michael@0: /* This Source Code Form is subject to the terms of the Mozilla Public michael@0: * License, v. 2.0. If a copy of the MPL was not distributed with this michael@0: * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ michael@0: /* michael@0: * Internal header file included only by files in pkcs11 dir, or in michael@0: * pkcs11 specific client and server files. michael@0: */ michael@0: #ifndef _SECMODI_H_ michael@0: #define _SECMODI_H_ 1 michael@0: #include "pkcs11.h" michael@0: #include "nssilock.h" michael@0: #include "secoidt.h" michael@0: #include "secdert.h" michael@0: #include "certt.h" michael@0: #include "secmodt.h" michael@0: #include "keyt.h" michael@0: michael@0: SEC_BEGIN_PROTOS michael@0: michael@0: /* proto-types */ michael@0: extern SECStatus SECMOD_DeletePermDB(SECMODModule *module); michael@0: extern SECStatus SECMOD_AddPermDB(SECMODModule *module); michael@0: extern SECStatus SECMOD_Shutdown(void); michael@0: void nss_DumpModuleLog(void); michael@0: michael@0: extern int secmod_PrivateModuleCount; michael@0: michael@0: extern void SECMOD_Init(void); michael@0: SECStatus secmod_ModuleInit(SECMODModule *mod, SECMODModule **oldModule, michael@0: PRBool* alreadyLoaded); michael@0: michael@0: /* list managment */ michael@0: extern SECStatus SECMOD_AddModuleToList(SECMODModule *newModule); michael@0: extern SECStatus SECMOD_AddModuleToDBOnlyList(SECMODModule *newModule); michael@0: extern SECStatus SECMOD_AddModuleToUnloadList(SECMODModule *newModule); michael@0: extern void SECMOD_RemoveList(SECMODModuleList **,SECMODModuleList *); michael@0: extern void SECMOD_AddList(SECMODModuleList *,SECMODModuleList *,SECMODListLock *); michael@0: extern SECMODListLock *SECMOD_NewListLock(void); michael@0: extern void SECMOD_DestroyListLock(SECMODListLock *); michael@0: extern void SECMOD_GetWriteLock(SECMODListLock *); michael@0: extern void SECMOD_ReleaseWriteLock(SECMODListLock *); michael@0: michael@0: /* Operate on modules by name */ michael@0: extern SECMODModule *SECMOD_FindModuleByID(SECMODModuleID); michael@0: extern SECMODModule *secmod_FindModuleByFuncPtr(void *funcPtr); michael@0: michael@0: /* database/memory management */ michael@0: extern SECMODModuleList *SECMOD_NewModuleListElement(void); michael@0: extern SECMODModuleList *SECMOD_DestroyModuleListElement(SECMODModuleList *); michael@0: extern void SECMOD_DestroyModuleList(SECMODModuleList *); michael@0: extern SECStatus SECMOD_AddModule(SECMODModule *newModule); michael@0: michael@0: extern unsigned long SECMOD_InternaltoPubCipherFlags(unsigned long internalFlags); michael@0: michael@0: /* Library functions */ michael@0: SECStatus secmod_LoadPKCS11Module(SECMODModule *, SECMODModule **oldModule); michael@0: SECStatus SECMOD_UnloadModule(SECMODModule *); michael@0: void SECMOD_SetInternalModule(SECMODModule *); michael@0: PRBool secmod_IsInternalKeySlot(SECMODModule *); michael@0: void secmod_SetInternalKeySlotFlag(SECMODModule *mod, PRBool val); michael@0: michael@0: michael@0: /* tools for checking if we are loading the same database twice */ michael@0: typedef struct SECMODConfigListStr SECMODConfigList; michael@0: /* collect all the databases in a given spec */ michael@0: SECMODConfigList *secmod_GetConfigList(PRBool isFIPS, char *spec, int *count); michael@0: /* see is a spec matches a database on the list */ michael@0: PRBool secmod_MatchConfigList(char *spec, michael@0: SECMODConfigList *conflist, int count); michael@0: /* free our list of databases */ michael@0: void secmod_FreeConfigList(SECMODConfigList *conflist, int count); michael@0: michael@0: /* parsing parameters */ michael@0: /* returned char * must be freed by caller with PORT_Free */ michael@0: /* children and ids are null terminated arrays which must be freed with michael@0: * secmod_FreeChildren */ michael@0: char *secmod_ParseModuleSpecForTokens(PRBool convert, michael@0: PRBool isFIPS, michael@0: char *moduleSpec, michael@0: char ***children, michael@0: CK_SLOT_ID **ids); michael@0: void secmod_FreeChildren(char **children, CK_SLOT_ID *ids); michael@0: char *secmod_MkAppendTokensList(PLArenaPool *arena, char *origModuleSpec, michael@0: char *newModuleSpec, CK_SLOT_ID newID, michael@0: char **children, CK_SLOT_ID *ids); michael@0: michael@0: michael@0: void SECMOD_SlotDestroyModule(SECMODModule *module, PRBool fromSlot); michael@0: CK_RV pk11_notify(CK_SESSION_HANDLE session, CK_NOTIFICATION event, michael@0: CK_VOID_PTR pdata); michael@0: void pk11_SignedToUnsigned(CK_ATTRIBUTE *attrib); michael@0: CK_OBJECT_HANDLE pk11_FindObjectByTemplate(PK11SlotInfo *slot, michael@0: CK_ATTRIBUTE *inTemplate,int tsize); michael@0: CK_OBJECT_HANDLE *pk11_FindObjectsByTemplate(PK11SlotInfo *slot, michael@0: CK_ATTRIBUTE *inTemplate,int tsize, int *objCount); michael@0: michael@0: #define PK11_GETTAB(x) ((CK_FUNCTION_LIST_PTR)((x)->functionList)) michael@0: #define PK11_SETATTRS(x,id,v,l) (x)->type = (id); \ michael@0: (x)->pValue=(v); (x)->ulValueLen = (l); michael@0: SECStatus PK11_CreateNewObject(PK11SlotInfo *slot, CK_SESSION_HANDLE session, michael@0: const CK_ATTRIBUTE *theTemplate, int count, michael@0: PRBool token, CK_OBJECT_HANDLE *objectID); michael@0: michael@0: SECStatus pbe_PK11AlgidToParam(SECAlgorithmID *algid,SECItem *mech); michael@0: SECStatus PBE_PK11ParamToAlgid(SECOidTag algTag, SECItem *param, michael@0: PLArenaPool *arena, SECAlgorithmID *algId); michael@0: michael@0: PK11SymKey *pk11_TokenKeyGenWithFlagsAndKeyType(PK11SlotInfo *slot, michael@0: CK_MECHANISM_TYPE type, SECItem *param, CK_KEY_TYPE keyType, michael@0: int keySize, SECItem *keyId, CK_FLAGS opFlags, michael@0: PK11AttrFlags attrFlags, void *wincx); michael@0: michael@0: CK_MECHANISM_TYPE pk11_GetPBECryptoMechanism(SECAlgorithmID *algid, michael@0: SECItem **param, SECItem *pwd, PRBool faulty3DES); michael@0: michael@0: michael@0: michael@0: extern void pk11sdr_Init(void); michael@0: extern void pk11sdr_Shutdown(void); michael@0: michael@0: /* michael@0: * Private to pk11wrap. michael@0: */ michael@0: michael@0: PRBool pk11_LoginStillRequired(PK11SlotInfo *slot, void *wincx); michael@0: CK_SESSION_HANDLE pk11_GetNewSession(PK11SlotInfo *slot, PRBool *owner); michael@0: void pk11_CloseSession(PK11SlotInfo *slot, CK_SESSION_HANDLE sess, PRBool own); michael@0: PK11SymKey *pk11_ForceSlot(PK11SymKey *symKey, CK_MECHANISM_TYPE type, michael@0: CK_ATTRIBUTE_TYPE operation); michael@0: /* Convert key operation flags to PKCS #11 attributes. */ michael@0: unsigned int pk11_OpFlagsToAttributes(CK_FLAGS flags, michael@0: CK_ATTRIBUTE *attrs, CK_BBOOL *ckTrue); michael@0: /* Check for bad (conflicting) attribute flags */ michael@0: PRBool pk11_BadAttrFlags(PK11AttrFlags attrFlags); michael@0: /* Convert key attribute flags to PKCS #11 attributes. */ michael@0: unsigned int pk11_AttrFlagsToAttributes(PK11AttrFlags attrFlags, michael@0: CK_ATTRIBUTE *attrs, CK_BBOOL *ckTrue, CK_BBOOL *ckFalse); michael@0: PRBool pk11_FindAttrInTemplate(CK_ATTRIBUTE *attr, unsigned int numAttrs, michael@0: CK_ATTRIBUTE_TYPE target); michael@0: michael@0: CK_MECHANISM_TYPE pk11_mapWrapKeyType(KeyType keyType); michael@0: PK11SymKey *pk11_KeyExchange(PK11SlotInfo *slot, CK_MECHANISM_TYPE type, michael@0: CK_ATTRIBUTE_TYPE operation, CK_FLAGS flags, PRBool isPerm, michael@0: PK11SymKey *symKey); michael@0: michael@0: PRBool pk11_HandleTrustObject(PK11SlotInfo *slot, CERTCertificate *cert, michael@0: CERTCertTrust *trust); michael@0: CK_OBJECT_HANDLE pk11_FindPubKeyByAnyCert(CERTCertificate *cert, michael@0: PK11SlotInfo **slot, void *wincx); michael@0: SECStatus pk11_AuthenticateUnfriendly(PK11SlotInfo *slot, PRBool loadCerts, michael@0: void *wincx); michael@0: int PK11_NumberObjectsFor(PK11SlotInfo *slot, CK_ATTRIBUTE *findTemplate, michael@0: int templateCount); michael@0: SECItem *pk11_GetLowLevelKeyFromHandle(PK11SlotInfo *slot, michael@0: CK_OBJECT_HANDLE handle); michael@0: SECStatus PK11_TraverseSlot(PK11SlotInfo *slot, void *arg); michael@0: CK_OBJECT_HANDLE pk11_FindPrivateKeyFromCertID(PK11SlotInfo *slot, michael@0: SECItem *keyID); michael@0: SECKEYPrivateKey *PK11_MakePrivKey(PK11SlotInfo *slot, KeyType keyType, michael@0: PRBool isTemp, CK_OBJECT_HANDLE privID, void *wincx); michael@0: CERTCertificate *PK11_MakeCertFromHandle(PK11SlotInfo *slot, michael@0: CK_OBJECT_HANDLE certID, CK_ATTRIBUTE *privateLabel); michael@0: michael@0: SECItem *pk11_GenerateNewParamWithKeyLen(CK_MECHANISM_TYPE type, int keyLen); michael@0: SECItem *pk11_ParamFromIVWithLen(CK_MECHANISM_TYPE type, michael@0: SECItem *iv, int keyLen); michael@0: michael@0: SEC_END_PROTOS michael@0: michael@0: #endif michael@0: