diff options
Diffstat (limited to 'nss/lib/pk11wrap/secmodt.h')
-rw-r--r-- | nss/lib/pk11wrap/secmodt.h | 214 |
1 files changed, 105 insertions, 109 deletions
diff --git a/nss/lib/pk11wrap/secmodt.h b/nss/lib/pk11wrap/secmodt.h index 33e7f1b..23abe30 100644 --- a/nss/lib/pk11wrap/secmodt.h +++ b/nss/lib/pk11wrap/secmodt.h @@ -29,10 +29,10 @@ SEC_END_PROTOS typedef struct SECMODModuleStr SECMODModule; typedef struct SECMODModuleListStr SECMODModuleList; typedef NSSRWLock SECMODListLock; -typedef struct PK11SlotInfoStr PK11SlotInfo; /* defined in secmodti.h */ +typedef struct PK11SlotInfoStr PK11SlotInfo; /* defined in secmodti.h */ typedef struct NSSUTILPreSlotInfoStr PK11PreSlotInfo; /* defined in secmodti.h */ -typedef struct PK11SymKeyStr PK11SymKey; /* defined in secmodti.h */ -typedef struct PK11ContextStr PK11Context; /* defined in secmodti.h */ +typedef struct PK11SymKeyStr PK11SymKey; /* defined in secmodti.h */ +typedef struct PK11ContextStr PK11Context; /* defined in secmodti.h */ typedef struct PK11SlotListStr PK11SlotList; typedef struct PK11SlotListElementStr PK11SlotListElement; typedef struct PK11RSAGenParamsStr PK11RSAGenParams; @@ -42,37 +42,37 @@ typedef struct PK11GenericObjectStr PK11GenericObject; typedef void (*PK11FreeDataFunc)(void *); struct SECMODModuleStr { - PLArenaPool *arena; - PRBool internal; /* true of internally linked modules, false - * for the loaded modules */ - PRBool loaded; /* Set to true if module has been loaded */ - PRBool isFIPS; /* Set to true if module is finst internal */ - char *dllName; /* name of the shared library which implements - * this module */ - char *commonName; /* name of the module to display to the user */ - void *library; /* pointer to the library. opaque. used only by - * pk11load.c */ - void *functionList; /* The PKCS #11 function table */ - PZLock *refLock; /* only used pk11db.c */ - int refCount; /* Module reference count */ - PK11SlotInfo **slots; /* array of slot points attached to this mod*/ - int slotCount; /* count of slot in above array */ - PK11PreSlotInfo *slotInfo; /* special info about slots default settings */ - int slotInfoCount; /* count */ - SECMODModuleID moduleID; /* ID so we can find this module again */ - PRBool isThreadSafe; - unsigned long ssl[2]; /* SSL cipher enable flags */ - char *libraryParams; /* Module specific parameters */ - void *moduleDBFunc; /* function to return module configuration data*/ - SECMODModule *parent; /* module that loaded us */ - PRBool isCritical; /* This module must load successfully */ - PRBool isModuleDB; /* this module has lists of PKCS #11 modules */ - PRBool moduleDBOnly; /* this module only has lists of PKCS #11 modules */ - int trustOrder; /* order for this module's certificate trust rollup */ - int cipherOrder; /* order for cipher operations */ + PLArenaPool *arena; + PRBool internal; /* true of internally linked modules, false + * for the loaded modules */ + PRBool loaded; /* Set to true if module has been loaded */ + PRBool isFIPS; /* Set to true if module is finst internal */ + char *dllName; /* name of the shared library which implements + * this module */ + char *commonName; /* name of the module to display to the user */ + void *library; /* pointer to the library. opaque. used only by + * pk11load.c */ + void *functionList; /* The PKCS #11 function table */ + PZLock *refLock; /* only used pk11db.c */ + int refCount; /* Module reference count */ + PK11SlotInfo **slots; /* array of slot points attached to this mod*/ + int slotCount; /* count of slot in above array */ + PK11PreSlotInfo *slotInfo; /* special info about slots default settings */ + int slotInfoCount; /* count */ + SECMODModuleID moduleID; /* ID