Back to index

lightning-sunbird  0.9+nobinonly
secmod.h
Go to the documentation of this file.
00001 /* ***** BEGIN LICENSE BLOCK *****
00002  * Version: MPL 1.1/GPL 2.0/LGPL 2.1
00003  *
00004  * The contents of this file are subject to the Mozilla Public License Version
00005  * 1.1 (the "License"); you may not use this file except in compliance with
00006  * the License. You may obtain a copy of the License at
00007  * http://www.mozilla.org/MPL/
00008  *
00009  * Software distributed under the License is distributed on an "AS IS" basis,
00010  * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
00011  * for the specific language governing rights and limitations under the
00012  * License.
00013  *
00014  * The Original Code is the Netscape security libraries.
00015  *
00016  * The Initial Developer of the Original Code is
00017  * Netscape Communications Corporation.
00018  * Portions created by the Initial Developer are Copyright (C) 1994-2000
00019  * the Initial Developer. All Rights Reserved.
00020  *
00021  * Contributor(s):
00022  *
00023  * Alternatively, the contents of this file may be used under the terms of
00024  * either the GNU General Public License Version 2 or later (the "GPL"), or
00025  * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
00026  * in which case the provisions of the GPL or the LGPL are applicable instead
00027  * of those above. If you wish to allow use of your version of this file only
00028  * under the terms of either the GPL or the LGPL, and not to allow others to
00029  * use your version of this file under the terms of the MPL, indicate your
00030  * decision by deleting the provisions above and replace them with the notice
00031  * and other provisions required by the GPL or the LGPL. If you do not delete
00032  * the provisions above, a recipient may use your version of this file under
00033  * the terms of any one of the MPL, the GPL or the LGPL.
00034  *
00035  * ***** END LICENSE BLOCK ***** */
00036 #ifndef _SECMOD_H_
00037 #define _SEDMOD_H_
00038 #include "seccomon.h"
00039 #include "secmodt.h"
00040 #include "prinrval.h"
00041 
00042 /* These mechanisms flags are visible to all other libraries. */
00043 /* They must be converted to internal SECMOD_*_FLAG */
00044 /* if used inside the functions of the security library */
00045 #define PUBLIC_MECH_RSA_FLAG         0x00000001ul
00046 #define PUBLIC_MECH_DSA_FLAG         0x00000002ul
00047 #define PUBLIC_MECH_RC2_FLAG         0x00000004ul
00048 #define PUBLIC_MECH_RC4_FLAG         0x00000008ul
00049 #define PUBLIC_MECH_DES_FLAG         0x00000010ul
00050 #define PUBLIC_MECH_DH_FLAG          0x00000020ul
00051 #define PUBLIC_MECH_FORTEZZA_FLAG    0x00000040ul
00052 #define PUBLIC_MECH_RC5_FLAG         0x00000080ul
00053 #define PUBLIC_MECH_SHA1_FLAG        0x00000100ul
00054 #define PUBLIC_MECH_MD5_FLAG         0x00000200ul
00055 #define PUBLIC_MECH_MD2_FLAG         0x00000400ul
00056 #define PUBLIC_MECH_SSL_FLAG         0x00000800ul
00057 #define PUBLIC_MECH_TLS_FLAG         0x00001000ul
00058 #define PUBLIC_MECH_AES_FLAG         0x00002000ul
00059 #define PUBLIC_MECH_SHA256_FLAG      0x00004000ul
00060 #define PUBLIC_MECH_SHA512_FLAG      0x00008000ul
00061 
00062 #define PUBLIC_MECH_RANDOM_FLAG      0x08000000ul
00063 #define PUBLIC_MECH_FRIENDLY_FLAG    0x10000000ul
00064 #define PUBLIC_OWN_PW_DEFAULTS       0X20000000ul
00065 #define PUBLIC_DISABLE_FLAG          0x40000000ul
00066 
00067 /* warning: reserved means reserved */
00068 #define PUBLIC_MECH_RESERVED_FLAGS   0x87FF0000ul
00069 
00070 /* These cipher flags are visible to all other libraries, */
00071 /* But they must be converted before used in functions */
00072 /* withing the security module */
00073 #define PUBLIC_CIPHER_FORTEZZA_FLAG  0x00000001ul
00074 
00075 /* warning: reserved means reserved */
00076 #define PUBLIC_CIPHER_RESERVED_FLAGS 0xFFFFFFFEul
00077 
00078 SEC_BEGIN_PROTOS
00079 
00080 /*
00081  * the following functions are going to be depricated in NSS 4.0 in
00082  * favor of the new stan functions.
00083  */
00084 
00085 /* Initialization */
00086 extern SECMODModule *SECMOD_LoadModule(char *moduleSpec,SECMODModule *parent,
00087                                                  PRBool recurse);
00088 
00089 extern SECMODModule *SECMOD_LoadUserModule(char *moduleSpec,SECMODModule *parent,
00090                                                  PRBool recurse);
00091 
00092 SECStatus SECMOD_UnloadUserModule(SECMODModule *mod);
00093 
00094 SECMODModule * SECMOD_CreateModule(const char *lib, const char *name,
00095                                    const char *param, const char *nss);
00096 
00097 
00098 /* Module Management */
00099 char **SECMOD_GetModuleSpecList(SECMODModule *module);
00100 SECStatus SECMOD_FreeModuleSpecList(SECMODModule *module,char **moduleSpecList);
00101 
00102  
00103 /* protoypes */
00104 /* Get a list of active PKCS #11 modules */
00105 extern SECMODModuleList *SECMOD_GetDefaultModuleList(void); 
00106 /* Get a list of defined but not loaded PKCS #11 modules */
00107 extern SECMODModuleList *SECMOD_GetDeadModuleList(void);
00108 /* Get a list of Modules which define PKCS #11 modules to load */
00109 extern SECMODModuleList *SECMOD_GetDBModuleList(void);
00110 
00111 /* lock to protect all three module lists above */
00112 extern SECMODListLock *SECMOD_GetDefaultModuleListLock(void);
00113 
00114 extern SECStatus SECMOD_UpdateModule(SECMODModule *module);
00115 
00116 /* lock management */
00117 extern void SECMOD_GetReadLock(SECMODListLock *);
00118 extern void SECMOD_ReleaseReadLock(SECMODListLock *);
00119 
00120 /* Operate on modules by name */
00121 extern SECMODModule *SECMOD_FindModule(const char *name);
00122 extern SECStatus SECMOD_DeleteModule(const char *name, int *type);
00123 extern SECStatus SECMOD_DeleteInternalModule(const char *name);
00124 extern PRBool SECMOD_CanDeleteInternalModule(void);
00125 extern SECStatus SECMOD_AddNewModule(const char* moduleName, 
00126                            const char* dllPath,
00127                               unsigned long defaultMechanismFlags,
00128                               unsigned long cipherEnableFlags);
00129 extern SECStatus SECMOD_AddNewModuleEx(const char* moduleName,
00130                            const char* dllPath,
00131                               unsigned long defaultMechanismFlags,
00132                               unsigned long cipherEnableFlags,
00133                               char* modparms,
00134                               char* nssparms);
00135 
00136 /* database/memory management */
00137 extern SECMODModule *SECMOD_GetInternalModule(void);
00138 extern SECMODModule *SECMOD_ReferenceModule(SECMODModule *module);
00139 extern void SECMOD_DestroyModule(SECMODModule *module);
00140 extern PK11SlotInfo *SECMOD_LookupSlot(SECMODModuleID module,
00141                                                  unsigned long slotID);
00142 extern PK11SlotInfo *SECMOD_FindSlot(SECMODModule *module,const char *name);
00143 
00144 /* Funtion reports true if at least one of the modules */
00145 /* of modType has been installed */
00146 PRBool SECMOD_IsModulePresent( unsigned long int pubCipherEnableFlags );
00147 
00148 /* Functions used to convert between internal & public representation
00149  * of Mechanism Flags and Cipher Enable Flags */
00150 extern unsigned long SECMOD_PubMechFlagstoInternal(unsigned long publicFlags);
00151 extern unsigned long SECMOD_PubCipherFlagstoInternal(unsigned long publicFlags);
00152 
00153 PRBool SECMOD_HasRemovableSlots(SECMODModule *mod);
00154 PK11SlotInfo *SECMOD_WaitForAnyTokenEvent(SECMODModule *mod, 
00155                             unsigned long flags, PRIntervalTime latency);
00156 /*
00157  * Warning: the SECMOD_CancelWait function is highly destructive, potentially 
00158  * finalizing  the module 'mod' (causing inprogress operations to fail, 
00159  * and session key material to disappear). It should only be called when 
00160  * shutting down  the module. 
00161  */
00162 SECStatus SECMOD_CancelWait(SECMODModule *mod);
00163 /*
00164  * check to see if the module has added new slots. PKCS 11 v2.20 allows for
00165  * modules to add new slots, but never remove them. Slots not be added between 
00166  * a call to C_GetSlotLlist(Flag, NULL, &count) and the corresponding
00167  * C_GetSlotList(flag, &data, &count) so that the array doesn't accidently
00168  * grow on the caller. It is permissible for the slots to increase between
00169  * corresponding calls with NULL to get the size.
00170  */
00171 SECStatus SECMOD_UpdateSlotList(SECMODModule *mod);
00172 SEC_END_PROTOS
00173 
00174 #endif