michael@0: /* This Source Code Form is subject to the terms of the Mozilla Public michael@0: * License, v. 2.0. If a copy of the MPL was not distributed with this michael@0: * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ michael@0: /* michael@0: * Internal data structures and functions used by pkcs11.c michael@0: */ michael@0: #ifndef _LGDB_H_ michael@0: #define _LGDB_H_ 1 michael@0: michael@0: #include "nssilock.h" michael@0: #include "seccomon.h" michael@0: #include "secoidt.h" michael@0: #include "lowkeyti.h" michael@0: #include "pkcs11t.h" michael@0: #include "sdb.h" michael@0: #include "cdbhdl.h" michael@0: michael@0: michael@0: #define MULTIACCESS "multiaccess:" michael@0: michael@0: michael@0: /* path stuff (was machine dependent) used by dbinit.c and pk11db.c */ michael@0: #define PATH_SEPARATOR "/" michael@0: #define SECMOD_DB "secmod.db" michael@0: #define CERT_DB_FMT "%scert%s.db" michael@0: #define KEY_DB_FMT "%skey%s.db" michael@0: michael@0: SEC_BEGIN_PROTOS michael@0: michael@0: michael@0: /* internal utility functions used by pkcs11.c */ michael@0: extern const CK_ATTRIBUTE *lg_FindAttribute(CK_ATTRIBUTE_TYPE type, michael@0: const CK_ATTRIBUTE *templ, CK_ULONG count); michael@0: extern CK_RV lg_Attribute2SecItem(PLArenaPool *,CK_ATTRIBUTE_TYPE type, michael@0: const CK_ATTRIBUTE *templ, CK_ULONG count, michael@0: SECItem *item); michael@0: extern CK_RV lg_Attribute2SSecItem(PLArenaPool *,CK_ATTRIBUTE_TYPE type, michael@0: const CK_ATTRIBUTE *templ, CK_ULONG count, michael@0: SECItem *item); michael@0: extern CK_RV lg_PrivAttr2SecItem(PLArenaPool *,CK_ATTRIBUTE_TYPE type, michael@0: const CK_ATTRIBUTE *templ, CK_ULONG count, michael@0: SECItem *item, SDB *sdbpw); michael@0: extern CK_RV lg_PrivAttr2SSecItem(PLArenaPool *,CK_ATTRIBUTE_TYPE type, michael@0: const CK_ATTRIBUTE *templ, CK_ULONG count, michael@0: SECItem *item, SDB *sdbpw); michael@0: extern CK_RV lg_GetULongAttribute(CK_ATTRIBUTE_TYPE type, michael@0: const CK_ATTRIBUTE *templ, CK_ULONG count, michael@0: CK_ULONG *out); michael@0: extern PRBool lg_hasAttribute(CK_ATTRIBUTE_TYPE type, michael@0: const CK_ATTRIBUTE *templ, CK_ULONG count); michael@0: extern PRBool lg_isTrue(CK_ATTRIBUTE_TYPE type, michael@0: const CK_ATTRIBUTE *templ, CK_ULONG count); michael@0: extern PRBool lg_isSensitive(CK_ATTRIBUTE_TYPE type, CK_OBJECT_CLASS inClass); michael@0: extern char *lg_getString(CK_ATTRIBUTE_TYPE type, michael@0: const CK_ATTRIBUTE *templ, CK_ULONG count); michael@0: extern unsigned int lg_MapTrust(CK_TRUST trust, PRBool clientAuth); michael@0: michael@0: /* clear out all the existing object ID to database key mappings. michael@0: * used to reinit a token */ michael@0: extern CK_RV lg_ClearTokenKeyHashTable(SDB *sdb); michael@0: michael@0: michael@0: extern void lg_FreeSearch(SDBFind *search); michael@0: michael@0: NSSLOWCERTCertDBHandle *lg_getCertDB(SDB *sdb); michael@0: NSSLOWKEYDBHandle *lg_getKeyDB(SDB *sdb); michael@0: michael@0: const char *lg_EvaluateConfigDir(const char *configdir, char **domain); michael@0: michael@0: michael@0: /* michael@0: * object handle modifiers michael@0: */ michael@0: #define LG_TOKEN_MASK 0xc0000000L michael@0: #define LG_TOKEN_TYPE_MASK 0x38000000L michael@0: #define LG_TOKEN_TYPE_SHIFT 27 michael@0: /* keydb (high bit == 0) */ michael@0: #define LG_TOKEN_TYPE_PRIV 0x08000000L michael@0: #define LG_TOKEN_TYPE_PUB 0x10000000L michael@0: #define LG_TOKEN_TYPE_KEY 0x18000000L michael@0: /* certdb (high bit == 1) */ michael@0: #define LG_TOKEN_TYPE_TRUST 0x20000000L michael@0: #define LG_TOKEN_TYPE_CRL 0x28000000L michael@0: #define LG_TOKEN_TYPE_SMIME 0x30000000L michael@0: #define LG_TOKEN_TYPE_CERT 0x38000000L michael@0: michael@0: #define