The Tor Browser: security/nss/lib/softoken/legacydb/pcert.h@b8a032363ba2 (annotated)

security/nss/lib/softoken/legacydb/pcert.h@b8a032363ba2 (annotated)

security/nss/lib/softoken/legacydb/pcert.h

Thu, 22 Jan 2015 13:21:57 +0100

author: Michael Schloh von Bennewitz <michael@schloh.com>
date: Thu, 22 Jan 2015 13:21:57 +0100
branch: TOR_BUG_9701
changeset 15: b8a032363ba2
permissions: -rw-r--r--

Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6

 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 #ifndef _PCERTDB_H_
 #define _PCERTDB_H_
 #include "plarena.h"
 #include "prlong.h"
 #include "pcertt.h"
 #include "lowkeyti.h" 	/* for struct NSSLOWKEYPublicKeyStr */
 SEC_BEGIN_PROTOS
 /*
  * initialize any global certificate locks
  */
 SECStatus nsslowcert_InitLocks(void);
 /*
 ** Add a DER encoded certificate to the permanent database.
 **	"derCert" is the DER encoded certificate.
 **	"nickname" is the nickname to use for the cert
 **	"trust" is the trust parameters for the cert
 */
 SECStatus nsslowcert_AddPermCert(NSSLOWCERTCertDBHandle *handle,
 			NSSLOWCERTCertificate *cert,
 				char *nickname, NSSLOWCERTCertTrust *trust);
 SECStatus nsslowcert_AddPermNickname(NSSLOWCERTCertDBHandle *dbhandle,
 				NSSLOWCERTCertificate *cert, char *nickname);
 SECStatus nsslowcert_DeletePermCertificate(NSSLOWCERTCertificate *cert);
 typedef SECStatus (PR_CALLBACK * PermCertCallback)(NSSLOWCERTCertificate *cert,
                                                    SECItem *k, void *pdata);
 /*
 ** Traverse the entire permanent database, and pass the certs off to a
 ** user supplied function.
 **	"certfunc" is the user function to call for each certificate
 **	"udata" is the user's data, which is passed through to "certfunc"
 */
 SECStatus
 nsslowcert_TraversePermCerts(NSSLOWCERTCertDBHandle *handle,
 		      PermCertCallback certfunc,
 		      void *udata );
 PRBool
 nsslowcert_CertDBKeyConflict(SECItem *derCert, NSSLOWCERTCertDBHandle *handle);
 certDBEntryRevocation *
 nsslowcert_FindCrlByKey(NSSLOWCERTCertDBHandle *handle,
 					 SECItem *crlKey, PRBool isKRL);
 SECStatus
 nsslowcert_DeletePermCRL(NSSLOWCERTCertDBHandle *handle,const SECItem *derName,
 								PRBool isKRL);
 SECStatus
 nsslowcert_AddCrl(NSSLOWCERTCertDBHandle *handle, SECItem *derCrl ,
 				SECItem *derKey, char *url, PRBool isKRL);
 NSSLOWCERTCertDBHandle *nsslowcert_GetDefaultCertDB();
 NSSLOWKEYPublicKey *nsslowcert_ExtractPublicKey(NSSLOWCERTCertificate *);
 NSSLOWCERTCertificate *
 nsslowcert_NewTempCertificate(NSSLOWCERTCertDBHandle *handle, SECItem *derCert,
                         char *nickname, PRBool isperm, PRBool copyDER);
 NSSLOWCERTCertificate *
 nsslowcert_DupCertificate(NSSLOWCERTCertificate *cert);
 void nsslowcert_DestroyCertificate(NSSLOWCERTCertificate *cert);
 void nsslowcert_DestroyTrust(NSSLOWCERTTrust *Trust);
 /*
  * Lookup a certificate in the databases without locking
  *	"certKey" is the database key to look for
  *
  * XXX - this should be internal, but pkcs 11 needs to call it during a
  * traversal.
  */
 NSSLOWCERTCertificate *
 nsslowcert_FindCertByKey(NSSLOWCERTCertDBHandle *handle, const SECItem *certKey);
 /*
  * Lookup trust for a certificate in the databases without locking
  *	"certKey" is the database key to look for
  *
  * XXX - this should be internal, but pkcs 11 needs to call it during a
  * traversal.
  */
 NSSLOWCERTTrust *
 nsslowcert_FindTrustByKey(NSSLOWCERTCertDBHandle *handle, const SECItem *certKey);
 /*
 ** Generate a certificate key from the issuer and serialnumber, then look it
 ** up in the database.  Return the cert if found.
 **	"issuerAndSN" is the issuer and serial number to look for
 */
 extern NSSLOWCERTCertificate *
 nsslowcert_FindCertByIssuerAndSN (NSSLOWCERTCertDBHandle *handle, NSSLOWCERTIssuerAndSN *issuerAndSN);
 /*
 ** Generate a certificate key from the issuer and serialnumber, then look it
 ** up in the database.  Return the cert if found.
 **	"issuerAndSN" is the issuer and serial number to look for
 */
 extern NSSLOWCERTTrust *
 nsslowcert_FindTrustByIssuerAndSN (NSSLOWCERTCertDBHandle *handle, NSSLOWCERTIssuerAndSN *issuerAndSN);
 /*
 ** Find a certificate in the database by a DER encoded certificate
 **	"derCert" is the DER encoded certificate
 */
 extern NSSLOWCERTCertificate *
 nsslowcert_FindCertByDERCert(NSSLOWCERTCertDBHandle *handle, SECItem *derCert);
 /* convert an email address to lower case */
 char *nsslowcert_FixupEmailAddr(char *emailAddr);
 /*
 ** Decode a DER encoded certificate into an NSSLOWCERTCertificate structure
 **      "derSignedCert" is the DER encoded signed certificate
 **      "copyDER" is true if the DER should be copied, false if the
 **              existing copy should be referenced
 **      "nickname" is the nickname to use in the database.  If it is NULL
 **              then a temporary nickname is generated.
 */
 extern NSSLOWCERTCertificate *
 nsslowcert_DecodeDERCertificate (SECItem *derSignedCert, char *nickname);
 SECStatus
 nsslowcert_KeyFromDERCert(PLArenaPool *arena, SECItem *derCert, SECItem *key);
 certDBEntrySMime *
 nsslowcert_ReadDBSMimeEntry(NSSLOWCERTCertDBHandle *certHandle,
 							 char *emailAddr);
 void
 nsslowcert_DestroyDBEntry(certDBEntry *entry);
 SECStatus
 nsslowcert_OpenCertDB(NSSLOWCERTCertDBHandle *handle, PRBool readOnly,
 		const char *domain, const char *prefix,
                 NSSLOWCERTDBNameFunc namecb, void *cbarg, PRBool openVolatile);
 void
 nsslowcert_ClosePermCertDB(NSSLOWCERTCertDBHandle *handle);
 /*
  * is certa newer than certb?  If one is expired, pick the other one.
  */
 PRBool
 nsslowcert_IsNewer(NSSLOWCERTCertificate *certa, NSSLOWCERTCertificate *certb);
 SECStatus
 nsslowcert_TraverseDBEntries(NSSLOWCERTCertDBHandle *handle,
 		      certDBEntryType type,
 		      SECStatus (* callback)(SECItem *data, SECItem *key,
 					    certDBEntryType type, void *pdata),
 		      void *udata );
 SECStatus
 nsslowcert_TraversePermCertsForSubject(NSSLOWCERTCertDBHandle *handle,
 				 SECItem *derSubject,
 				 NSSLOWCERTCertCallback cb, void *cbarg);
 int
 nsslowcert_NumPermCertsForSubject(NSSLOWCERTCertDBHandle *handle,
 							 SECItem *derSubject);
 SECStatus
 nsslowcert_TraversePermCertsForNickname(NSSLOWCERTCertDBHandle *handle,
 	 	char *nickname, NSSLOWCERTCertCallback cb, void *cbarg);
 int
 nsslowcert_NumPermCertsForNickname(NSSLOWCERTCertDBHandle *handle,
 							char *nickname);
 SECStatus
 nsslowcert_GetCertTrust(NSSLOWCERTCertificate *cert,
 					 NSSLOWCERTCertTrust *trust);
 SECStatus
 nsslowcert_SaveSMimeProfile(NSSLOWCERTCertDBHandle *dbhandle, char *emailAddr,
 	SECItem *derSubject, SECItem *emailProfile, SECItem *profileTime);
 /*
  * Change the trust attributes of a certificate and make them permanent
  * in the database.
  */
 SECStatus
 nsslowcert_ChangeCertTrust(NSSLOWCERTCertDBHandle *handle,
 	  	NSSLOWCERTCertificate *cert, NSSLOWCERTCertTrust *trust);
 PRBool
 nsslowcert_needDBVerify(NSSLOWCERTCertDBHandle *handle);
 void
 nsslowcert_setDBVerify(NSSLOWCERTCertDBHandle *handle, PRBool value);
 PRBool
 nsslowcert_hasTrust(NSSLOWCERTCertTrust *trust);
 void
 nsslowcert_DestroyFreeLists(void);
 void
 nsslowcert_DestroyGlobalLocks(void);
 void
 pkcs11_freeNickname(char *nickname, char *space);
 char *
 pkcs11_copyNickname(char *nickname, char *space, int spaceLen);
 void
 pkcs11_freeStaticData(unsigned char *data, unsigned char *space);
 unsigned char *
 pkcs11_allocStaticData(int datalen, unsigned char *space, int spaceLen);
 unsigned char *
 pkcs11_copyStaticData(unsigned char *data, int datalen, unsigned char *space,
 						int spaceLen);
 NSSLOWCERTCertificate *
 nsslowcert_CreateCert(void);
 certDBEntry *
 nsslowcert_DecodeAnyDBEntry(SECItem *dbData, const SECItem *dbKey,
                             certDBEntryType entryType, void *pdata);
 SEC_END_PROTOS
  #endif /* _PCERTDB_H_ */

The Tor Browser / annotate

security/nss/lib/softoken/legacydb/pcert.h@b8a032363ba2 (annotated)

security/nss/lib/softoken/legacydb/pcert.h