Mercurial > trustbridge > nss-cmake-static

comparison nss/lib/pk11wrap/secmodti.h @ 0:1e5118fa0cb1

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
This is NSS with a Cmake Buildsyste To compile a static NSS library for Windows we've used the Chromium-NSS fork and added a Cmake buildsystem to compile it statically for Windows. See README.chromium for chromium changes and README.trustbridge for our modifications.
author Andre Heinecke <andre.heinecke@intevation.de>
date Mon, 28 Jul 2014 10:47:06 +0200
parents
children
comparison
equal deleted inserted replaced
-1:000000000000 0:1e5118fa0cb1
1 /* This Source Code Form is subject to the terms of the Mozilla Public
2 * License, v. 2.0. If a copy of the MPL was not distributed with this
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4 /*
5 * Internal header file included only by files in pkcs11 dir, or in
6 * pkcs11 specific client and server files.
7 */
8
9 #ifndef _SECMODTI_H_
10 #define _SECMODTI_H_ 1
11 #include "prmon.h"
12 #include "prtypes.h"
13 #include "nssilckt.h"
14 #include "secmodt.h"
15 #include "pkcs11t.h"
16
17 #include "nssdevt.h"
18
19 /* internal data structures */
20
21 /* Traverse slots callback */
22 typedef struct pk11TraverseSlotStr {
23 SECStatus (*callback)(PK11SlotInfo *,CK_OBJECT_HANDLE, void *);
24 void *callbackArg;
25 CK_ATTRIBUTE *findTemplate;
26 int templateCount;
27 } pk11TraverseSlot;
28
29
30 /* represent a pkcs#11 slot reference counted. */
31 struct PK11SlotInfoStr {
32 /* the PKCS11 function list for this slot */
33 void *functionList;
34 SECMODModule *module; /* our parent module */
35 /* Boolean to indicate the current state of this slot */
36 PRBool needTest; /* Has this slot been tested for Export complience */
37 PRBool isPerm; /* is this slot a permanment device */
38 PRBool isHW; /* is this slot a hardware device */
39 PRBool isInternal; /* is this slot one of our internal PKCS #11 devices */
40 PRBool disabled; /* is this slot disabled... */
41 PK11DisableReasons reason; /* Why this slot is disabled */
42 PRBool readOnly; /* is the token in this slot read-only */
43 PRBool needLogin; /* does the token of the type that needs
44 * authentication (still true even if token is logged
45 * in) */
46 PRBool hasRandom; /* can this token generated random numbers */
47 PRBool defRWSession; /* is the default session RW (we open our default
48 * session rw if the token can only handle one session
49 * at a time. */
50 PRBool isThreadSafe; /* copied from the module */
51 /* The actual flags (many of which are distilled into the above PRBools) */
52 CK_FLAGS flags; /* flags from PKCS #11 token Info */
53 /* a default session handle to do quick and dirty functions */
54 CK_SESSION_HANDLE session;
55 PZLock *sessionLock; /* lock for this session */
56 /* our ID */
57 CK_SLOT_ID slotID;
58 /* persistant flags saved from startup to startup */
59 unsigned long defaultFlags;
60 /* keep track of who is using us so we don't accidently get freed while
61 * still in use */
62 PRInt32 refCount; /* to be in/decremented by atomic calls ONLY! */
63 PZLock *freeListLock;
64 PK11SymKey *freeSymKeysWithSessionHead;
65 PK11SymKey *freeSymKeysHead;
66 int keyCount;
67 int maxKeyCount;
68 /* Password control functions for this slot. many of these are only
69 * active if the appropriate flag is on in defaultFlags */
70 int askpw; /* what our password options are */
71 int timeout; /* If we're ask_timeout, what is our timeout time is
72 * seconds */
73 int authTransact; /* allow multiple authentications off one password if
74 * they are all part of the same transaction */
75 PRTime authTime; /* when were we last authenticated */
76 int minPassword; /* smallest legal password */
77 int maxPassword; /* largest legal password */
78 PRUint16 series; /* break up the slot info into various groups of
79 * inserted tokens so that keys and certs can be
80 * invalidated */
81 PRUint16 flagSeries;/* record the last series for the last event
82 * returned for this slot */
