sftkdb.h (3785B)
1 /* This Source Code Form is subject to the terms of the Mozilla Public 2 * License, v. 2.0. If a copy of the MPL was not distributed with this 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 4 #include "sftkdbt.h" 5 #include "sdb.h" 6 #include "pkcs11i.h" 7 #include "pkcs11t.h" 8 9 /* raw database stuff */ 10 CK_RV sftkdb_write(SFTKDBHandle *handle, SFTKObject *, CK_OBJECT_HANDLE *); 11 CK_RV sftkdb_FindObjectsInit(SFTKDBHandle *sdb, const CK_ATTRIBUTE *template, 12 CK_ULONG count, SDBFind **find); 13 CK_RV sftkdb_FindObjects(SFTKDBHandle *sdb, SDBFind *find, 14 CK_OBJECT_HANDLE *ids, int arraySize, CK_ULONG *count); 15 CK_RV sftkdb_FindObjectsFinal(SFTKDBHandle *sdb, SDBFind *find); 16 CK_RV sftkdb_GetAttributeValue(SFTKDBHandle *handle, 17 CK_OBJECT_HANDLE object_id, CK_ATTRIBUTE *template, CK_ULONG count); 18 CK_RV sftkdb_SetAttributeValue(SFTKDBHandle *handle, SFTKObject *object, 19 const CK_ATTRIBUTE *template, CK_ULONG count); 20 CK_RV sftkdb_DestroyObject(SFTKDBHandle *handle, CK_OBJECT_HANDLE object_id, 21 CK_OBJECT_CLASS objclass); 22 CK_RV sftkdb_closeDB(SFTKDBHandle *handle); 23 24 /* keydb functions */ 25 26 SECStatus sftkdb_PWIsInitialized(SFTKDBHandle *keydb); 27 SECStatus sftkdb_CheckPassword(SFTKDBHandle *keydb, const char *pw, 28 PRBool *tokenRemoved); 29 SECStatus sftkdb_CheckPasswordNull(SFTKDBHandle *keydb, PRBool *tokenRemoved); 30 SECStatus sftkdb_PWCached(SFTKDBHandle *keydb); 31 SECStatus sftkdb_HasPasswordSet(SFTKDBHandle *keydb); 32 SECStatus sftkdb_ResetKeyDB(SFTKDBHandle *keydb); 33 SECStatus sftkdb_ChangePassword(SFTKDBHandle *keydb, 34 char *oldPin, char *newPin, 35 PRBool *tokenRemoved); 36 SECStatus sftkdb_ClearPassword(SFTKDBHandle *keydb); 37 PRBool sftkdb_InUpdateMerge(SFTKDBHandle *keydb); 38 PRBool sftkdb_NeedUpdateDBPassword(SFTKDBHandle *keydb); 39 const char *sftkdb_GetUpdateID(SFTKDBHandle *keydb); 40 SECItem *sftkdb_GetUpdatePasswordKey(SFTKDBHandle *keydb); 41 void sftkdb_FreeUpdatePasswordKey(SFTKDBHandle *keydb); 42 43 /* Utility functions */ 44 /* 45 * OK there are now lots of options here, lets go through them all: 46 * 47 * configdir - base directory where all the cert, key, and module datbases live. 48 * certPrefix - prefix added to the beginning of the cert database example: " 49 * "https-server1-" 50 * keyPrefix - prefix added to the beginning of the key database example: " 51 * "https-server1-" 52 * secmodName - name of the security module database (usually "secmod.db"). 53 * readOnly - Boolean: true if the databases are to be openned read only. 54 * nocertdb - Don't open the cert DB and key DB's, just initialize the 55 * Volatile certdb. 56 * nomoddb - Don't open the security module DB, just initialize the 57 * PKCS #11 module. 58 * forceOpen - Continue to force initializations even if the databases cannot 59 * be opened. 60 */ 61 CK_RV sftk_DBInit(const char *configdir, const char *certPrefix, 62 const char *keyPrefix, const char *updatedir, 63 const char *updCertPrefix, const char *updKeyPrefix, 64 const char *updateID, PRBool readOnly, PRBool noCertDB, 65 PRBool noKeyDB, PRBool forceOpen, PRBool isFIPS, 66 SFTKDBHandle **certDB, SFTKDBHandle **keyDB); 67 CK_RV sftkdb_Shutdown(void); 68 69 SFTKDBHandle *sftk_getCertDB(SFTKSlot *slot); 70 SFTKDBHandle *sftk_getKeyDB(SFTKSlot *slot); 71 SFTKDBHandle *sftk_getDBForTokenObject(SFTKSlot *slot, 72 CK_OBJECT_HANDLE objectID); 73 void sftk_freeDB(SFTKDBHandle *certHandle); 74 75 PRBool sftk_isLegacyIterationCountAllowed(void);