andre@3: /* This Source Code Form is subject to the terms of the Mozilla Public andre@3: * License, v. 2.0. If a copy of the MPL was not distributed with this andre@3: * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ andre@3: /* andre@3: * Internal data structures and functions used by pkcs11.c andre@3: */ andre@3: #ifndef _LGDB_H_ andre@3: #define _LGDB_H_ 1 andre@3: andre@3: #include "nssilock.h" andre@3: #include "seccomon.h" andre@3: #include "secoidt.h" andre@3: #include "lowkeyti.h" andre@3: #include "pkcs11t.h" andre@3: #include "sdb.h" andre@3: #include "cdbhdl.h" andre@3: andre@3: andre@3: #define MULTIACCESS "multiaccess:" andre@3: andre@3: andre@3: /* path stuff (was machine dependent) used by dbinit.c and pk11db.c */ andre@3: #define PATH_SEPARATOR "/" andre@3: #define SECMOD_DB "secmod.db" andre@3: #define CERT_DB_FMT "%scert%s.db" andre@3: #define KEY_DB_FMT "%skey%s.db" andre@3: andre@3: SEC_BEGIN_PROTOS andre@3: andre@3: andre@3: /* internal utility functions used by pkcs11.c */ andre@3: extern const CK_ATTRIBUTE *lg_FindAttribute(CK_ATTRIBUTE_TYPE type, andre@3: const CK_ATTRIBUTE *templ, CK_ULONG count); andre@3: extern CK_RV lg_Attribute2SecItem(PLArenaPool *,CK_ATTRIBUTE_TYPE type, andre@3: const CK_ATTRIBUTE *templ, CK_ULONG count, andre@3: SECItem *item); andre@3: extern CK_RV lg_Attribute2SSecItem(PLArenaPool *,CK_ATTRIBUTE_TYPE type, andre@3: const CK_ATTRIBUTE *templ, CK_ULONG count, andre@3: SECItem *item); andre@3: extern CK_RV lg_PrivAttr2SecItem(PLArenaPool *,CK_ATTRIBUTE_TYPE type, andre@3: const CK_ATTRIBUTE *templ, CK_ULONG count, andre@3: SECItem *item, SDB *sdbpw); andre@3: extern CK_RV lg_PrivAttr2SSecItem(PLArenaPool *,CK_ATTRIBUTE_TYPE type, andre@3: const CK_ATTRIBUTE *templ, CK_ULONG count, andre@3: SECItem *item, SDB *sdbpw); andre@3: extern CK_RV lg_GetULongAttribute(CK_ATTRIBUTE_TYPE type, andre@3: const CK_ATTRIBUTE *templ, CK_ULONG count, andre@3: CK_ULONG *out); andre@3: extern PRBool lg_hasAttribute(CK_ATTRIBUTE_TYPE type, andre@3: const CK_ATTRIBUTE *templ, CK_ULONG count); andre@3: extern PRBool lg_isTrue(CK_ATTRIBUTE_TYPE type, andre@3: const CK_ATTRIBUTE *templ, CK_ULONG count); andre@3: extern PRBool lg_isSensitive(CK_ATTRIBUTE_TYPE type, CK_OBJECT_CLASS inClass); andre@3: extern char *lg_getString(CK_ATTRIBUTE_TYPE type, andre@3: const CK_ATTRIBUTE *templ, CK_ULONG count); andre@3: extern unsigned int lg_MapTrust(CK_TRUST trust, PRBool clientAuth); andre@3: andre@3: /* clear out all the existing object ID to database key mappings. andre@3: * used to reinit a token */ andre@3: extern CK_RV lg_ClearTokenKeyHashTable(SDB *sdb); andre@3: andre@3: andre@3: extern void lg_FreeSearch(SDBFind *search); andre@3: andre@3: NSSLOWCERTCertDBHandle *lg_getCertDB(SDB *sdb); andre@3: NSSLOWKEYDBHandle *lg_getKeyDB(SDB *sdb); andre@3: andre@3: const char *lg_EvaluateConfigDir(const char *configdir, char **domain); andre@3: andre@3: andre@3: /* andre@3: * object handle modifiers andre@3: */ andre@3: #define LG_TOKEN_MASK 0xc0000000L andre@3: #define LG_TOKEN_TYPE_MASK 0x38000000L andre@3: #define LG_TOKEN_TYPE_SHIFT 27 andre@3: /* keydb (high bit == 0) */ andre@3: #define LG_TOKEN_TYPE_PRIV 0x08000000L andre@3: #define LG_TOKEN_TYPE_PUB 0x10000000L andre@3: #define LG_TOKEN_TYPE_KEY 0x18000000L andre@3: /* certdb (high bit == 1) */ andre@3: #define LG_TOKEN_TYPE_TRUST 0x20000000L andre@3: #define LG_TOKEN_TYPE_CRL 0x28000000L andre@3: #define LG_TOKEN_TYPE_SMIME 0x30000000L andre@3: #define LG_TOKEN_TYPE_CERT 0x38000000L andre@3: andre@3: #define LG_TOKEN_KRL_HANDLE (LG_TOKEN_TYPE_CRL|1) andre@3: andre@3: #define LG_SEARCH_BLOCK_SIZE 10 andre@3: #define LG_BUF_SPACE 50 andre@3: #define LG_STRICT PR_FALSE andre@3: andre@3: /* andre@3: * token object utilities andre@3: */ andre@3: void lg_addHandle(SDBFind *search, CK_OBJECT_HANDLE handle); andre@3: PRBool lg_poisonHandle(SDB *sdb, SECItem *dbkey, CK_OBJECT_HANDLE handle); andre@3: PRBool lg_tokenMatch(SDB *sdb, const SECItem *dbKey, CK_OBJECT_HANDLE class, andre@3: const CK_ATTRIBUTE *templ, CK_ULONG count); andre@3: const SECItem *lg_lookupTokenKeyByHandle(SDB *sdb, CK_OBJECT_HANDLE handle); andre@3: CK_OBJECT_HANDLE lg_mkHandle(SDB *sdb, SECItem *dbKey, CK_OBJECT_HANDLE class); andre@3: SECStatus lg_deleteTokenKeyByHandle(SDB *sdb, CK_OBJECT_HANDLE handle); andre@3: andre@3: SECStatus lg_util_encrypt(PLArenaPool *arena, SDB *sdbpw, andre@3: SECItem *plainText, SECItem **cipherText); andre@3: SECStatus lg_util_decrypt(SDB *sdbpw, andre@3: SECItem *cipherText, SECItem **plainText); andre@3: PLHashTable *lg_GetHashTable(SDB *sdb); andre@3: void lg_DBLock(SDB *sdb); andre@3: void lg_DBUnlock(SDB *sdb); andre@3: andre@3: typedef void (*LGFreeFunc)(void *); andre@3: andre@3: andre@3: /* andre@3: * database functions andre@3: */ andre@3: andre@3: /* lg_FindObjectsInit initializes a search for token and session objects andre@3: * that match a template. */ andre@3: CK_RV lg_FindObjectsInit(SDB *sdb, const CK_ATTRIBUTE *pTemplate, andre@3: CK_ULONG ulCount, SDBFind **search); andre@3: /* lg_FindObjects continues a search for token and session objects andre@3: * that match a template, obtaining additional object handles. */ andre@3: CK_RV lg_FindObjects(SDB *sdb, SDBFind *search, andre@3: CK_OBJECT_HANDLE *phObject,CK_ULONG ulMaxObjectCount, andre@3: CK_ULONG *pulObjectCount); andre@3: andre@3: /* lg_FindObjectsFinal finishes a search for token and session objects. */ andre@3: CK_RV lg_FindObjectsFinal(SDB* lgdb, SDBFind *search); andre@3: andre@3: /* lg_CreateObject parses the template and create an object stored in the andre@3: * DB that reflects the object specified in the template. */ andre@3: CK_RV lg_CreateObject(SDB *sdb, CK_OBJECT_HANDLE *handle, andre@3: const CK_ATTRIBUTE *templ, CK_ULONG count); andre@3: andre@3: CK_RV lg_GetAttributeValue(SDB *sdb, CK_OBJECT_HANDLE object_id, andre@3: CK_ATTRIBUTE *template, CK_ULONG count); andre@3: CK_RV lg_SetAttributeValue(SDB *sdb, CK_OBJECT_HANDLE object_id, andre@3: const CK_ATTRIBUTE *template, CK_ULONG count); andre@3: CK_RV lg_DestroyObject(SDB *sdb, CK_OBJECT_HANDLE object_id); andre@3: andre@3: CK_RV lg_Close(SDB *sdb); andre@3: CK_RV lg_Reset(SDB *sdb); andre@3: andre@3: /* andre@3: * The old database doesn't share and doesn't support andre@3: * transactions. andre@3: */ andre@3: CK_RV lg_Begin(SDB *sdb); andre@3: CK_RV lg_Commit(SDB *sdb); andre@3: CK_RV lg_Abort(SDB *sdb); andre@3: CK_RV lg_GetMetaData(SDB *sdb, const char *id, SECItem *item1, SECItem *item2); andre@3: CK_RV lg_PutMetaData(SDB *sdb, const char *id, andre@3: const SECItem *item1, const SECItem *item2); andre@3: andre@3: SEC_END_PROTOS andre@3: andre@3: #ifndef XP_UNIX andre@3: andre@3: #define NO_FORK_CHECK andre@3: andre@3: #endif andre@3: andre@3: #ifndef NO_FORK_CHECK andre@3: andre@3: extern PRBool lg_parentForkedAfterC_Initialize; andre@3: #define SKIP_AFTER_FORK(x) if (!lg_parentForkedAfterC_Initialize) x andre@3: andre@3: #else andre@3: andre@3: #define SKIP_AFTER_FORK(x) x andre@3: andre@3: #endif /* NO_FORK_CHECK */ andre@3: andre@3: #endif /* _LGDB_H_ */ andre@3: