tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

lgdb.h (6559B)


      1 /* This Source Code Form is subject to the terms of the Mozilla Public
      2 * License, v. 2.0. If a copy of the MPL was not distributed with this
      3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
      4 /*
      5 * Internal data structures and functions used by pkcs11.c
      6 */
      7 #ifndef _LGDB_H_
      8 #define _LGDB_H_ 1
      9 
     10 #include "nssilock.h"
     11 #include "seccomon.h"
     12 #include "secoidt.h"
     13 #include "lowkeyti.h"
     14 #include "pkcs11t.h"
     15 #include "sdb.h"
     16 #include "cdbhdl.h"
     17 
     18 #define MULTIACCESS "multiaccess:"
     19 
     20 /* path stuff (was machine dependent) used by dbinit.c and pk11db.c */
     21 #define PATH_SEPARATOR "/"
     22 #define SECMOD_DB "secmod.db"
     23 #define CERT_DB_FMT "%scert%s.db"
     24 #define KEY_DB_FMT "%skey%s.db"
     25 
     26 SEC_BEGIN_PROTOS
     27 
     28 /* internal utility functions used by pkcs11.c */
     29 extern const CK_ATTRIBUTE *lg_FindAttribute(CK_ATTRIBUTE_TYPE type,
     30                                            const CK_ATTRIBUTE *templ, CK_ULONG count);
     31 extern CK_RV lg_Attribute2SecItem(PLArenaPool *, CK_ATTRIBUTE_TYPE type,
     32                                  const CK_ATTRIBUTE *templ, CK_ULONG count,
     33                                  SECItem *item);
     34 extern CK_RV lg_Attribute2SSecItem(PLArenaPool *, CK_ATTRIBUTE_TYPE type,
     35                                   const CK_ATTRIBUTE *templ, CK_ULONG count,
     36                                   SECItem *item);
     37 extern CK_RV lg_PrivAttr2SecItem(PLArenaPool *, CK_ATTRIBUTE_TYPE type,
     38                                 const CK_ATTRIBUTE *templ, CK_ULONG count,
     39                                 SECItem *item, SDB *sdbpw);
     40 extern CK_RV lg_PrivAttr2SSecItem(PLArenaPool *, CK_ATTRIBUTE_TYPE type,
     41                                  const CK_ATTRIBUTE *templ, CK_ULONG count,
     42                                  SECItem *item, SDB *sdbpw);
     43 extern CK_RV lg_GetULongAttribute(CK_ATTRIBUTE_TYPE type,
     44                                  const CK_ATTRIBUTE *templ, CK_ULONG count,
     45                                  CK_ULONG *out);
     46 extern PRBool lg_hasAttribute(CK_ATTRIBUTE_TYPE type,
     47                              const CK_ATTRIBUTE *templ, CK_ULONG count);
     48 extern PRBool lg_isTrue(CK_ATTRIBUTE_TYPE type,
     49                        const CK_ATTRIBUTE *templ, CK_ULONG count);
     50 extern PRBool lg_isSensitive(CK_ATTRIBUTE_TYPE type, CK_OBJECT_CLASS inClass);
     51 extern char *lg_getString(CK_ATTRIBUTE_TYPE type,
     52                          const CK_ATTRIBUTE *templ, CK_ULONG count);
     53 extern unsigned int lg_MapTrust(CK_TRUST trust, PRBool clientAuth);
     54 
     55 /* clear out all the existing object ID to database key mappings.
     56 * used to reinit a token */
     57 extern CK_RV lg_ClearTokenKeyHashTable(SDB *sdb);
     58 
     59 extern void lg_FreeSearch(SDBFind *search);
     60 
     61 NSSLOWCERTCertDBHandle *lg_getCertDB(SDB *sdb);
     62 NSSLOWKEYDBHandle *lg_getKeyDB(SDB *sdb);
     63 
     64 const char *lg_EvaluateConfigDir(const char *configdir, char **domain);
     65 
     66 /* verify the FIPS selftests ran and were successful */
     67 PRBool lg_FIPSEntryOK(void);
     68 
     69 /*
     70 * object handle modifiers
     71 */
     72 #define LG_TOKEN_MASK 0xc0000000L
     73 #define LG_TOKEN_TYPE_MASK 0x38000000L
     74 #define LG_TOKEN_TYPE_SHIFT 27
     75 /* keydb (high bit == 0) */
     76 #define LG_TOKEN_TYPE_PRIV 0x08000000L
     77 #define LG_TOKEN_TYPE_PUB 0x10000000L
     78 #define LG_TOKEN_TYPE_KEY 0x18000000L
     79 /* certdb (high bit == 1) */
     80 #define LG_TOKEN_TYPE_TRUST 0x00000000L
     81 #define LG_TOKEN_TYPE_NSS_TRUST 0x20000000L
     82 #define LG_TOKEN_TYPE_CRL 0x28000000L
     83 #define LG_TOKEN_TYPE_SMIME 0x30000000L
     84 #define LG_TOKEN_TYPE_CERT 0x38000000L
     85 
     86 #define LG_TOKEN_KRL_HANDLE (LG_TOKEN_TYPE_CRL | 1)
     87 
     88 #define LG_SEARCH_BLOCK_SIZE 10
     89 #define LG_BUF_SPACE 50
     90 #define LG_STRICT PR_FALSE
     91 
     92 /*
     93 * token object utilities
     94 */
     95 void lg_addHandle(SDBFind *search, CK_OBJECT_HANDLE handle);
     96 PRBool lg_poisonHandle(SDB *sdb, SECItem *dbkey, CK_OBJECT_HANDLE handle);
     97 PRBool lg_tokenMatch(SDB *sdb, const SECItem *dbKey, CK_OBJECT_HANDLE class,
     98                     const CK_ATTRIBUTE *templ, CK_ULONG count);
     99 const SECItem *lg_lookupTokenKeyByHandle(SDB *sdb, CK_OBJECT_HANDLE handle);
    100 CK_OBJECT_HANDLE lg_mkHandle(SDB *sdb, SECItem *dbKey, CK_OBJECT_HANDLE class);
    101 SECStatus lg_deleteTokenKeyByHandle(SDB *sdb, CK_OBJECT_HANDLE handle);
    102 
    103 SECStatus lg_util_encrypt(PLArenaPool *arena, SDB *sdbpw,
    104                          SECItem *plainText, SECItem **cipherText);
    105 SECStatus lg_util_decrypt(SDB *sdbpw,
    106                          SECItem *cipherText, SECItem **plainText);
    107 PLHashTable *lg_GetHashTable(SDB *sdb);
    108 void lg_DBLock(SDB *sdb);
    109 void lg_DBUnlock(SDB *sdb);
    110 
    111 typedef void (*LGFreeFunc)(void *);
    112 
    113 /*
    114 * database functions
    115 */
    116 
    117 /* lg_FindObjectsInit initializes a search for token and session objects
    118 * that match a template. */
    119 CK_RV lg_FindObjectsInit(SDB *sdb, const CK_ATTRIBUTE *pTemplate,
    120                         CK_ULONG ulCount, SDBFind **search);
    121 /* lg_FindObjects continues a search for token and session objects
    122 * that match a template, obtaining additional object handles. */
    123 CK_RV lg_FindObjects(SDB *sdb, SDBFind *search,
    124                     CK_OBJECT_HANDLE *phObject, CK_ULONG ulMaxObjectCount,
    125                     CK_ULONG *pulObjectCount);
    126 
    127 /* lg_FindObjectsFinal finishes a search for token and session objects. */
    128 CK_RV lg_FindObjectsFinal(SDB *lgdb, SDBFind *search);
    129 
    130 /* lg_CreateObject parses the template and create an object stored in the
    131 * DB that reflects the object specified in the template.  */
    132 CK_RV lg_CreateObject(SDB *sdb, CK_OBJECT_HANDLE *handle,
    133                      const CK_ATTRIBUTE *templ, CK_ULONG count);
    134 
    135 CK_RV lg_GetAttributeValue(SDB *sdb, CK_OBJECT_HANDLE object_id,
    136                           CK_ATTRIBUTE *template, CK_ULONG count);
    137 CK_RV lg_SetAttributeValue(SDB *sdb, CK_OBJECT_HANDLE object_id,
    138                           const CK_ATTRIBUTE *template, CK_ULONG count);
    139 CK_RV lg_DestroyObject(SDB *sdb, CK_OBJECT_HANDLE object_id);
    140 
    141 CK_RV lg_Close(SDB *sdb);
    142 CK_RV lg_Reset(SDB *sdb);
    143 
    144 /*
    145 * The old database doesn't share and doesn't support
    146 * transactions.
    147 */
    148 CK_RV lg_Begin(SDB *sdb);
    149 CK_RV lg_Commit(SDB *sdb);
    150 CK_RV lg_Abort(SDB *sdb);
    151 CK_RV lg_GetMetaData(SDB *sdb, const char *id, SECItem *item1, SECItem *item2);
    152 CK_RV lg_PutMetaData(SDB *sdb, const char *id,
    153                     const SECItem *item1, const SECItem *item2);
    154 CK_RV lg_DestroyMetaData(SDB *sdb, const char *id);
    155 CK_RV lg_GetNewObjectID(SDB *sdb, CK_OBJECT_HANDLE *object_id);
    156 
    157 SEC_END_PROTOS
    158 
    159 #ifndef XP_UNIX
    160 
    161 #define NO_FORK_CHECK
    162 
    163 #endif
    164 
    165 #ifndef NO_FORK_CHECK
    166 
    167 extern PRBool lg_parentForkedAfterC_Initialize;
    168 #define SKIP_AFTER_FORK(x)                 \
    169    if (!lg_parentForkedAfterC_Initialize) \
    170    x
    171 
    172 #else
    173 
    174 #define SKIP_AFTER_FORK(x) x
    175 
    176 #endif /* NO_FORK_CHECK */
    177 
    178 #endif /* _LGDB_H_ */