1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/security/nss/lib/dev/dev.h Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,938 @@
1.4 +/* This Source Code Form is subject to the terms of the Mozilla Public
1.5 + * License, v. 2.0. If a copy of the MPL was not distributed with this
1.6 + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
1.7 +
1.8 +#ifndef DEV_H
1.9 +#define DEV_H
1.10 +
1.11 +/*
1.12 + * dev.h
1.13 + *
1.14 + * Low-level methods for interaction with cryptoki devices
1.15 + */
1.16 +
1.17 +#ifndef NSSDEV_H
1.18 +#include "nssdev.h"
1.19 +#endif /* NSSDEV_H */
1.20 +
1.21 +#ifndef DEVT_H
1.22 +#include "devt.h"
1.23 +#endif /* DEVT_H */
1.24 +
1.25 +PR_BEGIN_EXTERN_C
1.26 +
1.27 +/* the global module list
1.28 + *
1.29 + * These functions are for managing the global set of modules. Trust Domains,
1.30 + * etc., will draw from this set. These functions are completely internal
1.31 + * and only invoked when there are changes to the global module state
1.32 + * (load or unload).
1.33 + *
1.34 + * nss_InitializeGlobalModuleList
1.35 + * nss_DestroyGlobalModuleList
1.36 + * nss_GetLoadedModules
1.37 + *
1.38 + * nssGlobalModuleList_Add
1.39 + * nssGlobalModuleList_Remove
1.40 + * nssGlobalModuleList_FindModuleByName
1.41 + * nssGlobalModuleList_FindSlotByName
1.42 + * nssGlobalModuleList_FindTokenByName
1.43 + */
1.44 +
1.45 +NSS_EXTERN PRStatus
1.46 +nss_InitializeGlobalModuleList
1.47 +(
1.48 + void
1.49 +);
1.50 +
1.51 +NSS_EXTERN PRStatus
1.52 +nss_DestroyGlobalModuleList
1.53 +(
1.54 + void
1.55 +);
1.56 +
1.57 +NSS_EXTERN NSSModule **
1.58 +nss_GetLoadedModules
1.59 +(
1.60 + void
1.61 +);
1.62 +
1.63 +NSS_EXTERN PRStatus
1.64 +nssGlobalModuleList_Add
1.65 +(
1.66 + NSSModule *module
1.67 +);
1.68 +
1.69 +NSS_EXTERN PRStatus
1.70 +nssGlobalModuleList_Remove
1.71 +(
1.72 + NSSModule *module
1.73 +);
1.74 +
1.75 +NSS_EXTERN NSSModule *
1.76 +nssGlobalModuleList_FindModuleByName
1.77 +(
1.78 + NSSUTF8 *moduleName
1.79 +);
1.80 +
1.81 +NSS_EXTERN NSSSlot *
1.82 +nssGlobalModuleList_FindSlotByName
1.83 +(
1.84 + NSSUTF8 *slotName
1.85 +);
1.86 +
1.87 +NSS_EXTERN NSSToken *
1.88 +nssGlobalModuleList_FindTokenByName
1.89 +(
1.90 + NSSUTF8 *tokenName
1.91 +);
1.92 +
1.93 +NSS_EXTERN NSSToken *
1.94 +nss_GetDefaultCryptoToken
1.95 +(
1.96 + void
1.97 +);
1.98 +
1.99 +NSS_EXTERN NSSToken *
1.100 +nss_GetDefaultDatabaseToken
1.101 +(
1.102 + void
1.103 +);
1.104 +
1.105 +/*
1.106 + * |-----------|<---> NSSSlot <--> NSSToken
1.107 + * | NSSModule |<---> NSSSlot <--> NSSToken
1.108 + * |-----------|<---> NSSSlot <--> NSSToken
1.109 + */
1.110 +
1.111 +/* NSSModule
1.112 + *
1.113 + * nssModule_Create
1.114 + * nssModule_CreateFromSpec
1.115 + * nssModule_AddRef
1.116 + * nssModule_GetName
1.117 + * nssModule_GetSlots
1.118 + * nssModule_FindSlotByName
1.119 + * nssModule_FindTokenByName
1.120 + * nssModule_GetCertOrder
1.121 + */
1.122 +
1.123 +NSS_EXTERN NSSModule *
1.124 +nssModule_Create
1.125 +(
1.126 + NSSUTF8 *moduleOpt,
1.127 + NSSUTF8 *uriOpt,
1.128 + NSSUTF8 *opaqueOpt,
1.129 + void *reserved
1.130 +);
1.131 +
1.132 +/* This is to use the new loading mechanism. */
1.133 +NSS_EXTERN NSSModule *
1.134 +nssModule_CreateFromSpec
1.135 +(
1.136 + NSSUTF8 *moduleSpec,
1.137 + NSSModule *parent,
1.138 + PRBool loadSubModules
1.139 +);
1.140 +
1.141 +NSS_EXTERN PRStatus
1.142 +nssModule_Destroy
1.143 +(
1.144 + NSSModule *mod
1.145 +);
1.146 +
1.147 +NSS_EXTERN NSSModule *
1.148 +nssModule_AddRef
1.149 +(
1.150 + NSSModule *mod
1.151 +);
1.152 +
1.153 +NSS_EXTERN NSSUTF8 *
1.154 +nssModule_GetName
1.155 +(
1.156 + NSSModule *mod
1.157 +);
1.158 +
1.159 +NSS_EXTERN NSSSlot **
1.160 +nssModule_GetSlots
1.161 +(
1.162 + NSSModule *mod
1.163 +);
1.164 +
1.165 +NSS_EXTERN NSSSlot *
1.166 +nssModule_FindSlotByName
1.167 +(
1.168 + NSSModule *mod,
1.169 + NSSUTF8 *slotName
1.170 +);
1.171 +
1.172 +NSS_EXTERN NSSToken *
1.173 +nssModule_FindTokenByName
1.174 +(
1.175 + NSSModule *mod,
1.176 + NSSUTF8 *tokenName
1.177 +);
1.178 +
1.179 +NSS_EXTERN PRInt32
1.180 +nssModule_GetCertOrder
1.181 +(
1.182 + NSSModule *module
1.183 +);
1.184 +
1.185 +/* NSSSlot
1.186 + *
1.187 + * nssSlot_Destroy
1.188 + * nssSlot_AddRef
1.189 + * nssSlot_GetName
1.190 + * nssSlot_GetTokenName
1.191 + * nssSlot_IsTokenPresent
1.192 + * nssSlot_IsPermanent
1.193 + * nssSlot_IsFriendly
1.194 + * nssSlot_IsHardware
1.195 + * nssSlot_Refresh
1.196 + * nssSlot_GetModule
1.197 + * nssSlot_GetToken
1.198 + * nssSlot_Login
1.199 + * nssSlot_Logout
1.200 + * nssSlot_SetPassword
1.201 + * nssSlot_CreateSession
1.202 + */
1.203 +
1.204 +NSS_EXTERN PRStatus
1.205 +nssSlot_Destroy
1.206 +(
1.207 + NSSSlot *slot
1.208 +);
1.209 +
1.210 +NSS_EXTERN NSSSlot *
1.211 +nssSlot_AddRef
1.212 +(
1.213 + NSSSlot *slot
1.214 +);
1.215 +
1.216 +NSS_EXTERN void
1.217 +nssSlot_ResetDelay
1.218 +(
1.219 + NSSSlot *slot
1.220 +);
1.221 +
1.222 +NSS_EXTERN NSSUTF8 *
1.223 +nssSlot_GetName
1.224 +(
1.225 + NSSSlot *slot
1.226 +);
1.227 +
1.228 +NSS_EXTERN NSSUTF8 *
1.229 +nssSlot_GetTokenName
1.230 +(
1.231 + NSSSlot *slot
1.232 +);
1.233 +
1.234 +NSS_EXTERN NSSModule *
1.235 +nssSlot_GetModule
1.236 +(
1.237 + NSSSlot *slot
1.238 +);
1.239 +
1.240 +NSS_EXTERN NSSToken *
1.241 +nssSlot_GetToken
1.242 +(
1.243 + NSSSlot *slot
1.244 +);
1.245 +
1.246 +NSS_EXTERN PRBool
1.247 +nssSlot_IsTokenPresent
1.248 +(
1.249 + NSSSlot *slot
1.250 +);
1.251 +
1.252 +NSS_EXTERN PRBool
1.253 +nssSlot_IsPermanent
1.254 +(
1.255 + NSSSlot *slot
1.256 +);
1.257 +
1.258 +NSS_EXTERN PRBool
1.259 +nssSlot_IsFriendly
1.260 +(
1.261 + NSSSlot *slot
1.262 +);
1.263 +
1.264 +NSS_EXTERN PRBool
1.265 +nssSlot_IsHardware
1.266 +(
1.267 + NSSSlot *slot
1.268 +);
1.269 +
1.270 +NSS_EXTERN PRBool
1.271 +nssSlot_IsLoggedIn
1.272 +(
1.273 + NSSSlot *slot
1.274 +);
1.275 +
1.276 +NSS_EXTERN PRStatus
1.277 +nssSlot_Refresh
1.278 +(
1.279 + NSSSlot *slot
1.280 +);
1.281 +
1.282 +NSS_EXTERN PRStatus
1.283 +nssSlot_Login
1.284 +(
1.285 + NSSSlot *slot,
1.286 + NSSCallback *pwcb
1.287 +);
1.288 +extern const NSSError NSS_ERROR_INVALID_PASSWORD;
1.289 +extern const NSSError NSS_ERROR_USER_CANCELED;
1.290 +
1.291 +NSS_EXTERN PRStatus
1.292 +nssSlot_Logout
1.293 +(
1.294 + NSSSlot *slot,
1.295 + nssSession *sessionOpt
1.296 +);
1.297 +
1.298 +NSS_EXTERN void
1.299 +nssSlot_EnterMonitor
1.300 +(
1.301 + NSSSlot *slot
1.302 +);
1.303 +
1.304 +NSS_EXTERN void
1.305 +nssSlot_ExitMonitor
1.306 +(
1.307 + NSSSlot *slot
1.308 +);
1.309 +
1.310 +#define NSSSLOT_ASK_PASSWORD_FIRST_TIME -1
1.311 +#define NSSSLOT_ASK_PASSWORD_EVERY_TIME 0
1.312 +NSS_EXTERN void
1.313 +nssSlot_SetPasswordDefaults
1.314 +(
1.315 + NSSSlot *slot,
1.316 + PRInt32 askPasswordTimeout
1.317 +);
1.318 +
1.319 +NSS_EXTERN PRStatus
1.320 +nssSlot_SetPassword
1.321 +(
1.322 + NSSSlot *slot,
1.323 + NSSUTF8 *oldPasswordOpt,
1.324 + NSSUTF8 *newPassword
1.325 +);
1.326 +extern const NSSError NSS_ERROR_INVALID_PASSWORD;
1.327 +extern const NSSError NSS_ERROR_USER_CANCELED;
1.328 +
1.329 +/*
1.330 + * nssSlot_IsLoggedIn
1.331 + */
1.332 +
1.333 +NSS_EXTERN nssSession *
1.334 +nssSlot_CreateSession
1.335 +(
1.336 + NSSSlot *slot,
1.337 + NSSArena *arenaOpt,
1.338 + PRBool readWrite /* so far, this is the only flag used */
1.339 +);
1.340 +
1.341 +/* NSSToken
1.342 + *
1.343 + * nssToken_Destroy
1.344 + * nssToken_AddRef
1.345 + * nssToken_GetName
1.346 + * nssToken_GetModule
1.347 + * nssToken_GetSlot
1.348 + * nssToken_NeedsPINInitialization
1.349 + * nssToken_ImportCertificate
1.350 + * nssToken_ImportTrust
1.351 + * nssToken_ImportCRL
1.352 + * nssToken_GenerateKeyPair
1.353 + * nssToken_GenerateSymmetricKey
1.354 + * nssToken_DeleteStoredObject
1.355 + * nssToken_FindObjects
1.356 + * nssToken_FindCertificatesBySubject
1.357 + * nssToken_FindCertificatesByNickname
1.358 + * nssToken_FindCertificatesByEmail
1.359 + * nssToken_FindCertificateByIssuerAndSerialNumber
1.360 + * nssToken_FindCertificateByEncodedCertificate
1.361 + * nssToken_FindTrustForCertificate
1.362 + * nssToken_FindCRLsBySubject
1.363 + * nssToken_FindPrivateKeys
1.364 + * nssToken_FindPrivateKeyByID
1.365 + * nssToken_Digest
1.366 + * nssToken_BeginDigest
1.367 + * nssToken_ContinueDigest
1.368 + * nssToken_FinishDigest
1.369 + */
1.370 +
1.371 +NSS_EXTERN PRStatus
1.372 +nssToken_Destroy
1.373 +(
1.374 + NSSToken *tok
1.375 +);
1.376 +
1.377 +NSS_EXTERN NSSToken *
1.378 +nssToken_AddRef
1.379 +(
1.380 + NSSToken *tok
1.381 +);
1.382 +
1.383 +NSS_EXTERN NSSUTF8 *
1.384 +nssToken_GetName
1.385 +(
1.386 + NSSToken *tok
1.387 +);
1.388 +
1.389 +NSS_EXTERN NSSModule *
1.390 +nssToken_GetModule
1.391 +(
1.392 + NSSToken *token
1.393 +);
1.394 +
1.395 +NSS_EXTERN NSSSlot *
1.396 +nssToken_GetSlot
1.397 +(
1.398 + NSSToken *tok
1.399 +);
1.400 +
1.401 +NSS_EXTERN PRBool
1.402 +nssToken_NeedsPINInitialization
1.403 +(
1.404 + NSSToken *token
1.405 +);
1.406 +
1.407 +NSS_EXTERN nssCryptokiObject *
1.408 +nssToken_ImportCertificate
1.409 +(
1.410 + NSSToken *tok,
1.411 + nssSession *sessionOpt,
1.412 + NSSCertificateType certType,
1.413 + NSSItem *id,
1.414 + const NSSUTF8 *nickname,
1.415 + NSSDER *encoding,
1.416 + NSSDER *issuer,
1.417 + NSSDER *subject,
1.418 + NSSDER *serial,
1.419 + NSSASCII7 *emailAddr,
1.420 + PRBool asTokenObject
1.421 +);
1.422 +
1.423 +NSS_EXTERN nssCryptokiObject *
1.424 +nssToken_ImportTrust
1.425 +(
1.426 + NSSToken *tok,
1.427 + nssSession *sessionOpt,
1.428 + NSSDER *certEncoding,
1.429 + NSSDER *certIssuer,
1.430 + NSSDER *certSerial,
1.431 + nssTrustLevel serverAuth,
1.432 + nssTrustLevel clientAuth,
1.433 + nssTrustLevel codeSigning,
1.434 + nssTrustLevel emailProtection,
1.435 + PRBool stepUpApproved,
1.436 + PRBool asTokenObject
1.437 +);
1.438 +
1.439 +NSS_EXTERN nssCryptokiObject *
1.440 +nssToken_ImportCRL
1.441 +(
1.442 + NSSToken *token,
1.443 + nssSession *sessionOpt,
1.444 + NSSDER *subject,
1.445 + NSSDER *encoding,
1.446 + PRBool isKRL,
1.447 + NSSUTF8 *url,
1.448 + PRBool asTokenObject
1.449 +);
1.450 +
1.451 +/* Permanently remove an object from the token. */
1.452 +NSS_EXTERN PRStatus
1.453 +nssToken_DeleteStoredObject
1.454 +(
1.455 + nssCryptokiObject *instance
1.456 +);
1.457 +
1.458 +NSS_EXTERN nssCryptokiObject **
1.459 +nssToken_FindObjects
1.460 +(
1.461 + NSSToken *token,
1.462 + nssSession *sessionOpt,
1.463 + CK_OBJECT_CLASS objclass,
1.464 + nssTokenSearchType searchType,
1.465 + PRUint32 maximumOpt,
1.466 + PRStatus *statusOpt
1.467 +);
1.468 +
1.469 +NSS_EXTERN nssCryptokiObject **
1.470 +nssToken_FindCertificatesBySubject
1.471 +(
1.472 + NSSToken *token,
1.473 + nssSession *sessionOpt,
1.474 + NSSDER *subject,
1.475 + nssTokenSearchType searchType,
1.476 + PRUint32 maximumOpt,
1.477 + PRStatus *statusOpt
1.478 +);
1.479 +
1.480 +NSS_EXTERN nssCryptokiObject **
1.481 +nssToken_FindCertificatesByNickname
1.482 +(
1.483 + NSSToken *token,
1.484 + nssSession *sessionOpt,
1.485 + const NSSUTF8 *name,
1.486 + nssTokenSearchType searchType,
1.487 + PRUint32 maximumOpt,
1.488 + PRStatus *statusOpt
1.489 +);
1.490 +
1.491 +NSS_EXTERN nssCryptokiObject **
1.492 +nssToken_FindCertificatesByEmail
1.493 +(
1.494 + NSSToken *token,
1.495 + nssSession *sessionOpt,
1.496 + NSSASCII7 *email,
1.497 + nssTokenSearchType searchType,
1.498 + PRUint32 maximumOpt,
1.499 + PRStatus *statusOpt
1.500 +);
1.501 +
1.502 +NSS_EXTERN nssCryptokiObject **
1.503 +nssToken_FindCertificatesByID
1.504 +(
1.505 + NSSToken *token,
1.506 + nssSession *sessionOpt,
1.507 + NSSItem *id,
1.508 + nssTokenSearchType searchType,
1.509 + PRUint32 maximumOpt,
1.510 + PRStatus *statusOpt
1.511 +);
1.512 +
1.513 +NSS_EXTERN nssCryptokiObject *
1.514 +nssToken_FindCertificateByIssuerAndSerialNumber
1.515 +(
1.516 + NSSToken *token,
1.517 + nssSession *sessionOpt,
1.518 + NSSDER *issuer,
1.519 + NSSDER *serial,
1.520 + nssTokenSearchType searchType,
1.521 + PRStatus *statusOpt
1.522 +);
1.523 +
1.524 +NSS_EXTERN nssCryptokiObject *
1.525 +nssToken_FindCertificateByEncodedCertificate
1.526 +(
1.527 + NSSToken *token,
1.528 + nssSession *sessionOpt,
1.529 + NSSBER *encodedCertificate,
1.530 + nssTokenSearchType searchType,
1.531 + PRStatus *statusOpt
1.532 +);
1.533 +
1.534 +NSS_EXTERN nssCryptokiObject *
1.535 +nssToken_FindTrustForCertificate
1.536 +(
1.537 + NSSToken *token,
1.538 + nssSession *sessionOpt,
1.539 + NSSDER *certEncoding,
1.540 + NSSDER *certIssuer,
1.541 + NSSDER *certSerial,
1.542 + nssTokenSearchType searchType
1.543 +);
1.544 +
1.545 +NSS_EXTERN nssCryptokiObject **
1.546 +nssToken_FindCRLsBySubject
1.547 +(
1.548 + NSSToken *token,
1.549 + nssSession *sessionOpt,
1.550 + NSSDER *subject,
1.551 + nssTokenSearchType searchType,
1.552 + PRUint32 maximumOpt,
1.553 + PRStatus *statusOpt
1.554 +);
1.555 +
1.556 +NSS_EXTERN nssCryptokiObject **
1.557 +nssToken_FindPrivateKeys
1.558 +(
1.559 + NSSToken *token,
1.560 + nssSession *sessionOpt,
1.561 + nssTokenSearchType searchType,
1.562 + PRUint32 maximumOpt,
1.563 + PRStatus *statusOpt
1.564 +);
1.565 +
1.566 +NSS_EXTERN nssCryptokiObject *
1.567 +nssToken_FindPrivateKeyByID
1.568 +(
1.569 + NSSToken *token,
1.570 + nssSession *sessionOpt,
1.571 + NSSItem *keyID
1.572 +);
1.573 +
1.574 +NSS_EXTERN nssCryptokiObject *
1.575 +nssToken_FindPublicKeyByID
1.576 +(
1.577 + NSSToken *token,
1.578 + nssSession *sessionOpt,
1.579 + NSSItem *keyID
1.580 +);
1.581 +
1.582 +NSS_EXTERN NSSItem *
1.583 +nssToken_Digest
1.584 +(
1.585 + NSSToken *tok,
1.586 + nssSession *sessionOpt,
1.587 + NSSAlgorithmAndParameters *ap,
1.588 + NSSItem *data,
1.589 + NSSItem *rvOpt,
1.590 + NSSArena *arenaOpt
1.591 +);
1.592 +
1.593 +NSS_EXTERN PRStatus
1.594 +nssToken_BeginDigest
1.595 +(
1.596 + NSSToken *tok,
1.597 + nssSession *sessionOpt,
1.598 + NSSAlgorithmAndParameters *ap
1.599 +);
1.600 +
1.601 +NSS_EXTERN PRStatus
1.602 +nssToken_ContinueDigest
1.603 +(
1.604 + NSSToken *tok,
1.605 + nssSession *sessionOpt,
1.606 + NSSItem *item
1.607 +);
1.608 +
1.609 +NSS_EXTERN NSSItem *
1.610 +nssToken_FinishDigest
1.611 +(
1.612 + NSSToken *tok,
1.613 + nssSession *sessionOpt,
1.614 + NSSItem *rvOpt,
1.615 + NSSArena *arenaOpt
1.616 +);
1.617 +
1.618 +/* nssSession
1.619 + *
1.620 + * nssSession_Destroy
1.621 + * nssSession_EnterMonitor
1.622 + * nssSession_ExitMonitor
1.623 + * nssSession_IsReadWrite
1.624 + */
1.625 +
1.626 +NSS_EXTERN PRStatus
1.627 +nssSession_Destroy
1.628 +(
1.629 + nssSession *s
1.630 +);
1.631 +
1.632 +/* would like to inline */
1.633 +NSS_EXTERN PRStatus
1.634 +nssSession_EnterMonitor
1.635 +(
1.636 + nssSession *s
1.637 +);
1.638 +
1.639 +/* would like to inline */
1.640 +NSS_EXTERN PRStatus
1.641 +nssSession_ExitMonitor
1.642 +(
1.643 + nssSession *s
1.644 +);
1.645 +
1.646 +/* would like to inline */
1.647 +NSS_EXTERN PRBool
1.648 +nssSession_IsReadWrite
1.649 +(
1.650 + nssSession *s
1.651 +);
1.652 +
1.653 +/* nssCryptokiObject
1.654 + *
1.655 + * An object living on a cryptoki token.
1.656 + * Not really proper to mix up the object types just because
1.657 + * nssCryptokiObject itself is generic, but doing so anyway.
1.658 + *
1.659 + * nssCryptokiObject_Destroy
1.660 + * nssCryptokiObject_Equal
1.661 + * nssCryptokiObject_Clone
1.662 + * nssCryptokiCertificate_GetAttributes
1.663 + * nssCryptokiPrivateKey_GetAttributes
1.664 + * nssCryptokiPublicKey_GetAttributes
1.665 + * nssCryptokiTrust_GetAttributes
1.666 + * nssCryptokiCRL_GetAttributes
1.667 + */
1.668 +
1.669 +NSS_EXTERN void
1.670 +nssCryptokiObject_Destroy
1.671 +(
1.672 + nssCryptokiObject *object
1.673 +);
1.674 +
1.675 +NSS_EXTERN PRBool
1.676 +nssCryptokiObject_Equal
1.677 +(
1.678 + nssCryptokiObject *object1,
1.679 + nssCryptokiObject *object2
1.680 +);
1.681 +
1.682 +NSS_EXTERN nssCryptokiObject *
1.683 +nssCryptokiObject_Clone
1.684 +(
1.685 + nssCryptokiObject *object
1.686 +);
1.687 +
1.688 +NSS_EXTERN PRStatus
1.689 +nssCryptokiCertificate_GetAttributes
1.690 +(
1.691 + nssCryptokiObject *object,
1.692 + nssSession *sessionOpt,
1.693 + NSSArena *arenaOpt,
1.694 + NSSCertificateType *certTypeOpt,
1.695 + NSSItem *idOpt,
1.696 + NSSDER *encodingOpt,
1.697 + NSSDER *issuerOpt,
1.698 + NSSDER *serialOpt,
1.699 + NSSDER *subjectOpt
1.700 +);
1.701 +
1.702 +NSS_EXTERN PRStatus
1.703 +nssCryptokiTrust_GetAttributes
1.704 +(
1.705 + nssCryptokiObject *trustObject,
1.706 + nssSession *sessionOpt,
1.707 + NSSItem *sha1_hash,
1.708 + nssTrustLevel *serverAuth,
1.709 + nssTrustLevel *clientAuth,
1.710 + nssTrustLevel *codeSigning,
1.711 + nssTrustLevel *emailProtection,
1.712 + PRBool *stepUpApproved
1.713 +);
1.714 +
1.715 +NSS_EXTERN PRStatus
1.716 +nssCryptokiCRL_GetAttributes
1.717 +(
1.718 + nssCryptokiObject *crlObject,
1.719 + nssSession *sessionOpt,
1.720 + NSSArena *arenaOpt,
1.721 + NSSItem *encodingOpt,
1.722 + NSSItem * subjectOpt,
1.723 + CK_ULONG * crl_class,
1.724 + NSSUTF8 **urlOpt,
1.725 + PRBool *isKRLOpt
1.726 +);
1.727 +
1.728 +/* I'm including this to handle import of certificates in NSS 3.5. This
1.729 + * function will set the cert-related attributes of a key, in order to
1.730 + * associate it with a cert. Does it stay like this for 4.0?
1.731 + */
1.732 +NSS_EXTERN PRStatus
1.733 +nssCryptokiPrivateKey_SetCertificate
1.734 +(
1.735 + nssCryptokiObject *keyObject,
1.736 + nssSession *sessionOpt,
1.737 + const NSSUTF8 *nickname,
1.738 + NSSItem *id,
1.739 + NSSDER *subject
1.740 +);
1.741 +
1.742 +NSS_EXTERN void
1.743 +nssModuleArray_Destroy
1.744 +(
1.745 + NSSModule **modules
1.746 +);
1.747 +
1.748 +/* nssSlotArray
1.749 + *
1.750 + * nssSlotArray_Destroy
1.751 + */
1.752 +
1.753 +NSS_EXTERN void
1.754 +nssSlotArray_Destroy
1.755 +(
1.756 + NSSSlot **slots
1.757 +);
1.758 +
1.759 +/* nssTokenArray
1.760 + *
1.761 + * nssTokenArray_Destroy
1.762 + */
1.763 +
1.764 +NSS_EXTERN void
1.765 +nssTokenArray_Destroy
1.766 +(
1.767 + NSSToken **tokens
1.768 +);
1.769 +
1.770 +/* nssCryptokiObjectArray
1.771 + *
1.772 + * nssCryptokiObjectArray_Destroy
1.773 + */
1.774 +NSS_EXTERN void
1.775 +nssCryptokiObjectArray_Destroy
1.776 +(
1.777 + nssCryptokiObject **object
1.778 +);
1.779 +
1.780 +/* nssSlotList
1.781 +*
1.782 + * An ordered list of slots. The order can be anything, it is set in the
1.783 + * Add methods. Perhaps it should be CreateInCertOrder, ...?
1.784 + *
1.785 + * nssSlotList_Create
1.786 + * nssSlotList_Destroy
1.787 + * nssSlotList_Add
1.788 + * nssSlotList_AddModuleSlots
1.789 + * nssSlotList_GetSlots
1.790 + * nssSlotList_FindSlotByName
1.791 + * nssSlotList_FindTokenByName
1.792 + * nssSlotList_GetBestSlot
1.793 + * nssSlotList_GetBestSlotForAlgorithmAndParameters
1.794 + * nssSlotList_GetBestSlotForAlgorithmsAndParameters
1.795 + */
1.796 +
1.797 +/* nssSlotList_Create
1.798 + */
1.799 +NSS_EXTERN nssSlotList *
1.800 +nssSlotList_Create
1.801 +(
1.802 + NSSArena *arenaOpt
1.803 +);
1.804 +
1.805 +/* nssSlotList_Destroy
1.806 + */
1.807 +NSS_EXTERN void
1.808 +nssSlotList_Destroy
1.809 +(
1.810 + nssSlotList *slotList
1.811 +);
1.812 +
1.813 +/* nssSlotList_Add
1.814 + *
1.815 + * Add the given slot in the given order.
1.816 + */
1.817 +NSS_EXTERN PRStatus
1.818 +nssSlotList_Add
1.819 +(
1.820 + nssSlotList *slotList,
1.821 + NSSSlot *slot,
1.822 + PRUint32 order
1.823 +);
1.824 +
1.825 +/* nssSlotList_AddModuleSlots
1.826 + *
1.827 + * Add all slots in the module, in the given order (the slots will have
1.828 + * equal weight).
