michael@0: /* This Source Code Form is subject to the terms of the Mozilla Public michael@0: * License, v. 2.0. If a copy of the MPL was not distributed with this michael@0: * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ michael@0: michael@0: #ifndef _LOWKEYI_H_ michael@0: #define _LOWKEYI_H_ michael@0: michael@0: #include "prtypes.h" michael@0: #include "seccomon.h" michael@0: #include "secoidt.h" michael@0: #include "pcertt.h" michael@0: #include "lowkeyti.h" michael@0: #include "sdb.h" michael@0: michael@0: SEC_BEGIN_PROTOS michael@0: michael@0: /* michael@0: * See bugzilla bug 125359 michael@0: * Since NSS (via PKCS#11) wants to handle big integers as unsigned ints, michael@0: * all of the templates above that en/decode into integers must be converted michael@0: * from ASN.1's signed integer type. This is done by marking either the michael@0: * source or destination (encoding or decoding, respectively) type as michael@0: * siUnsignedInteger. michael@0: */ michael@0: extern void lg_prepare_low_rsa_priv_key_for_asn1(NSSLOWKEYPrivateKey *key); michael@0: extern void lg_prepare_low_pqg_params_for_asn1(PQGParams *params); michael@0: extern void lg_prepare_low_dsa_priv_key_for_asn1(NSSLOWKEYPrivateKey *key); michael@0: extern void lg_prepare_low_dh_priv_key_for_asn1(NSSLOWKEYPrivateKey *key); michael@0: #ifndef NSS_DISABLE_ECC michael@0: extern void lg_prepare_low_ec_priv_key_for_asn1(NSSLOWKEYPrivateKey *key); michael@0: extern void lg_prepare_low_ecparams_for_asn1(ECParams *params); michael@0: #endif /* NSS_DISABLE_ECC */ michael@0: michael@0: typedef char * (* NSSLOWKEYDBNameFunc)(void *arg, int dbVersion); michael@0: michael@0: /* michael@0: ** Open a key database. michael@0: */ michael@0: extern NSSLOWKEYDBHandle *nsslowkey_OpenKeyDB(PRBool readOnly, michael@0: const char *domain, michael@0: const char *prefix, michael@0: NSSLOWKEYDBNameFunc namecb, michael@0: void *cbarg); michael@0: michael@0: /* michael@0: ** Close the specified key database. michael@0: */ michael@0: extern void nsslowkey_CloseKeyDB(NSSLOWKEYDBHandle *handle); michael@0: michael@0: /* michael@0: * Get the version number of the database michael@0: */ michael@0: extern int nsslowkey_GetKeyDBVersion(NSSLOWKEYDBHandle *handle); michael@0: michael@0: /* michael@0: ** Delete a key from the database michael@0: */ michael@0: extern SECStatus nsslowkey_DeleteKey(NSSLOWKEYDBHandle *handle, michael@0: const SECItem *pubkey); michael@0: michael@0: /* michael@0: ** Store a key in the database, indexed by its public key modulus. michael@0: ** "pk" is the private key to store michael@0: ** "f" is the callback function for getting the password michael@0: ** "arg" is the argument for the callback michael@0: */ michael@0: extern SECStatus nsslowkey_StoreKeyByPublicKey(NSSLOWKEYDBHandle *handle, michael@0: NSSLOWKEYPrivateKey *pk, michael@0: SECItem *pubKeyData, michael@0: char *nickname, michael@0: SDB *sdb); michael@0: michael@0: /* does the key for this cert exist in the database filed by modulus */ michael@0: extern PRBool nsslowkey_KeyForCertExists(NSSLOWKEYDBHandle *handle, michael@0: NSSLOWCERTCertificate *cert); michael@0: /* does a key with this ID already exist? */ michael@0: extern PRBool nsslowkey_KeyForIDExists(NSSLOWKEYDBHandle *handle, SECItem *id); michael@0: michael@0: /* michael@0: ** Destroy a private key object. michael@0: ** "key" the object michael@0: ** "freeit" if PR_TRUE then free the object as well as its sub-objects michael@0: */ michael@0: extern void lg_nsslowkey_DestroyPrivateKey(NSSLOWKEYPrivateKey *key); michael@0: michael@0: /* michael@0: ** Destroy a public key object. michael@0: ** "key" the object michael@0: ** "freeit" if PR_TRUE then free the object as well as its sub-objects michael@0: */ michael@0: extern void lg_nsslowkey_DestroyPublicKey(NSSLOWKEYPublicKey *key); michael@0: michael@0: michael@0: /* michael@0: ** Convert a low private key "privateKey" into a public low key michael@0: */ michael@0: extern NSSLOWKEYPublicKey michael@0: *lg_nsslowkey_ConvertToPublicKey(NSSLOWKEYPrivateKey *privateKey); michael@0: michael@0: michael@0: SECStatus michael@0: nsslowkey_UpdateNickname(NSSLOWKEYDBHandle *handle, michael@0: NSSLOWKEYPrivateKey *privkey, michael@0: SECItem *pubKeyData, michael@0: char *nickname, michael@0: SDB *sdb); michael@0: michael@0: /* Store key by modulus and specify an encryption algorithm to use. michael@0: * handle is the pointer to the key database, michael@0: * privkey is the private key to be stored, michael@0: * f and arg are the function and arguments to the callback michael@0: * to get a password, michael@0: * algorithm is the algorithm which the privKey is to be stored. michael@0: * A return of anything but SECSuccess indicates failure. michael@0: */ michael@0: extern SECStatus michael@0: nsslowkey_StoreKeyByPublicKeyAlg(NSSLOWKEYDBHandle *handle, michael@0: NSSLOWKEYPrivateKey *privkey, michael@0: SECItem *pubKeyData, michael@0: char *nickname, michael@0: SDB *sdb, michael@0: PRBool update); michael@0: michael@0: /* Find key by modulus. This function is the inverse of store key michael@0: * by modulus. An attempt to locate the key with "modulus" is michael@0: * performed. If the key is found, the private key is returned, michael@0: * else NULL is returned. michael@0: * modulus is the modulus to locate michael@0: */ michael@0: extern NSSLOWKEYPrivateKey * michael@0: nsslowkey_FindKeyByPublicKey(NSSLOWKEYDBHandle *handle, SECItem *modulus, michael@0: SDB *sdb); michael@0: michael@0: extern char * michael@0: nsslowkey_FindKeyNicknameByPublicKey(NSSLOWKEYDBHandle *handle, michael@0: SECItem *modulus, SDB *sdb); michael@0: michael@0: #ifndef NSS_DISABLE_ECC michael@0: /* michael@0: * smaller version of EC_FillParams. In this code, we only need michael@0: * oid and DER data. michael@0: */ michael@0: SECStatus LGEC_FillParams(PLArenaPool *arena, const SECItem *encodedParams, michael@0: ECParams *params); michael@0: michael@0: /* Copy all of the fields from srcParams into dstParams */ michael@0: SECStatus LGEC_CopyParams(PLArenaPool *arena, ECParams *dstParams, michael@0: const ECParams *srcParams); michael@0: #endif michael@0: SEC_END_PROTOS michael@0: michael@0: #endif /* _LOWKEYI_H_ */