security/nss/lib/pk11wrap/secmod.h@6474c204b198
security/nss/lib/pk11wrap/secmod.h
Wed, 31 Dec 2014 06:09:35 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Wed, 31 Dec 2014 06:09:35 +0100
- changeset 0
- 6474c204b198
- permissions
- -rw-r--r--
Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.
1 /* This Source Code Form is subject to the terms of the Mozilla Public
2 * License, v. 2.0. If a copy of the MPL was not distributed with this
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4 #ifndef _SECMOD_H_
5 #define _SECMOD_H_
6 #include "seccomon.h"
7 #include "secmodt.h"
8 #include "prinrval.h"
10 /* These mechanisms flags are visible to all other libraries. */
11 /* They must be converted to internal SECMOD_*_FLAG */
12 /* if used inside the functions of the security library */
13 #define PUBLIC_MECH_RSA_FLAG 0x00000001ul
14 #define PUBLIC_MECH_DSA_FLAG 0x00000002ul
15 #define PUBLIC_MECH_RC2_FLAG 0x00000004ul
16 #define PUBLIC_MECH_RC4_FLAG 0x00000008ul
17 #define PUBLIC_MECH_DES_FLAG 0x00000010ul
18 #define PUBLIC_MECH_DH_FLAG 0x00000020ul
19 #define PUBLIC_MECH_FORTEZZA_FLAG 0x00000040ul
20 #define PUBLIC_MECH_RC5_FLAG 0x00000080ul
21 #define PUBLIC_MECH_SHA1_FLAG 0x00000100ul
22 #define PUBLIC_MECH_MD5_FLAG 0x00000200ul
23 #define PUBLIC_MECH_MD2_FLAG 0x00000400ul
24 #define PUBLIC_MECH_SSL_FLAG 0x00000800ul
25 #define PUBLIC_MECH_TLS_FLAG 0x00001000ul
26 #define PUBLIC_MECH_AES_FLAG 0x00002000ul
27 #define PUBLIC_MECH_SHA256_FLAG 0x00004000ul
28 #define PUBLIC_MECH_SHA512_FLAG 0x00008000ul
29 #define PUBLIC_MECH_CAMELLIA_FLAG 0x00010000ul
30 #define PUBLIC_MECH_SEED_FLAG 0x00020000ul
31 #define PUBLIC_MECH_ECC_FLAG 0x00040000ul
33 #define PUBLIC_MECH_RANDOM_FLAG 0x08000000ul
34 #define PUBLIC_MECH_FRIENDLY_FLAG 0x10000000ul
35 #define PUBLIC_OWN_PW_DEFAULTS 0X20000000ul
36 #define PUBLIC_DISABLE_FLAG 0x40000000ul
38 /* warning: reserved means reserved */
39 #define PUBLIC_MECH_RESERVED_FLAGS 0x87FF0000ul
41 /* These cipher flags are visible to all other libraries, */
42 /* But they must be converted before used in functions */
43 /* withing the security module */
44 #define PUBLIC_CIPHER_FORTEZZA_FLAG 0x00000001ul
46 /* warning: reserved means reserved */
47 #define PUBLIC_CIPHER_RESERVED_FLAGS 0xFFFFFFFEul
49 SEC_BEGIN_PROTOS
51 /*
52 * the following functions are going to be deprecated in NSS 4.0 in
53 * favor of the new stan functions.
54 */
56 /* Initialization */
57 extern SECMODModule *SECMOD_LoadModule(char *moduleSpec,SECMODModule *parent,
58 PRBool recurse);
60 extern SECMODModule *SECMOD_LoadUserModule(char *moduleSpec,SECMODModule *parent,
61 PRBool recurse);
63 SECStatus SECMOD_UnloadUserModule(SECMODModule *mod);
65 SECMODModule * SECMOD_CreateModule(const char *lib, const char *name,
66 const char *param, const char *nss);
67 /*
68 * After a fork(), PKCS #11 says we need to call C_Initialize again in
69 * the child before we can use the module. This function causes this
70 * reinitialization.
71 * NOTE: Any outstanding handles will become invalid, which means your
72 * keys and contexts will fail, but new ones can be created.
73 *
74 * Setting 'force' to true means to do the reinitialization even if the
75 * PKCS #11 module does not seem to need it. This allows software modules
76 * which ignore fork to preserve their keys across the fork().