83 PRBool flagState; /* record the state of the last event returned for this
84 * slot. */
85 PRUint16 wrapKey; /* current wrapping key for SSL master secrets */
86 CK_MECHANISM_TYPE wrapMechanism;
87 /* current wrapping mechanism for current wrapKey */
88 CK_OBJECT_HANDLE refKeys[1]; /* array of existing wrapping keys for */
89 CK_MECHANISM_TYPE *mechanismList; /* list of mechanism supported by this
90 * token */
91 int mechanismCount;
92 /* cache the certificates stored on the token of this slot */
93 CERTCertificate **cert_array;
94 int array_size;
95 int cert_count;
96 char serial[16];
97 /* since these are odd sizes, keep them last. They are odd sizes to
98 * allow them to become null terminated strings */
99 char slot_name[65];
100 char token_name[33];
101 PRBool hasRootCerts;
102 PRBool hasRootTrust;
103 PRBool hasRSAInfo;
104 CK_FLAGS RSAInfoFlags;
105 PRBool protectedAuthPath;
106 PRBool isActiveCard;
107 PRIntervalTime lastLoginCheck;
108 unsigned int lastState;
109 /* for Stan */
110 NSSToken *nssToken;
111 /* fast mechanism lookup */
112 char mechanismBits[256];
113 };
114
115 /* Symetric Key structure. Reference Counted */
116 struct PK11SymKeyStr {
117 CK_MECHANISM_TYPE type; /* type of operation this key was created for*/
118 CK_OBJECT_HANDLE objectID; /* object id of this key in the slot */
119 PK11SlotInfo *slot; /* Slot this key is loaded into */
120 void *cx; /* window context in case we need to loggin */
121 PK11SymKey *next;
122 PRBool owner;
123 SECItem data; /* raw key data if available */
124 CK_SESSION_HANDLE session;
125 PRBool sessionOwner;
126 PRInt32 refCount; /* number of references to this key */
127 int size; /* key size in bytes */
128 PK11Origin origin; /* where this key came from
129 * (see def in secmodt.h) */
130 PK11SymKey *parent; /* potential owner key of the session */
131 PRUint16 series; /* break up the slot info into various groups
132 * of inserted tokens so that keys and certs
133 * can be invalidated */
134 void *userData; /* random data the application can attach to
135 * this key */
136 PK11FreeDataFunc freeFunc; /* function to free the user data */
137 };
138
139
140 /*
141 * hold a hash, encryption or signing context for multi-part operations.
142 * hold enough information so that multiple contexts can be interleaved
143 * if necessary. ... Not RefCounted.
144 */
145 struct PK11ContextStr {
146 CK_ATTRIBUTE_TYPE operation; /* type of operation this context is doing
147 * (CKA_ENCRYPT, CKA_SIGN, CKA_HASH, etc. */
148 PK11SymKey *key; /* symetric key used in this context */
149 PK11SlotInfo *slot; /* slot this context is operationing on */
150 CK_SESSION_HANDLE session; /* session this context is using */
151 PZLock *sessionLock; /* lock before accessing a PKCS #11
152 * session */
153 PRBool ownSession;/* do we own the session? */
154 void *cx; /* window context in case we need to loggin*/
155 void *savedData;/* save data when we are multiplexing on a
156 * single context */
157 unsigned long savedLength; /* length of the saved context */
158 SECItem *param; /* mechanism parameters used to build this
159 context */
160 PRBool init; /* has this contexted been initialized */
161 CK_MECHANISM_TYPE type; /* what is the PKCS #11 this context is
162 * representing (usually what algorithm is
163 * being used (CKM_RSA_PKCS, CKM_DES,
164 * CKM_SHA, etc.*/
165 PRBool fortezzaHack; /*Fortezza SSL has some special
166 * non-standard semantics*/
167 };
168
169 /*
170 * structure to hold a pointer to a unique PKCS #11 object
171 * (pointer to the slot and the object id).
172 */
173 struct PK11GenericObjectStr {
174 PK11GenericObject *prev;
175 PK11GenericObject *next;
176 PK11SlotInfo *slot;
177 CK_OBJECT_HANDLE objectID;
178 };
179
180
181 #define MAX_TEMPL_ATTRS 16 /* maximum attributes in template */
182
183 /* This mask includes all CK_FLAGs with an equivalent CKA_ attribute. */
184 #define CKF_KEY_OPERATION_FLAGS 0x000e7b00UL
185
186
187 #endif /* _SECMODTI_H_ */
This site is hosted by Intevation GmbH (Datenschutzerklärung und Impressum | Privacy Policy and Imprint)