andre@0: /* This Source Code Form is subject to the terms of the Mozilla Public andre@0: * License, v. 2.0. If a copy of the MPL was not distributed with this andre@0: * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ andre@0: #include "sftkdbt.h" andre@0: #include "sdb.h" andre@0: #include "pkcs11i.h" andre@0: #include "pkcs11t.h" andre@0: andre@0: /* raw database stuff */ andre@0: CK_RV sftkdb_write(SFTKDBHandle *handle, SFTKObject *,CK_OBJECT_HANDLE *); andre@0: CK_RV sftkdb_FindObjectsInit(SFTKDBHandle *sdb, const CK_ATTRIBUTE *template, andre@0: CK_ULONG count, SDBFind **find); andre@0: CK_RV sftkdb_FindObjects(SFTKDBHandle *sdb, SDBFind *find, andre@0: CK_OBJECT_HANDLE *ids, int arraySize, CK_ULONG *count); andre@0: CK_RV sftkdb_FindObjectsFinal(SFTKDBHandle *sdb, SDBFind *find); andre@0: CK_RV sftkdb_GetAttributeValue(SFTKDBHandle *handle, andre@0: CK_OBJECT_HANDLE object_id, CK_ATTRIBUTE *template, CK_ULONG count); andre@0: CK_RV sftkdb_SetAttributeValue(SFTKDBHandle *handle, SFTKObject *object, andre@0: const CK_ATTRIBUTE *template, CK_ULONG count); andre@0: CK_RV sftkdb_DestroyObject(SFTKDBHandle *handle, CK_OBJECT_HANDLE object_id); andre@0: CK_RV sftkdb_closeDB(SFTKDBHandle *handle); andre@0: andre@0: /* keydb functions */ andre@0: andre@0: SECStatus sftkdb_PWIsInitialized(SFTKDBHandle *keydb); andre@0: SECStatus sftkdb_CheckPassword(SFTKDBHandle *keydb, const char *pw, andre@0: PRBool *tokenRemoved); andre@0: SECStatus sftkdb_PWCached(SFTKDBHandle *keydb); andre@0: SECStatus sftkdb_HasPasswordSet(SFTKDBHandle *keydb); andre@0: SECStatus sftkdb_ResetKeyDB(SFTKDBHandle *keydb); andre@0: SECStatus sftkdb_ChangePassword(SFTKDBHandle *keydb, andre@0: char *oldPin, char *newPin, andre@0: PRBool *tokenRemoved); andre@0: SECStatus sftkdb_ClearPassword(SFTKDBHandle *keydb); andre@0: PRBool sftkdb_InUpdateMerge(SFTKDBHandle *keydb); andre@0: PRBool sftkdb_NeedUpdateDBPassword(SFTKDBHandle *keydb); andre@0: const char *sftkdb_GetUpdateID(SFTKDBHandle *keydb); andre@0: SECItem *sftkdb_GetUpdatePasswordKey(SFTKDBHandle *keydb); andre@0: void sftkdb_FreeUpdatePasswordKey(SFTKDBHandle *keydb); andre@0: andre@0: /* Utility functions */ andre@0: /* andre@0: * OK there are now lots of options here, lets go through them all: andre@0: * andre@0: * configdir - base directory where all the cert, key, and module datbases live. andre@0: * certPrefix - prefix added to the beginning of the cert database example: " andre@0: * "https-server1-" andre@0: * keyPrefix - prefix added to the beginning of the key database example: " andre@0: * "https-server1-" andre@0: * secmodName - name of the security module database (usually "secmod.db"). andre@0: * readOnly - Boolean: true if the databases are to be openned read only. andre@0: * nocertdb - Don't open the cert DB and key DB's, just initialize the andre@0: * Volatile certdb. andre@0: * nomoddb - Don't open the security module DB, just initialize the andre@0: * PKCS #11 module. andre@0: * forceOpen - Continue to force initializations even if the databases cannot andre@0: * be opened. andre@0: */ andre@0: CK_RV sftk_DBInit(const char *configdir, const char *certPrefix, andre@0: const char *keyPrefix, const char *updatedir, andre@0: const char *updCertPrefix, const char *updKeyPrefix, andre@0: const char *updateID, PRBool readOnly, PRBool noCertDB, andre@0: PRBool noKeyDB, PRBool forceOpen, PRBool isFIPS, andre@0: SFTKDBHandle **certDB, SFTKDBHandle **keyDB); andre@0: CK_RV sftkdb_Shutdown(void); andre@0: andre@0: SFTKDBHandle *sftk_getCertDB(SFTKSlot *slot); andre@0: SFTKDBHandle *sftk_getKeyDB(SFTKSlot *slot); andre@0: SFTKDBHandle *sftk_getDBForTokenObject(SFTKSlot *slot, andre@0: CK_OBJECT_HANDLE objectID); andre@0: void sftk_freeDB(SFTKDBHandle *certHandle);