Mercurial > trustbridge > nss-cmake-static
view nss/lib/dev/dev.h @ 3:150b72113545
Add DBM and legacydb support
author | Andre Heinecke <andre.heinecke@intevation.de> |
---|---|
date | Tue, 05 Aug 2014 18:32:02 +0200 |
parents | 1e5118fa0cb1 |
children |
line wrap: on
line source
/* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ #ifndef DEV_H #define DEV_H /* * dev.h * * Low-level methods for interaction with cryptoki devices */ #ifndef NSSDEV_H #include "nssdev.h" #endif /* NSSDEV_H */ #ifndef DEVT_H #include "devt.h" #endif /* DEVT_H */ PR_BEGIN_EXTERN_C /* the global module list * * These functions are for managing the global set of modules. Trust Domains, * etc., will draw from this set. These functions are completely internal * and only invoked when there are changes to the global module state * (load or unload). * * nss_InitializeGlobalModuleList * nss_DestroyGlobalModuleList * nss_GetLoadedModules * * nssGlobalModuleList_Add * nssGlobalModuleList_Remove * nssGlobalModuleList_FindModuleByName * nssGlobalModuleList_FindSlotByName * nssGlobalModuleList_FindTokenByName */ NSS_EXTERN PRStatus nss_InitializeGlobalModuleList ( void ); NSS_EXTERN PRStatus nss_DestroyGlobalModuleList ( void ); NSS_EXTERN NSSModule ** nss_GetLoadedModules ( void ); NSS_EXTERN PRStatus nssGlobalModuleList_Add ( NSSModule *module ); NSS_EXTERN PRStatus nssGlobalModuleList_Remove ( NSSModule *module ); NSS_EXTERN NSSModule * nssGlobalModuleList_FindModuleByName ( NSSUTF8 *moduleName ); NSS_EXTERN NSSSlot * nssGlobalModuleList_FindSlotByName ( NSSUTF8 *slotName ); NSS_EXTERN NSSToken * nssGlobalModuleList_FindTokenByName ( NSSUTF8 *tokenName ); NSS_EXTERN NSSToken * nss_GetDefaultCryptoToken ( void ); NSS_EXTERN NSSToken * nss_GetDefaultDatabaseToken ( void ); /* * |-----------|<---> NSSSlot <--> NSSToken * | NSSModule |<---> NSSSlot <--> NSSToken * |-----------|<---> NSSSlot <--> NSSToken */ /* NSSModule * * nssModule_Create * nssModule_CreateFromSpec * nssModule_AddRef * nssModule_GetName * nssModule_GetSlots * nssModule_FindSlotByName * nssModule_FindTokenByName * nssModule_GetCertOrder */ NSS_EXTERN NSSModule * nssModule_Create ( NSSUTF8 *moduleOpt, NSSUTF8 *uriOpt, NSSUTF8 *opaqueOpt, void *reserved ); /* This is to use the new loading mechanism. */ NSS_EXTERN NSSModule * nssModule_CreateFromSpec ( NSSUTF8 *moduleSpec, NSSModule *parent, PRBool loadSubModules ); NSS_EXTERN PRStatus nssModule_Destroy ( NSSModule *mod ); NSS_EXTERN NSSModule * nssModule_AddRef ( NSSModule *mod ); NSS_EXTERN NSSUTF8 * nssModule_GetName ( NSSModule *mod ); NSS_EXTERN NSSSlot ** nssModule_GetSlots ( NSSModule *mod ); NSS_EXTERN NSSSlot * nssModule_FindSlotByName ( NSSModule *mod, NSSUTF8 *slotName ); NSS_EXTERN NSSToken * nssModule_FindTokenByName ( NSSModule *mod, NSSUTF8 *tokenName ); NSS_EXTERN PRInt32 nssModule_GetCertOrder ( NSSModule *module ); /* NSSSlot * * nssSlot_Destroy * nssSlot_AddRef * nssSlot_GetName * nssSlot_GetTokenName * nssSlot_IsTokenPresent * nssSlot_IsPermanent * nssSlot_IsFriendly * nssSlot_IsHardware * nssSlot_Refresh * nssSlot_GetModule * nssSlot_GetToken * nssSlot_Login * nssSlot_Logout * nssSlot_SetPassword * nssSlot_CreateSession */ NSS_EXTERN PRStatus nssSlot_Destroy ( NSSSlot *slot ); NSS_EXTERN NSSSlot * nssSlot_AddRef ( NSSSlot *slot ); NSS_EXTERN void nssSlot_ResetDelay ( NSSSlot *slot ); NSS_EXTERN NSSUTF8 * nssSlot_GetName ( NSSSlot *slot ); NSS_EXTERN NSSUTF8 * nssSlot_GetTokenName ( NSSSlot *slot ); NSS_EXTERN NSSModule * nssSlot_GetModule ( NSSSlot *slot ); NSS_EXTERN NSSToken * nssSlot_GetToken ( NSSSlot *slot ); NSS_EXTERN PRBool nssSlot_IsTokenPresent ( NSSSlot *slot ); NSS_EXTERN PRBool nssSlot_IsPermanent ( NSSSlot *slot ); NSS_EXTERN PRBool nssSlot_IsFriendly ( NSSSlot *slot ); NSS_EXTERN PRBool nssSlot_IsHardware ( NSSSlot *slot ); NSS_EXTERN PRBool nssSlot_IsLoggedIn ( NSSSlot *slot ); NSS_EXTERN PRStatus nssSlot_Refresh ( NSSSlot *slot ); NSS_EXTERN PRStatus nssSlot_Login ( NSSSlot *slot, NSSCallback *pwcb ); extern const NSSError NSS_ERROR_INVALID_PASSWORD; extern const NSSError NSS_ERROR_USER_CANCELED; NSS_EXTERN PRStatus nssSlot_Logout ( NSSSlot *slot, nssSession *sessionOpt ); NSS_EXTERN void nssSlot_EnterMonitor ( NSSSlot *slot ); NSS_EXTERN void nssSlot_ExitMonitor ( NSSSlot *slot ); #define NSSSLOT_ASK_PASSWORD_FIRST_TIME -1 #define NSSSLOT_ASK_PASSWORD_EVERY_TIME 0 NSS_EXTERN void nssSlot_SetPasswordDefaults ( NSSSlot *slot, PRInt32 askPasswordTimeout ); NSS_EXTERN PRStatus nssSlot_SetPassword ( NSSSlot *slot, NSSUTF8 *oldPasswordOpt, NSSUTF8 *newPassword ); extern const NSSError NSS_ERROR_INVALID_PASSWORD; extern const NSSError NSS_ERROR_USER_CANCELED; /* * nssSlot_IsLoggedIn */ NSS_EXTERN nssSession * nssSlot_CreateSession ( NSSSlot *slot, NSSArena *arenaOpt, PRBool readWrite /* so far, this is the only flag used */ ); /* NSSToken * * nssToken_Destroy * nssToken_AddRef * nssToken_GetName * nssToken_GetModule * nssToken_GetSlot * nssToken_NeedsPINInitialization * nssToken_ImportCertificate * nssToken_ImportTrust * nssToken_ImportCRL * nssToken_GenerateKeyPair * nssToken_GenerateSymmetricKey * nssToken_DeleteStoredObject * nssToken_FindObjects * nssToken_FindCertificatesBySubject * nssToken_FindCertificatesByNickname * nssToken_FindCertificatesByEmail * nssToken_FindCertificateByIssuerAndSerialNumber * nssToken_FindCertificateByEncodedCertificate * nssToken_FindTrustForCertificate * nssToken_FindCRLsBySubject * nssToken_FindPrivateKeys * nssToken_FindPrivateKeyByID * nssToken_Digest * nssToken_BeginDigest * nssToken_ContinueDigest * nssToken_FinishDigest */ NSS_EXTERN PRStatus nssToken_Destroy ( NSSToken *tok ); NSS_EXTERN NSSToken * nssToken_AddRef ( NSSToken *tok ); NSS_EXTERN NSSUTF8 * nssToken_GetName ( NSSToken *tok ); NSS_EXTERN NSSModule * nssToken_GetModule ( NSSToken *token ); NSS_EXTERN NSSSlot * nssToken_GetSlot ( NSSToken *tok ); NSS_EXTERN PRBool nssToken_NeedsPINInitialization ( NSSToken *token ); NSS_EXTERN nssCryptokiObject * nssToken_ImportCertificate ( NSSToken *tok, nssSession *sessionOpt, NSSCertificateType certType, NSSItem *id, const NSSUTF8 *nickname, NSSDER *encoding, NSSDER *issuer, NSSDER *subject, NSSDER *serial, NSSASCII7 *emailAddr, PRBool asTokenObject ); NSS_EXTERN nssCryptokiObject * nssToken_ImportTrust ( NSSToken *tok, nssSession *sessionOpt, NSSDER *certEncoding, NSSDER *certIssuer, NSSDER *certSerial, nssTrustLevel serverAuth, nssTrustLevel clientAuth, nssTrustLevel codeSigning, nssTrustLevel emailProtection, PRBool stepUpApproved, PRBool asTokenObject ); NSS_EXTERN nssCryptokiObject * nssToken_ImportCRL ( NSSToken *token, nssSession *sessionOpt, NSSDER *subject, NSSDER *encoding, PRBool isKRL, NSSUTF8 *url, PRBool asTokenObject ); /* Permanently remove an object from the token. */ NSS_EXTERN PRStatus nssToken_DeleteStoredObject ( nssCryptokiObject *instance ); NSS_EXTERN nssCryptokiObject ** nssToken_FindObjects ( NSSToken *token, nssSession *sessionOpt, CK_OBJECT_CLASS objclass, nssTokenSearchType searchType, PRUint32 maximumOpt, PRStatus *statusOpt ); NSS_EXTERN nssCryptokiObject ** nssToken_FindCertificatesBySubject ( NSSToken *token, nssSession *sessionOpt, NSSDER *subject, nssTokenSearchType searchType, PRUint32 maximumOpt, PRStatus *statusOpt ); NSS_EXTERN nssCryptokiObject ** nssToken_FindCertificatesByNickname ( NSSToken *token, nssSession *sessionOpt, const NSSUTF8 *name, nssTokenSearchType searchType, PRUint32 maximumOpt, PRStatus *statusOpt ); NSS_EXTERN nssCryptokiObject ** nssToken_FindCertificatesByEmail ( NSSToken *token, nssSession *sessionOpt, NSSASCII7 *email, nssTokenSearchType searchType, PRUint32 maximumOpt, PRStatus *statusOpt ); NSS_EXTERN nssCryptokiObject ** nssToken_FindCertificatesByID ( NSSToken *token, nssSession *sessionOpt, NSSItem *id, nssTokenSearchType searchType, PRUint32 maximumOpt, PRStatus *statusOpt ); NSS_EXTERN nssCryptokiObject * nssToken_FindCertificateByIssuerAndSerialNumber ( NSSToken *token, nssSession *sessionOpt, NSSDER *issuer, NSSDER *serial, nssTokenSearchType searchType, PRStatus *statusOpt ); NSS_EXTERN nssCryptokiObject * nssToken_FindCertificateByEncodedCertificate ( NSSToken *token, nssSession *sessionOpt, NSSBER *encodedCertificate, nssTokenSearchType searchType, PRStatus *statusOpt ); NSS_EXTERN nssCryptokiObject * nssToken_FindTrustForCertificate ( NSSToken *token, nssSession *sessionOpt, NSSDER *certEncoding, NSSDER *certIssuer, NSSDER *certSerial, nssTokenSearchType searchType ); NSS_EXTERN nssCryptokiObject ** nssToken_FindCRLsBySubject ( NSSToken *token, nssSession *sessionOpt, NSSDER *subject, nssTokenSearchType searchType, PRUint32 maximumOpt, PRStatus *statusOpt ); NSS_EXTERN nssCryptokiObject ** nssToken_FindPrivateKeys ( NSSToken *token, nssSession *sessionOpt, nssTokenSearchType searchType, PRUint32 maximumOpt, PRStatus *statusOpt ); NSS_EXTERN nssCryptokiObject * nssToken_FindPrivateKeyByID ( NSSToken *token, nssSession *sessionOpt, NSSItem *keyID ); NSS_EXTERN nssCryptokiObject * nssToken_FindPublicKeyByID ( NSSToken *token, nssSession *sessionOpt, NSSItem *keyID ); NSS_EXTERN NSSItem * nssToken_Digest ( NSSToken *tok, nssSession *sessionOpt, NSSAlgorithmAndParameters *ap, NSSItem *data, NSSItem *rvOpt, NSSArena *arenaOpt ); NSS_EXTERN PRStatus nssToken_BeginDigest ( NSSToken *tok, nssSession *sessionOpt, NSSAlgorithmAndParameters *ap ); NSS_EXTERN PRStatus nssToken_ContinueDigest ( NSSToken *tok, nssSession *sessionOpt, NSSItem *item ); NSS_EXTERN NSSItem * nssToken_FinishDigest ( NSSToken *tok, nssSession *sessionOpt, NSSItem *rvOpt, NSSArena *arenaOpt ); /* nssSession * * nssSession_Destroy * nssSession_EnterMonitor * nssSession_ExitMonitor * nssSession_IsReadWrite */ NSS_EXTERN PRStatus nssSession_Destroy ( nssSession *s ); /* would like to inline */ NSS_EXTERN PRStatus nssSession_EnterMonitor ( nssSession *s ); /* would like to inline */ NSS_EXTERN PRStatus nssSession_ExitMonitor ( nssSession *s ); /* would like to inline */ NSS_EXTERN PRBool nssSession_IsReadWrite ( nssSession *s ); /* nssCryptokiObject * * An object living on a cryptoki token. * Not really proper to mix up the object types just because * nssCryptokiObject itself is generic, but doing so anyway. * * nssCryptokiObject_Destroy * nssCryptokiObject_Equal * nssCryptokiObject_Clone * nssCryptokiCertificate_GetAttributes * nssCryptokiPrivateKey_GetAttributes * nssCryptokiPublicKey_GetAttributes * nssCryptokiTrust_GetAttributes * nssCryptokiCRL_GetAttributes */ NSS_EXTERN void nssCryptokiObject_Destroy ( nssCryptokiObject *object ); NSS_EXTERN PRBool nssCryptokiObject_Equal ( nssCryptokiObject *object1, nssCryptokiObject *object2 ); NSS_EXTERN nssCryptokiObject * nssCryptokiObject_Clone ( nssCryptokiObject *object ); NSS_EXTERN PRStatus nssCryptokiCertificate_GetAttributes ( nssCryptokiObject *object, nssSession *sessionOpt, NSSArena *arenaOpt, NSSCertificateType *certTypeOpt, NSSItem *idOpt, NSSDER *encodingOpt, NSSDER *issuerOpt, NSSDER *serialOpt, NSSDER *subjectOpt ); NSS_EXTERN PRStatus nssCryptokiTrust_GetAttributes ( nssCryptokiObject *trustObject, nssSession *sessionOpt, NSSItem *sha1_hash, nssTrustLevel *serverAuth, nssTrustLevel *clientAuth, nssTrustLevel *codeSigning, nssTrustLevel *emailProtection, PRBool *stepUpApproved ); NSS_EXTERN PRStatus nssCryptokiCRL_GetAttributes ( nssCryptokiObject *crlObject, nssSession *sessionOpt, NSSArena *arenaOpt, NSSItem *encodingOpt, NSSItem * subjectOpt, CK_ULONG * crl_class, NSSUTF8 **urlOpt, PRBool *isKRLOpt ); /* I'm including this to handle import of certificates in NSS 3.5. This * function will set the cert-related attributes of a key, in order to * associate it with a cert. Does it stay like this for 4.0? */ NSS_EXTERN PRStatus nssCryptokiPrivateKey_SetCertificate ( nssCryptokiObject *keyObject, nssSession *sessionOpt, const NSSUTF8 *nickname, NSSItem *id, NSSDER *subject ); NSS_EXTERN void nssModuleArray_Destroy ( NSSModule **modules ); /* nssSlotArray * * nssSlotArray_Destroy */ NSS_EXTERN void nssSlotArray_Destroy ( NSSSlot **slots ); /* nssTokenArray * * nssTokenArray_Destroy */ NSS_EXTERN void nssTokenArray_Destroy ( NSSToken **tokens ); /* nssCryptokiObjectArray * * nssCryptokiObjectArray_Destroy */ NSS_EXTERN void nssCryptokiObjectArray_Destroy ( nssCryptokiObject **object ); /* nssSlotList * * An ordered list of slots. The order can be anything, it is set in the * Add methods. Perhaps it should be CreateInCertOrder, ...? * * nssSlotList_Create * nssSlotList_Destroy * nssSlotList_Add * nssSlotList_AddModuleSlots * nssSlotList_GetSlots * nssSlotList_FindSlotByName * nssSlotList_FindTokenByName * nssSlotList_GetBestSlot * nssSlotList_GetBestSlotForAlgorithmAndParameters * nssSlotList_GetBestSlotForAlgorithmsAndParameters */ /* nssSlotList_Create */ NSS_EXTERN nssSlotList * nssSlotList_Create ( NSSArena *arenaOpt ); /* nssSlotList_Destroy */ NSS_EXTERN void nssSlotList_Destroy ( nssSlotList *slotList ); /* nssSlotList_Add * * Add the given slot in the given order. */ NSS_EXTERN PRStatus nssSlotList_Add ( nssSlotList *slotList, NSSSlot *slot, PRUint32 order ); /* nssSlotList_AddModuleSlots * * Add all slots in the module, in the given order (the slots will have * equal weight). */ NSS_EXTERN PRStatus nssSlotList_AddModuleSlots ( nssSlotList *slotList, NSSModule *module, PRUint32 order ); /* nssSlotList_GetSlots */ NSS_EXTERN NSSSlot ** nssSlotList_GetSlots ( nssSlotList *slotList ); /* nssSlotList_FindSlotByName */ NSS_EXTERN NSSSlot * nssSlotList_FindSlotByName ( nssSlotList *slotList, NSSUTF8 *slotName ); /* nssSlotList_FindTokenByName */ NSS_EXTERN NSSToken * nssSlotList_FindTokenByName ( nssSlotList *slotList, NSSUTF8 *tokenName ); /* nssSlotList_GetBestSlot * * The best slot is the highest ranking in order, i.e., the first in the * list. */ NSS_EXTERN NSSSlot * nssSlotList_GetBestSlot ( nssSlotList *slotList ); /* nssSlotList_GetBestSlotForAlgorithmAndParameters * * Highest-ranking slot than can handle algorithm/parameters. */ NSS_EXTERN NSSSlot * nssSlotList_GetBestSlotForAlgorithmAndParameters ( nssSlotList *slotList, NSSAlgorithmAndParameters *ap ); /* nssSlotList_GetBestSlotForAlgorithmsAndParameters * * Highest-ranking slot than can handle all algorithms/parameters. */ NSS_EXTERN NSSSlot * nssSlotList_GetBestSlotForAlgorithmsAndParameters ( nssSlotList *slotList, NSSAlgorithmAndParameters **ap ); NSS_EXTERN PRBool nssToken_IsPresent ( NSSToken *token ); NSS_EXTERN nssSession * nssToken_GetDefaultSession ( NSSToken *token ); NSS_EXTERN PRStatus nssToken_GetTrustOrder ( NSSToken *tok ); NSS_EXTERN PRStatus nssToken_NotifyCertsNotVisible ( NSSToken *tok ); NSS_EXTERN PRStatus nssToken_TraverseCertificates ( NSSToken *token, nssSession *sessionOpt, nssTokenSearchType searchType, PRStatus (* callback)(nssCryptokiObject *instance, void *arg), void *arg ); NSS_EXTERN PRBool nssToken_IsPrivateKeyAvailable ( NSSToken *token, NSSCertificate *c, nssCryptokiObject *instance ); PR_END_EXTERN_C #endif /* DEV_H */