so we can find this module again */ + PRBool isThreadSafe; + unsigned long ssl[2]; /* SSL cipher enable flags */ + char *libraryParams; /* Module specific parameters */ + void *moduleDBFunc; /* function to return module configuration data*/ + SECMODModule *parent; /* module that loaded us */ + PRBool isCritical; /* This module must load successfully */ + PRBool isModuleDB; /* this module has lists of PKCS #11 modules */ + PRBool moduleDBOnly; /* this module only has lists of PKCS #11 modules */ + int trustOrder; /* order for this module's certificate trust rollup */ + int cipherOrder; /* order for cipher operations */ unsigned long evControlMask; /* control the running and shutdown of slot - * events (SECMOD_WaitForAnyTokenEvent) */ - CK_VERSION cryptokiVersion; /* version of this library */ + * events (SECMOD_WaitForAnyTokenEvent) */ + CK_VERSION cryptokiVersion; /* version of this library */ }; /* evControlMask flags */ @@ -86,14 +86,14 @@ struct SECMODModuleStr { * SECMOD_END_WAIT - SECMOD_CancelWait has been called while the module is * waiting in SECMOD_WaitForAnyTokenEvent. SECMOD_WaitForAnyTokenEvent * should return immediately to it's caller. - */ -#define SECMOD_END_WAIT 0x01 -#define SECMOD_WAIT_SIMULATED_EVENT 0x02 -#define SECMOD_WAIT_PKCS11_EVENT 0x04 + */ +#define SECMOD_END_WAIT 0x01 +#define SECMOD_WAIT_SIMULATED_EVENT 0x02 +#define SECMOD_WAIT_PKCS11_EVENT 0x04 struct SECMODModuleListStr { - SECMODModuleList *next; - SECMODModule *module; + SECMODModuleList *next; + SECMODModule *module; }; struct PK11SlotListStr { @@ -115,27 +115,27 @@ struct PK11RSAGenParamsStr { }; typedef enum { - PK11CertListUnique = 0, /* get one instance of all certs */ - PK11CertListUser = 1, /* get all instances of user certs */ - PK11CertListRootUnique = 2, /* get one instance of CA certs without a private key. - * deprecated. Use PK11CertListCAUnique - */ - PK11CertListCA = 3, /* get all instances of CA certs */ - PK11CertListCAUnique = 4, /* get one instance of CA certs */ - PK11CertListUserUnique = 5, /* get one instance of user certs */ - PK11CertListAll = 6 /* get all instances of all certs */ + PK11CertListUnique = 0, /* get one instance of all certs */ + PK11CertListUser = 1, /* get all instances of user certs */ + PK11CertListRootUnique = 2, /* get one instance of CA certs without a private key. + * deprecated. Use PK11CertListCAUnique + */ + PK11CertListCA = 3, /* get all instances of CA certs */ + PK11CertListCAUnique = 4, /* get one instance of CA certs */ + PK11CertListUserUnique = 5, /* get one instance of user certs */ + PK11CertListAll = 6 /* get all instances of all certs */ } PK11CertListType; /* * Entry into the array which lists all the legal bits for the default flags * in the slot, their definition, and the PKCS #11 mechanism they represent. - * Always statically allocated. + * Always statically allocated. */ struct PK11DefaultArrayEntryStr { const char *name; unsigned long flag; - unsigned long mechanism; /* this is a long so we don't include the - * whole pkcs 11 world to use this header */ + unsigned long mechanism; /* this is a long so we don't include the + * whole pkcs 11 world to use this header */ }; /* @@ -187,8 +187,8 @@ typedef PRUint32 PK11AttrFlags; * These two flags specify the value of the PKCS #11 CKA_TOKEN * attribute. */ -#define PK11_ATTR_TOKEN 0x00000001L -#define PK11_ATTR_SESSION 0x00000002L +#define PK11_ATTR_TOKEN 0x00000001L +#define PK11_ATTR_SESSION 0x00000002L /* * PK11_ATTR_PRIVATE @@ -209,8 +209,8 @@ typedef PRUint32 PK11AttrFlags; * keys, so public keys created by NSS get the token-specific * default value of the CKA_PRIVATE attribute. */ -#define PK11_ATTR_PRIVATE 0x00000004L -#define PK11_ATTR_PUBLIC 0x00000008L +#define PK11_ATTR_PRIVATE 0x00000004L +#define PK11_ATTR_PUBLIC 0x00000008L /* * PK11_ATTR_MODIFIABLE @@ -228,8 +228,8 @@ typedef PRUint32 PK11AttrFlags; * These two flags specify the value of the PKCS #11 CKA_MODIFIABLE * attribute. */ -#define PK11_ATTR_MODIFIABLE 0x00000010L -#define PK11_ATTR_UNMODIFIABLE 0x00000020L +#define PK11_ATTR_MODIFIABLE 0x00000010L +#define PK11_ATTR_UNMODIFIABLE 0x00000020L /* Attributes for PKCS #11 key objects. */ @@ -253,8 +253,8 @@ typedef PRUint32 PK11AttrFlags; * is allowed. So in practice the default value of this attribute * is token-specific, hence the need for two bitflags. */ -#define PK11_ATTR_SENSITIVE 0x00000040L -#define PK11_ATTR_INSENSITIVE 0x00000080L +#define PK11_ATTR_SENSITIVE 0x00000040L +#define PK11_ATTR_INSENSITIVE 0x00000080L /* * PK11_ATTR_EXTRACTABLE @@ -271,24 +271,24 @@ typedef PRUint32 PK11AttrFlags; * These two flags specify the value of the PKCS #11 CKA_EXTRACTABLE * attribute. */ -#define PK11_ATTR_EXTRACTABLE 0x00000100L +#define PK11_ATTR_EXTRACTABLE 0x00000100L #define PK11_ATTR_UNEXTRACTABLE 0x00000200L /* Cryptographic module types */ -#define SECMOD_EXTERNAL 0 /* external module */ -#define SECMOD_INTERNAL 1 /* internal default module */ -#define SECMOD_FIPS 2 /* internal fips module */ +#define SECMOD_EXTERNAL 0 /* external module */ +#define SECMOD_INTERNAL 1 /* internal default module */ +#define SECMOD_FIPS 2 /* internal fips module */ /* default module configuration strings */ #define SECMOD_SLOT_FLAGS "slotFlags=[RSA,DSA,DH,RC2,RC4,DES,RANDOM,SHA1,MD5,MD2,SSL,TLS,AES,Camellia,SEED,SHA256,SHA512]" -#define SECMOD_MAKE_NSS_FLAGS(fips,slot) \ -"Flags=internal,critical" fips " slotparams=(" #slot "={" SECMOD_SLOT_FLAGS "})" +#define SECMOD_MAKE_NSS_FLAGS(fips, slot) \ + "Flags=internal,critical" fips " slotparams=(" #slot "={" SECMOD_SLOT_FLAGS "})" #define SECMOD_INT_NAME "NSS Internal PKCS #11 Module" -#define SECMOD_INT_FLAGS SECMOD_MAKE_NSS_FLAGS("",1) +#define SECMOD_INT_FLAGS SECMOD_MAKE_NSS_FLAGS("", 1) #define SECMOD_FIPS_NAME "NSS Internal FIPS PKCS #11 Module" -#define SECMOD_FIPS_FLAGS SECMOD_MAKE_NSS_FLAGS(",fips",3) +#define SECMOD_FIPS_FLAGS SECMOD_MAKE_NSS_FLAGS(",fips", 3) /* * What is the origin of a given Key. Normally this doesn't matter, but @@ -296,11 +296,11 @@ typedef PRUint32 PK11AttrFlags; * hack. */ typedef enum { - PK11_OriginNULL = 0, /* There is not key, it's a null SymKey */ - PK11_OriginDerive = 1, /* Key was derived from some other key */ - PK11_OriginGenerated = 2, /* Key was generated (also PBE keys) */ - PK11_OriginFortezzaHack = 3,/* Key was marked for fortezza hack */ - PK11_OriginUnwrap = 4 /* Key was unwrapped or decrypted */ + PK11_OriginNULL = 0, /* There is not key, it's a null SymKey */ + PK11_OriginDerive = 1, /* Key was derived from some other key */ + PK11_OriginGenerated = 2, /* Key was generated (also PBE keys) */ + PK11_OriginFortezzaHack = 3, /* Key was marked for fortezza hack */ + PK11_OriginUnwrap = 4 /* Key was unwrapped or decrypted */ } PK11Origin; /* PKCS #11 disable reasons */ @@ -312,8 +312,8 @@ typedef enum { PK11_DIS_TOKEN_NOT_PRESENT = 4 } PK11DisableReasons; -/* types of PKCS #11 objects - * used to identify which NSS data structure is +/* types of PKCS #11 objects + * used to identify which NSS data structure is * passed to the PK11_Raw* functions. Types map as follows: * PK11_TypeGeneric PK11GenericObject * * PK11_TypePrivKey SECKEYPrivateKey * @@ -322,38 +322,36 @@ typedef enum { * PK11_TypeCert CERTCertificate * (currently not used). */ typedef enum { - PK11_TypeGeneric = 0, - PK11_TypePrivKey = 1, - PK11_TypePubKey = 2, - PK11_TypeCert = 3, - PK11_TypeSymKey = 4 + PK11_TypeGeneric = 0, + PK11_TypePrivKey = 1, + PK11_TypePubKey = 2, + PK11_TypeCert = 3, + PK11_TypeSymKey = 4 } PK11ObjectType; - - /* function pointer type for password callback function. - * This type is passed in to PK11_SetPasswordFunc() + * This type is passed in to PK11_SetPasswordFunc() */ typedef char *(PR_CALLBACK *PK11PasswordFunc)(PK11SlotInfo *slot, PRBool retry, void *arg); -typedef PRBool (PR_CALLBACK *PK11VerifyPasswordFunc)(PK11SlotInfo *slot, void *arg); -typedef PRBool (PR_CALLBACK *PK11IsLoggedInFunc)(PK11SlotInfo *slot, void *arg); +typedef PRBool(PR_CALLBACK *PK11VerifyPasswordFunc)(PK11SlotInfo *slot, void *arg); +typedef PRBool(PR_CALLBACK *PK11IsLoggedInFunc)(PK11SlotInfo *slot, void *arg); /* * Special strings the password callback function can return only if * the slot is an protected auth path slot. - */ -#define PK11_PW_RETRY "RETRY" /* an failed attempt to authenticate - * has already been made, just retry - * the operation */ -#define PK11_PW_AUTHENTICATED "AUTH" /* a successful attempt to authenticate - * has completed. Continue without - * another call to C_Login */ + */ +#define PK11_PW_RETRY "RETRY" /* an failed attempt to authenticate \ + * has already been made, just retry \ + * the operation */ +#define PK11_PW_AUTHENTICATED "AUTH" /* a successful attempt to authenticate \ + * has completed. Continue without \ + * another call to C_Login */ /* All other non-null values mean that that NSS could call C_Login to force - * the authentication. The following define is to aid applications in + * the authentication. The following define is to aid applications in * documenting that is what it's trying to do */ -#define PK11_PW_TRY "TRY" /* Default: a prompt has been presented - * to the user, initiate a C_Login - * to authenticate the token */ +#define PK11_PW_TRY "TRY" /* Default: a prompt has been presented \ + * to the user, initiate a C_Login \ + * to authenticate the token */ /* * PKCS #11 key structures @@ -394,23 +392,22 @@ typedef struct SECKEYEncryptedPrivateKeyInfoStr SECKEYEncryptedPrivateKeyInfo; * token removal detection */ typedef enum { - PK11TokenNotRemovable = 0, - PK11TokenPresent = 1, - PK11TokenChanged = 2, - PK11TokenRemoved = 3 + PK11TokenNotRemovable = 0, + PK11TokenPresent = 1, + PK11TokenChanged = 2, + PK11TokenRemoved = 3 } PK11TokenStatus; typedef enum { - PK11TokenRemovedOrChangedEvent = 0, - PK11TokenPresentEvent = 1 + PK11TokenRemovedOrChangedEvent = 0, + PK11TokenPresentEvent = 1 } PK11TokenEvent; /* * CRL Import Flags */ #define CRL_IMPORT_DEFAULT_OPTIONS 0x00000000 -#define CRL_IMPORT_BYPASS_CHECKS 0x00000001 - +#define CRL_IMPORT_BYPASS_CHECKS 0x00000001 /* * Merge Error Log @@ -421,15 +418,15 @@ typedef struct PK11MergeLogNodeStr PK11MergeLogNode; /* These need to be global, leave some open fields so we can 'expand' * these without breaking binary compatibility */ struct PK11MergeLogNodeStr { - PK11MergeLogNode *next; /* next entry in the list */ - PK11MergeLogNode *prev; /* last entry in the list */ + PK11MergeLogNode *next; /* next entry in the list */ + PK11MergeLogNode *prev; /* last entry in the list */ PK11GenericObject *object; /* object that failed */ - int error; /* what the error was */ + int error; /* what the error was */ CK_RV reserved1; unsigned long reserved2; /* future flags */ unsigned long reserved3; /* future scalar */ - void *reserved4; /* future pointer */ - void *reserved5; /* future expansion pointer */ + void *reserved4; /* future pointer */ + void *reserved5; /* future expansion pointer */ }; struct PK11MergeLogStr { @@ -443,6 +440,5 @@ struct PK11MergeLogStr { void *reserverd4; void *reserverd5; }; - #endif /*_SECMODT_H_ */ |