1.829 + */
1.830 +NSS_EXTERN PRStatus
1.831 +nssSlotList_AddModuleSlots
1.832 +(
1.833 + nssSlotList *slotList,
1.834 + NSSModule *module,
1.835 + PRUint32 order
1.836 +);
1.837 +
1.838 +/* nssSlotList_GetSlots
1.839 + */
1.840 +NSS_EXTERN NSSSlot **
1.841 +nssSlotList_GetSlots
1.842 +(
1.843 + nssSlotList *slotList
1.844 +);
1.845 +
1.846 +/* nssSlotList_FindSlotByName
1.847 + */
1.848 +NSS_EXTERN NSSSlot *
1.849 +nssSlotList_FindSlotByName
1.850 +(
1.851 + nssSlotList *slotList,
1.852 + NSSUTF8 *slotName
1.853 +);
1.854 +
1.855 +/* nssSlotList_FindTokenByName
1.856 + */
1.857 +NSS_EXTERN NSSToken *
1.858 +nssSlotList_FindTokenByName
1.859 +(
1.860 + nssSlotList *slotList,
1.861 + NSSUTF8 *tokenName
1.862 +);
1.863 +
1.864 +/* nssSlotList_GetBestSlot
1.865 + *
1.866 + * The best slot is the highest ranking in order, i.e., the first in the
1.867 + * list.
1.868 + */
1.869 +NSS_EXTERN NSSSlot *
1.870 +nssSlotList_GetBestSlot
1.871 +(
1.872 + nssSlotList *slotList
1.873 +);
1.874 +
1.875 +/* nssSlotList_GetBestSlotForAlgorithmAndParameters
1.876 + *
1.877 + * Highest-ranking slot than can handle algorithm/parameters.
1.878 + */
1.879 +NSS_EXTERN NSSSlot *
1.880 +nssSlotList_GetBestSlotForAlgorithmAndParameters
1.881 +(
1.882 + nssSlotList *slotList,
1.883 + NSSAlgorithmAndParameters *ap
1.884 +);
1.885 +
1.886 +/* nssSlotList_GetBestSlotForAlgorithmsAndParameters
1.887 + *
1.888 + * Highest-ranking slot than can handle all algorithms/parameters.
1.889 + */
1.890 +NSS_EXTERN NSSSlot *
1.891 +nssSlotList_GetBestSlotForAlgorithmsAndParameters
1.892 +(
1.893 + nssSlotList *slotList,
1.894 + NSSAlgorithmAndParameters **ap
1.895 +);
1.896 +
1.897 +NSS_EXTERN PRBool
1.898 +nssToken_IsPresent
1.899 +(
1.900 + NSSToken *token
1.901 +);
1.902 +
1.903 +NSS_EXTERN nssSession *
1.904 +nssToken_GetDefaultSession
1.905 +(
1.906 + NSSToken *token
1.907 +);
1.908 +
1.909 +NSS_EXTERN PRStatus
1.910 +nssToken_GetTrustOrder
1.911 +(
1.912 + NSSToken *tok
1.913 +);
1.914 +
1.915 +NSS_EXTERN PRStatus
1.916 +nssToken_NotifyCertsNotVisible
1.917 +(
1.918 + NSSToken *tok
1.919 +);
1.920 +
1.921 +NSS_EXTERN PRStatus
1.922 +nssToken_TraverseCertificates
1.923 +(
1.924 + NSSToken *token,
1.925 + nssSession *sessionOpt,
1.926 + nssTokenSearchType searchType,
1.927 + PRStatus (* callback)(nssCryptokiObject *instance, void *arg),
1.928 + void *arg
1.929 +);
1.930 +
1.931 +NSS_EXTERN PRBool
1.932 +nssToken_IsPrivateKeyAvailable
1.933 +(
1.934 + NSSToken *token,
1.935 + NSSCertificate *c,
1.936 + nssCryptokiObject *instance
1.937 +);
1.938 +
1.939 +PR_END_EXTERN_C
1.940 +
1.941 +#endif /* DEV_H */
