1 /* This Source Code Form is subject to the terms of the Mozilla Public 2 * License, v. 2.0. If a copy of the MPL was not distributed with this 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 4 /* 5 * Internal header file included only by files in pkcs11 dir, or in 6 * pkcs11 specific client and server files. 7 */ 8 #ifndef _SECMODI_H_ 9 #define _SECMODI_H_ 1 10 11 #include <stddef.h> 12 13 #include "pkcs11.h" 14 #include "nssilock.h" 15 #include "secoidt.h" 16 #include "secdert.h" 17 #include "certt.h" 18 #include "secmodt.h" 19 #include "keythi.h" 20 21 SEC_BEGIN_PROTOS 22 23 /* proto-types */ 24 extern SECStatus SECMOD_DeletePermDB(SECMODModule *module); 25 extern SECStatus SECMOD_AddPermDB(SECMODModule *module); 26 extern SECStatus SECMOD_Shutdown(void); 27 void nss_DumpModuleLog(void); 28 29 extern int secmod_PrivateModuleCount; 30 31 extern void SECMOD_Init(void); 32 SECStatus secmod_ModuleInit(SECMODModule *mod, SECMODModule **oldModule, 33 PRBool *alreadyLoaded); 34 35 /* list managment */ 36 extern SECStatus SECMOD_AddModuleToList(SECMODModule *newModule); 37 extern SECStatus SECMOD_AddModuleToDBOnlyList(SECMODModule *newModule); 38 extern SECStatus SECMOD_AddModuleToUnloadList(SECMODModule *newModule); 39 extern void SECMOD_RemoveList(SECMODModuleList **, SECMODModuleList *); 40 extern void SECMOD_AddList(SECMODModuleList *, SECMODModuleList *, SECMODListLock *); 41 extern SECMODListLock *SECMOD_NewListLock(void); 42 extern void SECMOD_DestroyListLock(SECMODListLock *); 43 extern void SECMOD_GetWriteLock(SECMODListLock *); 44 extern void SECMOD_ReleaseWriteLock(SECMODListLock *); 45 46 /* Operate on modules by name */ 47 extern SECMODModule *SECMOD_FindModuleByID(SECMODModuleID); 48 extern SECMODModule *secmod_FindModuleByFuncPtr(void *funcPtr); 49 50 /* database/memory management */ 51 extern SECMODModuleList *SECMOD_NewModuleListElement(void); 52 extern SECMODModuleList *SECMOD_DestroyModuleListElement(SECMODModuleList *); 53 extern void SECMOD_DestroyModuleList(SECMODModuleList *); 54 extern SECStatus SECMOD_AddModule(SECMODModule *newModule); 55 56 extern unsigned long SECMOD_InternaltoPubCipherFlags(unsigned long internalFlags); 57 58 /* Library functions */ 59 SECStatus secmod_LoadPKCS11Module(SECMODModule *, SECMODModule **oldModule); 60 SECStatus SECMOD_UnloadModule(SECMODModule *); 61 void SECMOD_SetInternalModule(SECMODModule *); 62 PRBool secmod_IsInternalKeySlot(SECMODModule *); 63 void secmod_SetInternalKeySlotFlag(SECMODModule *mod, PRBool val); 64 65 /* tools for checking if we are loading the same database twice */ 66 typedef struct SECMODConfigListStr SECMODConfigList; 67 /* collect all the databases in a given spec */ 68 SECMODConfigList *secmod_GetConfigList(PRBool isFIPS, char *spec, int *count); 69 /* see is a spec matches a database on the list */ 70 PRBool secmod_MatchConfigList(const char *spec, 71 SECMODConfigList *conflist, int count); 72 /* returns the slot id from a module and modulespec */ 73 CK_SLOT_ID secmod_GetSlotIDFromModuleSpec(const char *moduleSpec, SECMODModule *module); 74 /* free our list of databases */ 75 void secmod_FreeConfigList(SECMODConfigList *conflist, int count); 76 77 /* parsing parameters */ 78 /* returned char * must be freed by caller with PORT_Free */ 79 /* children and ids are null terminated arrays which must be freed with 80 * secmod_FreeChildren */ 81 char *secmod_ParseModuleSpecForTokens(PRBool convert, 82 PRBool isFIPS, 83 const char *moduleSpec, 84 char ***children, 85 CK_SLOT_ID **ids); 86 void secmod_FreeChildren(char **children, CK_SLOT_ID *ids); 87 char *secmod_MkAppendTokensList(PLArenaPool *arena, char *origModuleSpec, 88 char *newModuleSpec, CK_SLOT_ID newID, 89 char **children, CK_SLOT_ID *ids); 90 91 void SECMOD_SlotDestroyModule(SECMODModule *module, PRBool fromSlot); 92 CK_RV pk11_notify(CK_SESSION_HANDLE session, CK_NOTIFICATION event, 93 CK_VOID_PTR pdata); 94 void pk11_SignedToUnsigned(CK_ATTRIBUTE *attrib); 95 CK_OBJECT_HANDLE pk11_FindObjectByTemplate(PK11SlotInfo *slot, 96 CK_ATTRIBUTE *inTemplate, size_t tsize); 97 CK_OBJECT_HANDLE *pk11_FindObjectsByTemplate(PK11SlotInfo *slot, 98 CK_ATTRIBUTE *inTemplate, size_t tsize, int *objCount); 99 100 #define PK11_GETTAB(x) ((CK_FUNCTION_LIST_3_0_PTR)((x)->functionList)) 101 #define PK11_SETATTRS(x, id, v, l) \ 102 (x)->type = (id); \ 103 (x)->pValue = (v); \ 104 (x)->ulValueLen = (l); 105 SECStatus PK11_CreateNewObject(PK11SlotInfo *slot, CK_SESSION_HANDLE session, 106 const CK_ATTRIBUTE *theTemplate, int count, 107 PRBool token, CK_OBJECT_HANDLE *objectID); 108 109 SECStatus pbe_PK11AlgidToParam(SECAlgorithmID *algid, SECItem *mech); 110 SECStatus PBE_PK11ParamToAlgid(SECOidTag algTag, SECItem *param, 111 PLArenaPool *arena, SECAlgorithmID *algId); 112 113 PK11SymKey *pk11_TokenKeyGenWithFlagsAndKeyType(PK11SlotInfo *slot, 114 CK_MECHANISM_TYPE type, SECItem *param, CK_KEY_TYPE keyType, 115 int keySize, SECItem *keyId, CK_FLAGS opFlags, 116 PK11AttrFlags attrFlags, void *wincx); 117 118 CK_MECHANISM_TYPE pk11_GetPBECryptoMechanism(SECAlgorithmID *algid, 119 SECItem **param, SECItem *pwd, PRBool faulty3DES); 120 121 extern void pk11sdr_Init(void); 122 extern void pk11sdr_Shutdown(void); 123 124 /* 125 * Private to pk11wrap. 126 */ 127 128 PRBool pk11_LoginStillRequired(PK11SlotInfo *slot, void *wincx); 129 CK_SESSION_HANDLE pk11_GetNewSession(PK11SlotInfo *slot, PRBool *owner); 130 void pk11_CloseSession(PK11SlotInfo *slot, CK_SESSION_HANDLE sess, PRBool own); 131 PK11SymKey *pk11_ForceSlot(PK11SymKey *symKey, CK_MECHANISM_TYPE type, 132 CK_ATTRIBUTE_TYPE operation); 133 /* Convert key operation flags to PKCS #11 attributes. */ 134 unsigned int pk11_OpFlagsToAttributes(CK_FLAGS flags, 135 CK_ATTRIBUTE *attrs, CK_BBOOL *ckTrue); 136 /* Check for bad (conflicting) attribute flags */ 137 PRBool pk11_BadAttrFlags(PK11AttrFlags attrFlags); 138 /* Convert key attribute flags to PKCS #11 attributes. */ 139 unsigned int pk11_AttrFlagsToAttributes(PK11AttrFlags attrFlags, 140 CK_ATTRIBUTE *attrs, CK_BBOOL *ckTrue, CK_BBOOL *ckFalse); 141 PRBool pk11_FindAttrInTemplate(CK_ATTRIBUTE *attr, unsigned int numAttrs, 142 CK_ATTRIBUTE_TYPE target); 143 144 CK_MECHANISM_TYPE pk11_mapWrapKeyType(KeyType keyType); 145 PK11SymKey *pk11_KeyExchange(PK11SlotInfo *slot, CK_MECHANISM_TYPE type, 146 CK_ATTRIBUTE_TYPE operation, CK_FLAGS flags, PRBool isPerm, 147 PK11SymKey *symKey); 148 149 PRBool pk11_HandleTrustObject(PK11SlotInfo *slot, CERTCertificate *cert, 150 CERTCertTrust *trust); 151 CK_OBJECT_HANDLE pk11_FindPubKeyByAnyCert(CERTCertificate *cert, 152 PK11SlotInfo **slot, void *wincx); 153 SECStatus pk11_AuthenticateUnfriendly(PK11SlotInfo *slot, PRBool loadCerts, 154 void *wincx); 155 int PK11_NumberObjectsFor(PK11SlotInfo *slot, CK_ATTRIBUTE *findTemplate, 156 int templateCount); 157 SECItem *pk11_GetLowLevelKeyFromHandle(PK11SlotInfo *slot, 158 CK_OBJECT_HANDLE handle); 159 SECStatus PK11_TraverseSlot(PK11SlotInfo *slot, void *arg); 160 CK_OBJECT_HANDLE pk11_FindPrivateKeyFromCertID(PK11SlotInfo *slot, 161 SECItem *keyID); 162 SECKEYPrivateKey *PK11_MakePrivKey(PK11SlotInfo *slot, KeyType keyType, 163 PRBool isTemp, CK_OBJECT_HANDLE privID, void *wincx); 164 CERTCertificate *PK11_MakeCertFromHandle(PK11SlotInfo *slot, 165 CK_OBJECT_HANDLE certID, CK_ATTRIBUTE *privateLabel); 166 167 SECItem *pk11_GenerateNewParamWithKeyLen(CK_MECHANISM_TYPE type, int keyLen); 168 SECItem *pk11_ParamFromIVWithLen(CK_MECHANISM_TYPE type, 169 SECItem *iv, int keyLen); 170 SECItem *pk11_mkcertKeyID(CERTCertificate *cert); 171 172 SEC_END_PROTOS 173 174 #endif 175