1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/security/nss/lib/pk11wrap/secmodi.h Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,171 @@
1.4 +/* This Source Code Form is subject to the terms of the Mozilla Public
1.5 + * License, v. 2.0. If a copy of the MPL was not distributed with this
1.6 + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
1.7 +/*
1.8 + * Internal header file included only by files in pkcs11 dir, or in
1.9 + * pkcs11 specific client and server files.
1.10 + */
1.11 +#ifndef _SECMODI_H_
1.12 +#define _SECMODI_H_ 1
1.13 +#include "pkcs11.h"
1.14 +#include "nssilock.h"
1.15 +#include "secoidt.h"
1.16 +#include "secdert.h"
1.17 +#include "certt.h"
1.18 +#include "secmodt.h"
1.19 +#include "keyt.h"
1.20 +
1.21 +SEC_BEGIN_PROTOS
1.22 +
1.23 +/* proto-types */
1.24 +extern SECStatus SECMOD_DeletePermDB(SECMODModule *module);
1.25 +extern SECStatus SECMOD_AddPermDB(SECMODModule *module);
1.26 +extern SECStatus SECMOD_Shutdown(void);
1.27 +void nss_DumpModuleLog(void);
1.28 +
1.29 +extern int secmod_PrivateModuleCount;
1.30 +
1.31 +extern void SECMOD_Init(void);
1.32 +SECStatus secmod_ModuleInit(SECMODModule *mod, SECMODModule **oldModule,
1.33 + PRBool* alreadyLoaded);
1.34 +
1.35 +/* list managment */
1.36 +extern SECStatus SECMOD_AddModuleToList(SECMODModule *newModule);
1.37 +extern SECStatus SECMOD_AddModuleToDBOnlyList(SECMODModule *newModule);
1.38 +extern SECStatus SECMOD_AddModuleToUnloadList(SECMODModule *newModule);
1.39 +extern void SECMOD_RemoveList(SECMODModuleList **,SECMODModuleList *);
1.40 +extern void SECMOD_AddList(SECMODModuleList *,SECMODModuleList *,SECMODListLock *);
1.41 +extern SECMODListLock *SECMOD_NewListLock(void);
1.42 +extern void SECMOD_DestroyListLock(SECMODListLock *);
1.43 +extern void SECMOD_GetWriteLock(SECMODListLock *);
1.44 +extern void SECMOD_ReleaseWriteLock(SECMODListLock *);
1.45 +
1.46 +/* Operate on modules by name */
1.47 +extern SECMODModule *SECMOD_FindModuleByID(SECMODModuleID);
1.48 +extern SECMODModule *secmod_FindModuleByFuncPtr(void *funcPtr);
1.49 +
1.50 +/* database/memory management */
1.51 +extern SECMODModuleList *SECMOD_NewModuleListElement(void);
1.52 +extern SECMODModuleList *SECMOD_DestroyModuleListElement(SECMODModuleList *);
1.53 +extern void SECMOD_DestroyModuleList(SECMODModuleList *);
1.54 +extern SECStatus SECMOD_AddModule(SECMODModule *newModule);
1.55 +
1.56 +extern unsigned long SECMOD_InternaltoPubCipherFlags(unsigned long internalFlags);
1.57 +
1.58 +/* Library functions */
1.59 +SECStatus secmod_LoadPKCS11Module(SECMODModule *, SECMODModule **oldModule);
1.60 +SECStatus SECMOD_UnloadModule(SECMODModule *);
1.61 +void SECMOD_SetInternalModule(SECMODModule *);
1.62 +PRBool secmod_IsInternalKeySlot(SECMODModule *);
1.63 +void secmod_SetInternalKeySlotFlag(SECMODModule *mod, PRBool val);
1.64 +
1.65 +
1.66 +/* tools for checking if we are loading the same database twice */
1.67 +typedef struct SECMODConfigListStr SECMODConfigList;
1.68 +/* collect all the databases in a given spec */
1.69 +SECMODConfigList *secmod_GetConfigList(PRBool isFIPS, char *spec, int *count);
1.70 +/* see is a spec matches a database on the list */
1.71 +PRBool secmod_MatchConfigList(char *spec,
1.72 + SECMODConfigList *conflist, int count);
1.73 +/* free our list of databases */
1.74 +void secmod_FreeConfigList(SECMODConfigList *conflist, int count);
1.75 +
1.76 +/* parsing parameters */
1.77 +/* returned char * must be freed by caller with PORT_Free */
1.78 +/* children and ids are null terminated arrays which must be freed with
1.79 + * secmod_FreeChildren */
1.80 +char *secmod_ParseModuleSpecForTokens(PRBool convert,
1.81 + PRBool isFIPS,
1.82 + char *moduleSpec,
1.83 + char ***children,
1.84 + CK_SLOT_ID **ids);
1.85 +void secmod_FreeChildren(char **children, CK_SLOT_ID *ids);
1.86 +char *secmod_MkAppendTokensList(PLArenaPool *arena, char *origModuleSpec,
1.87 + char *newModuleSpec, CK_SLOT_ID newID,
1.88 + char **children, CK_SLOT_ID *ids);
1.89 +
1.90 +
1.91 +void SECMOD_SlotDestroyModule(SECMODModule *module, PRBool fromSlot);
1.92 +CK_RV pk11_notify(CK_SESSION_HANDLE session, CK_NOTIFICATION event,
1.93 + CK_VOID_PTR pdata);
1.94 +void pk11_SignedToUnsigned(CK_ATTRIBUTE *attrib);
1.95 +CK_OBJECT_HANDLE pk11_FindObjectByTemplate(PK11SlotInfo *slot,
1.96 + CK_ATTRIBUTE *inTemplate,int tsize);
1.97 +CK_OBJECT_HANDLE *pk11_FindObjectsByTemplate(PK11SlotInfo *slot,
1.98 + CK_ATTRIBUTE *inTemplate,int tsize, int *objCount);
1.99 +
1.100 +#define PK11_GETTAB(x) ((CK_FUNCTION_LIST_PTR)((x)->functionList))
1.101 +#define PK11_SETATTRS(x,id,v,l) (x)->type = (id); \
1.102 + (x)->pValue=(v); (x)->ulValueLen = (l);
1.103 +SECStatus PK11_CreateNewObject(PK11SlotInfo *slot, CK_SESSION_HANDLE session,
1.104 + const CK_ATTRIBUTE *theTemplate, int count,
1.105 + PRBool token, CK_OBJECT_HANDLE *objectID);
1.106 +
1.107 +SECStatus pbe_PK11AlgidToParam(SECAlgorithmID *algid,SECItem *mech);
1.108 +SECStatus PBE_PK11ParamToAlgid(SECOidTag algTag, SECItem *param,
1.109 + PLArenaPool *arena, SECAlgorithmID *algId);
1.110 +
1.111 +PK11SymKey *pk11_TokenKeyGenWithFlagsAndKeyType(PK11SlotInfo *slot,
1.112 + CK_MECHANISM_TYPE type, SECItem *param, CK_KEY_TYPE keyType,
1.113 + int keySize, SECItem *keyId, CK_FLAGS opFlags,
1.114 + PK11AttrFlags attrFlags, void *wincx);
1.115 +
1.116 +CK_MECHANISM_TYPE pk11_GetPBECryptoMechanism(SECAlgorithmID *algid,
1.117 + SECItem **param, SECItem *pwd, PRBool faulty3DES);
1.118 +
1.119 +
1.120 +
1.121 +extern void pk11sdr_Init(void);
1.122 +extern void pk11sdr_Shutdown(void);
1.123 +
1.124 +/*
1.125 + * Private to pk11wrap.
1.126 + */
1.127 +
1.128 +PRBool pk11_LoginStillRequired(PK11SlotInfo *slot, void *wincx);
1.129 +CK_SESSION_HANDLE pk11_GetNewSession(PK11SlotInfo *slot, PRBool *owner);
1.130 +void pk11_CloseSession(PK11SlotInfo *slot, CK_SESSION_HANDLE sess, PRBool own);
1.131 +PK11SymKey *pk11_ForceSlot(PK11SymKey *symKey, CK_MECHANISM_TYPE type,
1.132 + CK_ATTRIBUTE_TYPE operation);
1.133 +/* Convert key operation flags to PKCS #11 attributes. */
1.134 +unsigned int pk11_OpFlagsToAttributes(CK_FLAGS flags,
1.135 + CK_ATTRIBUTE *attrs, CK_BBOOL *ckTrue);
1.136 +/* Check for bad (conflicting) attribute flags */
1.137 +PRBool pk11_BadAttrFlags(PK11AttrFlags attrFlags);
1.138 +/* Convert key attribute flags to PKCS #11 attributes. */
1.139 +unsigned int pk11_AttrFlagsToAttributes(PK11AttrFlags attrFlags,
1.140 + CK_ATTRIBUTE *attrs, CK_BBOOL *ckTrue, CK_BBOOL *ckFalse);
1.141 +PRBool pk11_FindAttrInTemplate(CK_ATTRIBUTE *attr, unsigned int numAttrs,
1.142 + CK_ATTRIBUTE_TYPE target);
1.143 +
1.144 +CK_MECHANISM_TYPE pk11_mapWrapKeyType(KeyType keyType);
1.145 +PK11SymKey *pk11_KeyExchange(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
1.146 + CK_ATTRIBUTE_TYPE operation, CK_FLAGS flags, PRBool isPerm,
1.147 + PK11SymKey *symKey);
1.148 +
1.149 +PRBool pk11_HandleTrustObject(PK11SlotInfo *slot, CERTCertificate *cert,
1.150 + CERTCertTrust *trust);
1.151 +CK_OBJECT_HANDLE pk11_FindPubKeyByAnyCert(CERTCertificate *cert,
1.152 + PK11SlotInfo **slot, void *wincx);
1.153 +SECStatus pk11_AuthenticateUnfriendly(PK11SlotInfo *slot, PRBool loadCerts,
1.154 + void *wincx);
1.155 +int PK11_NumberObjectsFor(PK11SlotInfo *slot, CK_ATTRIBUTE *findTemplate,
1.156 + int templateCount);
1.157 +SECItem *pk11_GetLowLevelKeyFromHandle(PK11SlotInfo *slot,
1.158 + CK_OBJECT_HANDLE handle);
1.159 +SECStatus PK11_TraverseSlot(PK11SlotInfo *slot, void *arg);
1.160 +CK_OBJECT_HANDLE pk11_FindPrivateKeyFromCertID(PK11SlotInfo *slot,
1.161 + SECItem *keyID);
1.162 +SECKEYPrivateKey *PK11_MakePrivKey(PK11SlotInfo *slot, KeyType keyType,
1.163 + PRBool isTemp, CK_OBJECT_HANDLE privID, void *wincx);
1.164 +CERTCertificate *PK11_MakeCertFromHandle(PK11SlotInfo *slot,
1.165 + CK_OBJECT_HANDLE certID, CK_ATTRIBUTE *privateLabel);
1.166 +
1.167 +SECItem *pk11_GenerateNewParamWithKeyLen(CK_MECHANISM_TYPE type, int keyLen);
1.168 +SECItem *pk11_ParamFromIVWithLen(CK_MECHANISM_TYPE type,
1.169 + SECItem *iv, int keyLen);
1.170 +
1.171 +SEC_END_PROTOS
1.172 +
1.173 +#endif
1.174 +
