2
* The contents of this file are subject to the Mozilla Public
3
* License Version 1.1 (the "License"); you may not use this file
4
* except in compliance with the License. You may obtain a copy of
5
* the License at http://www.mozilla.org/MPL/
7
* Software distributed under the License is distributed on an "AS
8
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
9
* implied. See the License for the specific language governing
10
* rights and limitations under the License.
12
* The Original Code is the Netscape security libraries.
14
* The Initial Developer of the Original Code is Netscape
15
* Communications Corporation. Portions created by Netscape are
16
* Copyright (C) 1994-2000 Netscape Communications Corporation. All
21
* Alternatively, the contents of this file may be used under the
22
* terms of the GNU General Public License Version 2 or later (the
23
* "GPL"), in which case the provisions of the GPL are applicable
24
* instead of those above. If you wish to allow use of your
25
* version of this file only under the terms of the GPL and not to
26
* allow others to use your version of this file under the MPL,
27
* indicate your decision by deleting the provisions above and
28
* replace them with the notice and other provisions required by
29
* the GPL. If you do not delete the provisions above, a recipient
30
* may use your version of this file under either the MPL or the
40
* Low-level methods for interaction with cryptoki devices
44
static const char DEV_CVS_ID[] = "@(#) $RCSfile: dev.h,v $ $Revision: 1.33 $ $Date: 2003/04/19 00:03:13 $ $Name: FIREFOX_1_0_RELEASE $";
61
/* the global module list
63
* These functions are for managing the global set of modules. Trust Domains,
64
* etc., will draw from this set. These functions are completely internal
65
* and only invoked when there are changes to the global module state
68
* nss_InitializeGlobalModuleList
69
* nss_DestroyGlobalModuleList
70
* nss_GetLoadedModules
72
* nssGlobalModuleList_Add
73
* nssGlobalModuleList_Remove
74
* nssGlobalModuleList_FindModuleByName
75
* nssGlobalModuleList_FindSlotByName
76
* nssGlobalModuleList_FindTokenByName
80
nss_InitializeGlobalModuleList
86
nss_DestroyGlobalModuleList
91
NSS_EXTERN NSSModule **
98
nssGlobalModuleList_Add
104
nssGlobalModuleList_Remove
109
NSS_EXTERN NSSModule *
110
nssGlobalModuleList_FindModuleByName
116
nssGlobalModuleList_FindSlotByName
121
NSS_EXTERN NSSToken *
122
nssGlobalModuleList_FindTokenByName
127
NSS_EXTERN NSSToken *
128
nss_GetDefaultCryptoToken
133
NSS_EXTERN NSSToken *
134
nss_GetDefaultDatabaseToken
140
* |-----------|<---> NSSSlot <--> NSSToken
141
* | NSSModule |<---> NSSSlot <--> NSSToken
142
* |-----------|<---> NSSSlot <--> NSSToken
148
* nssModule_CreateFromSpec
152
* nssModule_FindSlotByName
153
* nssModule_FindTokenByName
154
* nssModule_GetCertOrder
157
NSS_EXTERN NSSModule *
166
/* This is to use the new loading mechanism. */
167
NSS_EXTERN NSSModule *
168
nssModule_CreateFromSpec
172
PRBool loadSubModules
181
NSS_EXTERN NSSModule *
193
NSS_EXTERN NSSSlot **
200
nssModule_FindSlotByName
206
NSS_EXTERN NSSToken *
207
nssModule_FindTokenByName
214
nssModule_GetCertOrder
224
* nssSlot_GetTokenName
225
* nssSlot_IsTokenPresent
226
* nssSlot_IsPermanent
234
* nssSlot_SetPassword
235
* nssSlot_CreateSession
262
NSS_EXTERN NSSModule *
268
NSS_EXTERN NSSToken *
275
nssSlot_IsTokenPresent
316
extern const NSSError NSS_ERROR_INVALID_PASSWORD;
317
extern const NSSError NSS_ERROR_USER_CANCELED;
323
nssSession *sessionOpt
338
#define NSSSLOT_ASK_PASSWORD_FIRST_TIME -1
339
#define NSSSLOT_ASK_PASSWORD_EVERY_TIME 0
341
nssSlot_SetPasswordDefaults
344
PRInt32 askPasswordTimeout
351
NSSUTF8 *oldPasswordOpt,
354
extern const NSSError NSS_ERROR_INVALID_PASSWORD;
355
extern const NSSError NSS_ERROR_USER_CANCELED;
361
NSS_EXTERN nssSession *
362
nssSlot_CreateSession
366
PRBool readWrite /* so far, this is the only flag used */
376
* nssToken_NeedsPINInitialization
377
* nssToken_ImportCertificate
378
* nssToken_ImportTrust
380
* nssToken_GenerateKeyPair
381
* nssToken_GenerateSymmetricKey
382
* nssToken_DeleteStoredObject
383
* nssToken_FindCertificates
384
* nssToken_FindCertificatesBySubject
385
* nssToken_FindCertificatesByNickname
386
* nssToken_FindCertificatesByEmail
387
* nssToken_FindCertificateByIssuerAndSerialNumber
388
* nssToken_FindCertificateByEncodedCertificate
389
* nssToken_FindTrustObjects
390
* nssToken_FindTrustForCertificate
392
* nssToken_FindCRLsBySubject
393
* nssToken_FindPrivateKeys
394
* nssToken_FindPrivateKeyByID
396
* nssToken_BeginDigest
397
* nssToken_ContinueDigest
398
* nssToken_FinishDigest
407
NSS_EXTERN NSSToken *
419
NSS_EXTERN NSSModule *
432
nssToken_NeedsPINInitialization
437
NSS_EXTERN nssCryptokiObject *
438
nssToken_ImportCertificate
441
nssSession *sessionOpt,
442
NSSCertificateType certType,
449
NSSASCII7 *emailAddr,
453
NSS_EXTERN nssCryptokiObject *
457
nssSession *sessionOpt,
458
NSSDER *certEncoding,
461
nssTrustLevel serverAuth,
462
nssTrustLevel clientAuth,
463
nssTrustLevel codeSigning,
464
nssTrustLevel emailProtection,
468
NSS_EXTERN nssCryptokiObject *
472
nssSession *sessionOpt,
480
/* Permanently remove an object from the token. */
482
nssToken_DeleteStoredObject
484
nssCryptokiObject *instance
487
NSS_EXTERN nssCryptokiObject **
488
nssToken_FindCertificates
491
nssSession *sessionOpt,
492
nssTokenSearchType searchType,
497
NSS_EXTERN nssCryptokiObject **
498
nssToken_FindCertificatesBySubject
501
nssSession *sessionOpt,
503
nssTokenSearchType searchType,
508
NSS_EXTERN nssCryptokiObject **
509
nssToken_FindCertificatesByNickname
512
nssSession *sessionOpt,
514
nssTokenSearchType searchType,
519
NSS_EXTERN nssCryptokiObject **
520
nssToken_FindCertificatesByEmail
523
nssSession *sessionOpt,
525
nssTokenSearchType searchType,
530
NSS_EXTERN nssCryptokiObject **
531
nssToken_FindCertificatesByID
534
nssSession *sessionOpt,
536
nssTokenSearchType searchType,
541
NSS_EXTERN nssCryptokiObject *
542
nssToken_FindCertificateByIssuerAndSerialNumber
545
nssSession *sessionOpt,
548
nssTokenSearchType searchType,
552
NSS_EXTERN nssCryptokiObject *
553
nssToken_FindCertificateByEncodedCertificate
556
nssSession *sessionOpt,
557
NSSBER *encodedCertificate,
558
nssTokenSearchType searchType,
562
NSS_EXTERN nssCryptokiObject **
563
nssToken_FindTrustObjects
566
nssSession *sessionOpt,
567
nssTokenSearchType searchType,
572
NSS_EXTERN nssCryptokiObject *
573
nssToken_FindTrustForCertificate
576
nssSession *sessionOpt,
577
NSSDER *certEncoding,
580
nssTokenSearchType searchType
583
NSS_EXTERN nssCryptokiObject **
587
nssSession *sessionOpt,
588
nssTokenSearchType searchType,
593
NSS_EXTERN nssCryptokiObject **
594
nssToken_FindCRLsBySubject
597
nssSession *sessionOpt,
599
nssTokenSearchType searchType,
604
NSS_EXTERN nssCryptokiObject **
605
nssToken_FindPrivateKeys
608
nssSession *sessionOpt,
609
nssTokenSearchType searchType,
614
NSS_EXTERN nssCryptokiObject *
615
nssToken_FindPrivateKeyByID
618
nssSession *sessionOpt,
622
NSS_EXTERN nssCryptokiObject *
623
nssToken_FindPublicKeyByID
626
nssSession *sessionOpt,
634
nssSession *sessionOpt,
635
NSSAlgorithmAndParameters *ap,
645
nssSession *sessionOpt,
646
NSSAlgorithmAndParameters *ap
650
nssToken_ContinueDigest
653
nssSession *sessionOpt,
658
nssToken_FinishDigest
661
nssSession *sessionOpt,
669
* nssSession_EnterMonitor
670
* nssSession_ExitMonitor
671
* nssSession_IsReadWrite
680
/* would like to inline */
682
nssSession_EnterMonitor
687
/* would like to inline */
689
nssSession_ExitMonitor
694
/* would like to inline */
696
nssSession_IsReadWrite
703
* An object living on a cryptoki token.
704
* Not really proper to mix up the object types just because
705
* nssCryptokiObject itself is generic, but doing so anyway.
707
* nssCryptokiObject_Destroy
708
* nssCryptokiObject_Equal
709
* nssCryptokiObject_Clone
710
* nssCryptokiCertificate_GetAttributes
711
* nssCryptokiPrivateKey_GetAttributes
712
* nssCryptokiPublicKey_GetAttributes
713
* nssCryptokiTrust_GetAttributes
714
* nssCryptokiCRL_GetAttributes
718
nssCryptokiObject_Destroy
720
nssCryptokiObject *object
724
nssCryptokiObject_Equal
726
nssCryptokiObject *object1,
727
nssCryptokiObject *object2
730
NSS_EXTERN nssCryptokiObject *
731
nssCryptokiObject_Clone
733
nssCryptokiObject *object
737
nssCryptokiCertificate_GetAttributes
739
nssCryptokiObject *object,
740
nssSession *sessionOpt,
742
NSSCertificateType *certTypeOpt,
751
nssCryptokiTrust_GetAttributes
753
nssCryptokiObject *trustObject,
754
nssSession *sessionOpt,
756
nssTrustLevel *serverAuth,
757
nssTrustLevel *clientAuth,
758
nssTrustLevel *codeSigning,
759
nssTrustLevel *emailProtection
763
nssCryptokiCRL_GetAttributes
765
nssCryptokiObject *crlObject,
766
nssSession *sessionOpt,
768
NSSItem *encodingOpt,
769
NSSItem * subjectOpt,
770
CK_ULONG * crl_class,
775
/* I'm including this to handle import of certificates in NSS 3.5. This
776
* function will set the cert-related attributes of a key, in order to
777
* associate it with a cert. Does it stay like this for 4.0?
780
nssCryptokiPrivateKey_SetCertificate
782
nssCryptokiObject *keyObject,
783
nssSession *sessionOpt,
790
nssModuleArray_Destroy
797
* nssSlotArray_Destroy
808
* nssTokenArray_Destroy
812
nssTokenArray_Destroy
817
/* nssCryptokiObjectArray
819
* nssCryptokiObjectArray_Destroy
822
nssCryptokiObjectArray_Destroy
824
nssCryptokiObject **object
829
* An ordered list of slots. The order can be anything, it is set in the
830
* Add methods. Perhaps it should be CreateInCertOrder, ...?
833
* nssSlotList_Destroy
835
* nssSlotList_AddModuleSlots
836
* nssSlotList_GetSlots
837
* nssSlotList_FindSlotByName
838
* nssSlotList_FindTokenByName
839
* nssSlotList_GetBestSlot
840
* nssSlotList_GetBestSlotForAlgorithmAndParameters
841
* nssSlotList_GetBestSlotForAlgorithmsAndParameters
844
/* nssSlotList_Create
846
NSS_EXTERN nssSlotList *
852
/* nssSlotList_Destroy
857
nssSlotList *slotList
862
* Add the given slot in the given order.
867
nssSlotList *slotList,
872
/* nssSlotList_AddModuleSlots
874
* Add all slots in the module, in the given order (the slots will have
878
nssSlotList_AddModuleSlots
880
nssSlotList *slotList,
885
/* nssSlotList_GetSlots
887
NSS_EXTERN NSSSlot **
890
nssSlotList *slotList
893
/* nssSlotList_FindSlotByName
896
nssSlotList_FindSlotByName
898
nssSlotList *slotList,
902
/* nssSlotList_FindTokenByName
904
NSS_EXTERN NSSToken *
905
nssSlotList_FindTokenByName
907
nssSlotList *slotList,
911
/* nssSlotList_GetBestSlot
913
* The best slot is the highest ranking in order, i.e., the first in the
917
nssSlotList_GetBestSlot
919
nssSlotList *slotList
922
/* nssSlotList_GetBestSlotForAlgorithmAndParameters
924
* Highest-ranking slot than can handle algorithm/parameters.
927
nssSlotList_GetBestSlotForAlgorithmAndParameters
929
nssSlotList *slotList,
930
NSSAlgorithmAndParameters *ap
933
/* nssSlotList_GetBestSlotForAlgorithmsAndParameters
935
* Highest-ranking slot than can handle all algorithms/parameters.
938
nssSlotList_GetBestSlotForAlgorithmsAndParameters
940
nssSlotList *slotList,
941
NSSAlgorithmAndParameters **ap
952
NSS_EXTERN nssSession *
953
nssToken_GetDefaultSession
959
nssToken_GetTrustOrder
965
nssToken_NotifyCertsNotVisible
971
nssToken_TraverseCertificates
974
nssSession *sessionOpt,
975
nssTokenSearchType searchType,
976
PRStatus (* callback)(nssCryptokiObject *instance, void *arg),
981
nssToken_IsPrivateKeyAvailable
985
nssCryptokiObject *instance