,
}
#[derive(Debug)]
#[repr(C)]
pub struct CERTValidityStr {
pub arena: *mut PLArenaPool,
pub notBefore: SECItem,
pub notAfter: SECItem,
}
#[derive(Debug)]
#[repr(C)]
pub struct CERTSubjectPublicKeyInfoStr {
pub arena: *mut PLArenaPool,
pub algorithm: SECAlgorithmID,
pub subjectPublicKey: SECItem,
}
#[derive(Debug)]
#[repr(C)]
pub struct CERTCertExtensionStr {
pub id: SECItem,
pub critical: SECItem,
pub value: SECItem,
}
#[derive(Debug)]
#[repr(C)]
pub struct CERTOKDomainNameStr {
pub next: *mut CERTOKDomainName,
pub name0: c_char,
}
#[derive(Debug)]
#[repr(C)]
pub struct CERTCertTrustStr {
pub sslFlags: c_uint,
pub emailFlags: c_uint,
pub objectSigningFlags: c_uint,
}
#[derive(Debug)]
#[repr(C)]
pub struct CERTSubjectListStr {
pub arena: *mut PLArenaPool,
pub ncerts: c_int,
pub emailAddr: *mut c_char,
pub head: *mut CERTSubjectNode,
pub tail: *mut CERTSubjectNode,
pub entry: *mut c_void,
}
#[derive(Debug)]
#[repr(C)]
pub struct CERTSubjectNodeStr {
pub next: *mut CERTSubjectNodeStr,
pub prev: *mut CERTSubjectNodeStr,
pub certKey: SECItem,
pub keyID: SECItem,
}
#[derive(Debug)]
#[repr(C)]
pub struct CERTAuthKeyIDStr {
pub keyID: SECItem,
pub authCertIssuer: *mut CERTGeneralName,
pub authCertSerialNumber: SECItem,
pub DERAuthCertIssuer: *mut *mut SECItem,
}
pub enum CERTGeneralNameStr { }
extern "C" {
pub fn CERT_DestroyCertificate(cert: *mut CERTCertificate);
pub fn CERT_DestroyCertList(cert: *mut CERTCertList);
pub fn CERT_VerifyCertName(cert: *const CERTCertificate, hn: *const c_char) -> SECStatus;
}