77 */
78 SECStatus SECMOD_RestartModules(PRBool force);
81 /* Module Management */
82 char **SECMOD_GetModuleSpecList(SECMODModule *module);
83 SECStatus SECMOD_FreeModuleSpecList(SECMODModule *module,char **moduleSpecList);
86 /* protoypes */
87 /* Get a list of active PKCS #11 modules */
88 extern SECMODModuleList *SECMOD_GetDefaultModuleList(void);
89 /* Get a list of defined but not loaded PKCS #11 modules */
90 extern SECMODModuleList *SECMOD_GetDeadModuleList(void);
91 /* Get a list of Modules which define PKCS #11 modules to load */
92 extern SECMODModuleList *SECMOD_GetDBModuleList(void);
94 /* lock to protect all three module lists above */
95 extern SECMODListLock *SECMOD_GetDefaultModuleListLock(void);
97 extern SECStatus SECMOD_UpdateModule(SECMODModule *module);
99 /* lock management */
100 extern void SECMOD_GetReadLock(SECMODListLock *);
101 extern void SECMOD_ReleaseReadLock(SECMODListLock *);
103 /* Operate on modules by name */
104 extern SECMODModule *SECMOD_FindModule(const char *name);
105 extern SECStatus SECMOD_DeleteModule(const char *name, int *type);
106 extern SECStatus SECMOD_DeleteModuleEx(const char * name,
107 SECMODModule *mod,
108 int *type,
109 PRBool permdb);
110 extern SECStatus SECMOD_DeleteInternalModule(const char *name);
111 extern PRBool SECMOD_CanDeleteInternalModule(void);
112 extern SECStatus SECMOD_AddNewModule(const char* moduleName,
113 const char* dllPath,
114 unsigned long defaultMechanismFlags,
115 unsigned long cipherEnableFlags);
116 extern SECStatus SECMOD_AddNewModuleEx(const char* moduleName,
117 const char* dllPath,
118 unsigned long defaultMechanismFlags,
119 unsigned long cipherEnableFlags,
120 char* modparms,
121 char* nssparms);
123 /* database/memory management */
124 extern SECMODModule *SECMOD_GetInternalModule(void);
125 extern SECMODModule *SECMOD_ReferenceModule(SECMODModule *module);
126 extern void SECMOD_DestroyModule(SECMODModule *module);
127 extern PK11SlotInfo *SECMOD_LookupSlot(SECMODModuleID module,
128 unsigned long slotID);
129 extern PK11SlotInfo *SECMOD_FindSlot(SECMODModule *module,const char *name);
131 /* Funtion reports true if at least one of the modules */
132 /* of modType has been installed */
133 PRBool SECMOD_IsModulePresent( unsigned long int pubCipherEnableFlags );
135 /* accessors */
136 PRBool SECMOD_GetSkipFirstFlag(SECMODModule *mod);
137 PRBool SECMOD_GetDefaultModDBFlag(SECMODModule *mod);
139 /* Functions used to convert between internal & public representation
140 * of Mechanism Flags and Cipher Enable Flags */
141 extern unsigned long SECMOD_PubMechFlagstoInternal(unsigned long publicFlags);
142 extern unsigned long SECMOD_InternaltoPubMechFlags(unsigned long internalFlags);
143 extern unsigned long SECMOD_PubCipherFlagstoInternal(unsigned long publicFlags);
145 PRBool SECMOD_HasRemovableSlots(SECMODModule *mod);
146 PK11SlotInfo *SECMOD_WaitForAnyTokenEvent(SECMODModule *mod,
147 unsigned long flags, PRIntervalTime latency);
148 /*
149 * Warning: the SECMOD_CancelWait function is highly destructive, potentially
150 * finalizing the module 'mod' (causing inprogress operations to fail,
151 * and session key material to disappear). It should only be called when
152 * shutting down the module.
153 */
154 SECStatus SECMOD_CancelWait(SECMODModule *mod);
155 /*
156 * check to see if the module has added new slots. PKCS 11 v2.20 allows for
157 * modules to add new slots, but never remove them. Slots not be added between
158 * a call to C_GetSlotLlist(Flag, NULL, &count) and the corresponding
159 * C_GetSlotList(flag, &data, &count) so that the array doesn't accidently
160 * grow on the caller. It is permissible for the slots to increase between
161 * corresponding calls with NULL to get the size.
162 */
163 SECStatus SECMOD_UpdateSlotList(SECMODModule *mod);
164 SEC_END_PROTOS
166 #endif
