index.rst (1644B)
1 .. _mozilla_projects_nss_reference_nss_cryptographic_module: 2 3 NSS cryptographic module 4 ======================== 5 6 .. container:: 7 8 This chapter describes the data types and functions that one can use to perform cryptographic 9 operations with the NSS cryptographic module. The NSS cryptographic module uses the industry 10 standard `PKCS #11 <http://www.rsasecurity.com/rsalabs/node.asp?id=2133>`__ v2.20 as its API with 11 some extensions. Therefore, an application that supports PKCS #11 cryptographic tokens can be 12 easily modified to use the NSS cryptographic module. 13 14 The NSS cryptographic module has two modes of operation: the non-FIPS (default) mode and FIPS 15 mode. The FIPS mode is an Approved mode of operation compliant to FIPS 140-2. Both modes of 16 operation use the same data types but are implemented by different functions. 17 18 - The standard PKCS #11 function C_GetFunctionList or the equivalent NSC_GetFunctionList 19 function returns pointers to the functions that implement the default mode of operation. 20 - To enable the FIPS mode of operation, use the function FC_GetFunctionList instead to get 21 pointers to the functions that implement the FIPS mode of operation. 22 23 The NSS cryptographic module also exports the function NSC_ModuleDBFunc for managing the NSS 24 module database secmod.db. The following sections document the data types and functions. 25 26 - :ref:`mozilla_projects_nss_reference_nss_cryptographic_module_data_types` 27 - :ref:`mozilla_projects_nss_pkcs11_functions` 28 - :ref:`mozilla_projects_nss_reference_nss_cryptographic_module_fips_mode_of_operation` 29 - NSC_ModuleDBFunc