The Tor Browser / file comparison
comparison: security/nss/lib/pk11wrap/secmod.h
security/nss/lib/pk11wrap/secmod.h
- branch
- TOR_BUG_9701
- changeset 15
- b8a032363ba2
equal
deleted
inserted
replaced
| -1:000000000000 | 0:676555a03c39 |
|---|---|
| 1 /* This Source Code Form is subject to the terms of the Mozilla Public | |
| 2 * License, v. 2.0. If a copy of the MPL was not distributed with this | |
| 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | |
| 4 #ifndef _SECMOD_H_ | |
| 5 #define _SECMOD_H_ | |
| 6 #include "seccomon.h" | |
| 7 #include "secmodt.h" | |
| 8 #include "prinrval.h" | |
| 9 | |
| 10 /* These mechanisms flags are visible to all other libraries. */ | |
| 11 /* They must be converted to internal SECMOD_*_FLAG */ | |
| 12 /* if used inside the functions of the security library */ | |
| 13 #define PUBLIC_MECH_RSA_FLAG 0x00000001ul | |
| 14 #define PUBLIC_MECH_DSA_FLAG 0x00000002ul | |
| 15 #define PUBLIC_MECH_RC2_FLAG 0x00000004ul | |
| 16 #define PUBLIC_MECH_RC4_FLAG 0x00000008ul | |
| 17 #define PUBLIC_MECH_DES_FLAG 0x00000010ul | |
| 18 #define PUBLIC_MECH_DH_FLAG 0x00000020ul | |
| 19 #define PUBLIC_MECH_FORTEZZA_FLAG 0x00000040ul | |
| 20 #define PUBLIC_MECH_RC5_FLAG 0x00000080ul | |
| 21 #define PUBLIC_MECH_SHA1_FLAG 0x00000100ul | |
| 22 #define PUBLIC_MECH_MD5_FLAG 0x00000200ul | |
| 23 #define PUBLIC_MECH_MD2_FLAG 0x00000400ul | |
| 24 #define PUBLIC_MECH_SSL_FLAG 0x00000800ul | |
| 25 #define PUBLIC_MECH_TLS_FLAG 0x00001000ul | |
| 26 #define PUBLIC_MECH_AES_FLAG 0x00002000ul | |
| 27 #define PUBLIC_MECH_SHA256_FLAG 0x00004000ul | |
| 28 #define PUBLIC_MECH_SHA512_FLAG 0x00008000ul | |
| 29 #define PUBLIC_MECH_CAMELLIA_FLAG 0x00010000ul | |
| 30 #define PUBLIC_MECH_SEED_FLAG 0x00020000ul | |
| 31 #define PUBLIC_MECH_ECC_FLAG 0x00040000ul | |
| 32 | |
| 33 #define PUBLIC_MECH_RANDOM_FLAG 0x08000000ul | |
| 34 #define PUBLIC_MECH_FRIENDLY_FLAG 0x10000000ul | |
| 35 #define PUBLIC_OWN_PW_DEFAULTS 0X20000000ul | |
| 36 #define PUBLIC_DISABLE_FLAG 0x40000000ul | |
| 37 | |
| 38 /* warning: reserved means reserved */ | |
| 39 #define PUBLIC_MECH_RESERVED_FLAGS 0x87FF0000ul | |
| 40 | |
| 41 /* These cipher flags are visible to all other libraries, */ | |
| 42 /* But they must be converted before used in functions */ | |
| 43 /* withing the security module */ | |
| 44 #define PUBLIC_CIPHER_FORTEZZA_FLAG 0x00000001ul | |
| 45 | |
| 46 /* warning: reserved means reserved */ | |
| 47 #define PUBLIC_CIPHER_RESERVED_FLAGS 0xFFFFFFFEul | |
| 48 | |
| 49 SEC_BEGIN_PROTOS | |
| 50 | |
| 51 /* | |
| 52 * the following functions are going to be deprecated in NSS 4.0 in | |
| 53 * favor of the new stan functions. | |
| 54 */ | |
| 55 | |
| 56 /* Initialization */ | |
| 57 extern SECMODModule *SECMOD_LoadModule(char *moduleSpec,SECMODModule *parent, | |
| 58 PRBool recurse); | |
| 59 | |
| 60 extern SECMODModule *SECMOD_LoadUserModule(char *moduleSpec,SECMODModule *parent, | |
| 61 PRBool recurse); | |
| 62 | |
| 63 SECStatus SECMOD_UnloadUserModule(SECMODModule *mod); | |
| 64 | |
| 65 SECMODModule * SECMOD_CreateModule(const char *lib, const char *name, | |
| 66 const char *param, const char *nss); | |
| 67 /* | |
| 68 * After a fork(), PKCS #11 says we need to call C_Initialize again in | |
| 69 * the child before we can use the module. This function causes this | |
| 70 * reinitialization. | |
| 71 * NOTE: Any outstanding handles will become invalid, which means your | |
| 72 * keys and contexts will fail, but new ones can be created. | |
| 73 * | |
| 74 * Setting 'force' to true means to do the reinitialization even if the | |
| 75 * PKCS #11 module does not seem to need it. This allows software modules | |
| 76 * which ignore fork to preserve their keys across the fork(). | |
| 77 */ | |
| 78 SECStatus SECMOD_RestartModules(PRBool force); | |
| 79 | |
| 80 | |
| 81 /* Module Management */ | |
| 82 char **SECMOD_GetModuleSpecList(SECMODModule *module); | |
| 83 SECStatus SECMOD_FreeModuleSpecList(SECMODModule *module,char **moduleSpecList); | |
| 84 | |
| 85 | |
| 86 /* protoypes */ | |