LG_TOKEN_KRL_HANDLE (LG_TOKEN_TYPE_CRL|1) michael@0: michael@0: #define LG_SEARCH_BLOCK_SIZE 10 michael@0: #define LG_BUF_SPACE 50 michael@0: #define LG_STRICT PR_FALSE michael@0: michael@0: /* michael@0: * token object utilities michael@0: */ michael@0: void lg_addHandle(SDBFind *search, CK_OBJECT_HANDLE handle); michael@0: PRBool lg_poisonHandle(SDB *sdb, SECItem *dbkey, CK_OBJECT_HANDLE handle); michael@0: PRBool lg_tokenMatch(SDB *sdb, const SECItem *dbKey, CK_OBJECT_HANDLE class, michael@0: const CK_ATTRIBUTE *templ, CK_ULONG count); michael@0: const SECItem *lg_lookupTokenKeyByHandle(SDB *sdb, CK_OBJECT_HANDLE handle); michael@0: CK_OBJECT_HANDLE lg_mkHandle(SDB *sdb, SECItem *dbKey, CK_OBJECT_HANDLE class); michael@0: SECStatus lg_deleteTokenKeyByHandle(SDB *sdb, CK_OBJECT_HANDLE handle); michael@0: michael@0: SECStatus lg_util_encrypt(PLArenaPool *arena, SDB *sdbpw, michael@0: SECItem *plainText, SECItem **cipherText); michael@0: SECStatus lg_util_decrypt(SDB *sdbpw, michael@0: SECItem *cipherText, SECItem **plainText); michael@0: PLHashTable *lg_GetHashTable(SDB *sdb); michael@0: void lg_DBLock(SDB *sdb); michael@0: void lg_DBUnlock(SDB *sdb); michael@0: michael@0: typedef void (*LGFreeFunc)(void *); michael@0: michael@0: michael@0: /* michael@0: * database functions michael@0: */ michael@0: michael@0: /* lg_FindObjectsInit initializes a search for token and session objects michael@0: * that match a template. */ michael@0: CK_RV lg_FindObjectsInit(SDB *sdb, const CK_ATTRIBUTE *pTemplate, michael@0: CK_ULONG ulCount, SDBFind **search); michael@0: /* lg_FindObjects continues a search for token and session objects michael@0: * that match a template, obtaining additional object handles. */ michael@0: CK_RV lg_FindObjects(SDB *sdb, SDBFind *search, michael@0: CK_OBJECT_HANDLE *phObject,CK_ULONG ulMaxObjectCount, michael@0: CK_ULONG *pulObjectCount); michael@0: michael@0: /* lg_FindObjectsFinal finishes a search for token and session objects. */ michael@0: CK_RV lg_FindObjectsFinal(SDB* lgdb, SDBFind *search); michael@0: michael@0: /* lg_CreateObject parses the template and create an object stored in the michael@0: * DB that reflects the object specified in the template. */ michael@0: CK_RV lg_CreateObject(SDB *sdb, CK_OBJECT_HANDLE *handle, michael@0: const CK_ATTRIBUTE *templ, CK_ULONG count); michael@0: michael@0: CK_RV lg_GetAttributeValue(SDB *sdb, CK_OBJECT_HANDLE object_id, michael@0: CK_ATTRIBUTE *template, CK_ULONG count); michael@0: CK_RV lg_SetAttributeValue(SDB *sdb, CK_OBJECT_HANDLE object_id, michael@0: const CK_ATTRIBUTE *template, CK_ULONG count); michael@0: CK_RV lg_DestroyObject(SDB *sdb, CK_OBJECT_HANDLE object_id); michael@0: michael@0: CK_RV lg_Close(SDB *sdb); michael@0: CK_RV lg_Reset(SDB *sdb); michael@0: michael@0: /* michael@0: * The old database doesn't share and doesn't support michael@0: * transactions. michael@0: */ michael@0: CK_RV lg_Begin(SDB *sdb); michael@0: CK_RV lg_Commit(SDB *sdb); michael@0: CK_RV lg_Abort(SDB *sdb); michael@0: CK_RV lg_GetMetaData(SDB *sdb, const char *id, SECItem *item1, SECItem *item2); michael@0: CK_RV lg_PutMetaData(SDB *sdb, const char *id, michael@0: const SECItem *item1, const SECItem *item2); michael@0: michael@0: SEC_END_PROTOS michael@0: michael@0: #ifndef XP_UNIX michael@0: michael@0: #define NO_FORK_CHECK michael@0: michael@0: #endif michael@0: michael@0: #ifndef NO_FORK_CHECK michael@0: michael@0: extern PRBool lg_parentForkedAfterC_Initialize; michael@0: #define SKIP_AFTER_FORK(x) if (!lg_parentForkedAfterC_Initialize) x michael@0: michael@0: #else michael@0: michael@0: #define SKIP_AFTER_FORK(x) x michael@0: michael@0: #endif /* NO_FORK_CHECK */ michael@0: michael@0: #endif /* _LGDB_H_ */ michael@0: