andre@0: /* This Source Code Form is subject to the terms of the Mozilla Public andre@0: * License, v. 2.0. If a copy of the MPL was not distributed with this andre@0: * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ andre@0: andre@0: #ifndef PKISTORE_H andre@0: #define PKISTORE_H andre@0: andre@0: #ifndef NSSPKIT_H andre@0: #include "nsspkit.h" andre@0: #endif /* NSSPKIT_H */ andre@0: andre@0: #ifndef BASE_H andre@0: #include "base.h" andre@0: #endif /* BASE_H */ andre@0: andre@0: PR_BEGIN_EXTERN_C andre@0: andre@0: /* andre@0: * PKI Stores andre@0: * andre@0: * This is a set of routines for managing local stores of PKI objects. andre@0: * Currently, the only application is in crypto contexts, where the andre@0: * certificate store is used. In the future, methods should be added andre@0: * here for storing local references to keys. andre@0: */ andre@0: andre@0: /* andre@0: * nssCertificateStore andre@0: * andre@0: * Manages local store of certificate, trust, and S/MIME profile objects. andre@0: * Within a crypto context, mappings of cert to trust and cert to S/MIME andre@0: * profile are always 1-1. Therefore, it is reasonable to store all objects andre@0: * in a single collection, indexed by the certificate. andre@0: */ andre@0: andre@0: NSS_EXTERN nssCertificateStore * andre@0: nssCertificateStore_Create andre@0: ( andre@0: NSSArena *arenaOpt andre@0: ); andre@0: andre@0: NSS_EXTERN PRStatus andre@0: nssCertificateStore_Destroy andre@0: ( andre@0: nssCertificateStore *store andre@0: ); andre@0: andre@0: /* Atomic Find cert in store, or add this cert to the store. andre@0: ** Ref counts properly maintained. andre@0: */ andre@0: NSS_EXTERN NSSCertificate * andre@0: nssCertificateStore_FindOrAdd andre@0: ( andre@0: nssCertificateStore *store, andre@0: NSSCertificate *c andre@0: ); andre@0: andre@0: NSS_EXTERN void andre@0: nssCertificateStore_RemoveCertLOCKED andre@0: ( andre@0: nssCertificateStore *store, andre@0: NSSCertificate *cert andre@0: ); andre@0: andre@0: struct nssCertificateStoreTraceStr { andre@0: nssCertificateStore* store; andre@0: PZLock* lock; andre@0: PRBool locked; andre@0: PRBool unlocked; andre@0: }; andre@0: andre@0: typedef struct nssCertificateStoreTraceStr nssCertificateStoreTrace; andre@0: andre@0: NSS_EXTERN void andre@0: nssCertificateStore_Lock ( andre@0: nssCertificateStore *store, nssCertificateStoreTrace* out andre@0: ); andre@0: andre@0: NSS_EXTERN void andre@0: nssCertificateStore_Unlock ( andre@0: nssCertificateStore *store, const nssCertificateStoreTrace* in, andre@0: nssCertificateStoreTrace* out andre@0: ); andre@0: andre@0: NSS_EXTERN NSSCertificate ** andre@0: nssCertificateStore_FindCertificatesBySubject andre@0: ( andre@0: nssCertificateStore *store, andre@0: NSSDER *subject, andre@0: NSSCertificate *rvOpt[], andre@0: PRUint32 maximumOpt, andre@0: NSSArena *arenaOpt andre@0: ); andre@0: andre@0: NSS_EXTERN NSSCertificate ** andre@0: nssCertificateStore_FindCertificatesByNickname andre@0: ( andre@0: nssCertificateStore *store, andre@0: const NSSUTF8 *nickname, andre@0: NSSCertificate *rvOpt[], andre@0: PRUint32 maximumOpt, andre@0: NSSArena *arenaOpt andre@0: ); andre@0: andre@0: NSS_EXTERN NSSCertificate ** andre@0: nssCertificateStore_FindCertificatesByEmail andre@0: ( andre@0: nssCertificateStore *store, andre@0: NSSASCII7 *email, andre@0: NSSCertificate *rvOpt[], andre@0: PRUint32 maximumOpt, andre@0: NSSArena *arenaOpt andre@0: ); andre@0: andre@0: NSS_EXTERN NSSCertificate * andre@0: nssCertificateStore_FindCertificateByIssuerAndSerialNumber andre@0: ( andre@0: nssCertificateStore *store, andre@0: NSSDER *issuer, andre@0: NSSDER *serial andre@0: ); andre@0: andre@0: NSS_EXTERN NSSCertificate * andre@0: nssCertificateStore_FindCertificateByEncodedCertificate andre@0: ( andre@0: nssCertificateStore *store, andre@0: NSSDER *encoding andre@0: ); andre@0: andre@0: NSS_EXTERN PRStatus andre@0: nssCertificateStore_AddTrust andre@0: ( andre@0: nssCertificateStore *store, andre@0: NSSTrust *trust andre@0: ); andre@0: andre@0: NSS_EXTERN NSSTrust * andre@0: nssCertificateStore_FindTrustForCertificate andre@0: ( andre@0: nssCertificateStore *store, andre@0: NSSCertificate *cert andre@0: ); andre@0: andre@0: NSS_EXTERN PRStatus andre@0: nssCertificateStore_AddSMIMEProfile andre@0: ( andre@0: nssCertificateStore *store, andre@0: nssSMIMEProfile *profile andre@0: ); andre@0: andre@0: NSS_EXTERN nssSMIMEProfile * andre@0: nssCertificateStore_FindSMIMEProfileForCertificate andre@0: ( andre@0: nssCertificateStore *store, andre@0: NSSCertificate *cert andre@0: ); andre@0: andre@0: NSS_EXTERN void andre@0: nssCertificateStore_DumpStoreInfo andre@0: ( andre@0: nssCertificateStore *store, andre@0: void (* cert_dump_iter)(const void *, void *, void *), andre@0: void *arg andre@0: ); andre@0: andre@0: PR_END_EXTERN_C andre@0: andre@0: #endif /* PKISTORE_H */