| 87 /* Get a list of active PKCS #11 modules */ | |
| 88 extern SECMODModuleList *SECMOD_GetDefaultModuleList(void); | |
| 89 /* Get a list of defined but not loaded PKCS #11 modules */ | |
| 90 extern SECMODModuleList *SECMOD_GetDeadModuleList(void); | |
| 91 /* Get a list of Modules which define PKCS #11 modules to load */ | |
| 92 extern SECMODModuleList *SECMOD_GetDBModuleList(void); | |
| 93 | |
| 94 /* lock to protect all three module lists above */ | |
| 95 extern SECMODListLock *SECMOD_GetDefaultModuleListLock(void); | |
| 96 | |
| 97 extern SECStatus SECMOD_UpdateModule(SECMODModule *module); | |
| 98 | |
| 99 /* lock management */ | |
| 100 extern void SECMOD_GetReadLock(SECMODListLock *); | |
| 101 extern void SECMOD_ReleaseReadLock(SECMODListLock *); | |
| 102 | |
| 103 /* Operate on modules by name */ | |
| 104 extern SECMODModule *SECMOD_FindModule(const char *name); | |
| 105 extern SECStatus SECMOD_DeleteModule(const char *name, int *type); | |
| 106 extern SECStatus SECMOD_DeleteModuleEx(const char * name, | |
| 107 SECMODModule *mod, | |
| 108 int *type, | |
| 109 PRBool permdb); | |
| 110 extern SECStatus SECMOD_DeleteInternalModule(const char *name); | |
| 111 extern PRBool SECMOD_CanDeleteInternalModule(void); | |
| 112 extern SECStatus SECMOD_AddNewModule(const char* moduleName, | |
| 113 const char* dllPath, | |
| 114 unsigned long defaultMechanismFlags, | |
| 115 unsigned long cipherEnableFlags); | |
| 116 extern SECStatus SECMOD_AddNewModuleEx(const char* moduleName, | |
| 117 const char* dllPath, | |
| 118 unsigned long defaultMechanismFlags, | |
| 119 unsigned long cipherEnableFlags, | |
| 120 char* modparms, | |
| 121 char* nssparms); | |
| 122 | |
| 123 /* database/memory management */ | |
| 124 extern SECMODModule *SECMOD_GetInternalModule(void); | |
| 125 extern SECMODModule *SECMOD_ReferenceModule(SECMODModule *module); | |
| 126 extern void SECMOD_DestroyModule(SECMODModule *module); | |
| 127 extern PK11SlotInfo *SECMOD_LookupSlot(SECMODModuleID module, | |
| 128 unsigned long slotID); | |
| 129 extern PK11SlotInfo *SECMOD_FindSlot(SECMODModule *module,const char *name); | |
| 130 | |
| 131 /* Funtion reports true if at least one of the modules */ | |
| 132 /* of modType has been installed */ | |
| 133 PRBool SECMOD_IsModulePresent( unsigned long int pubCipherEnableFlags ); | |
| 134 | |
| 135 /* accessors */ | |
| 136 PRBool SECMOD_GetSkipFirstFlag(SECMODModule *mod); | |
| 137 PRBool SECMOD_GetDefaultModDBFlag(SECMODModule *mod); | |
| 138 | |
| 139 /* Functions used to convert between internal & public representation | |
| 140 * of Mechanism Flags and Cipher Enable Flags */ | |
| 141 extern unsigned long SECMOD_PubMechFlagstoInternal(unsigned long publicFlags); | |
| 142 extern unsigned long SECMOD_InternaltoPubMechFlags(unsigned long internalFlags); | |
| 143 extern unsigned long SECMOD_PubCipherFlagstoInternal(unsigned long publicFlags); | |
| 144 | |
| 145 PRBool SECMOD_HasRemovableSlots(SECMODModule *mod); | |
| 146 PK11SlotInfo *SECMOD_WaitForAnyTokenEvent(SECMODModule *mod, | |
| 147 unsigned long flags, PRIntervalTime latency); | |
| 148 /* | |
| 149 * Warning: the SECMOD_CancelWait function is highly destructive, potentially | |
| 150 * finalizing the module 'mod' (causing inprogress operations to fail, | |
| 151 * and session key material to disappear). It should only be called when | |
| 152 * shutting down the module. | |
| 153 */ | |
| 154 SECStatus SECMOD_CancelWait(SECMODModule *mod); | |
| 155 /* | |
| 156 * check to see if the module has added new slots. PKCS 11 v2.20 allows for | |
| 157 * modules to add new slots, but never remove them. Slots not be added between | |
| 158 * a call to C_GetSlotLlist(Flag, NULL, &count) and the corresponding | |
| 159 * C_GetSlotList(flag, &data, &count) so that the array doesn't accidently | |
| 160 * grow on the caller. It is permissible for the slots to increase between | |
| 161 * corresponding calls with NULL to get the size. | |
| 162 */ | |
| 163 SECStatus SECMOD_UpdateSlotList(SECMODModule *mod); | |
| 164 SEC_END_PROTOS | |
| 165 | |
| 166 #endif |
