diff options
author | ian.mcgreer%sun.com <devnull@localhost> | 2003-01-09 21:45:19 +0000 |
---|---|---|
committer | ian.mcgreer%sun.com <devnull@localhost> | 2003-01-09 21:45:19 +0000 |
commit | b324c57a2932ec201fbd63fd24892a63a984f6c6 (patch) | |
tree | 076875dd7d2b4ac38615d8c53f3da1195f557f15 | |
parent | 7ccdb0f2f5f01ceaacea9ac60b5b8b2dd7ffa5f2 (diff) | |
download | nss-hg-b324c57a2932ec201fbd63fd24892a63a984f6c6.tar.gz |
s/Certificate/Cert/
s/SymmetricKey/SymKey/
38 files changed, 1932 insertions, 1932 deletions
diff --git a/security/nss/cmd/cipher/cipher.c b/security/nss/cmd/cipher/cipher.c index dfce9f83f..a2b1d4942 100644 --- a/security/nss/cmd/cipher/cipher.c +++ b/security/nss/cmd/cipher/cipher.c @@ -350,7 +350,7 @@ cipher_command_dispatcher(cmdCommand *cipher, int cmdToRun) char *inMode; char *outMode; unsigned int size; -NSSSymmetricKey *symkey; +NSSSymKey *symkey; if (cipher->opt[opt_Ascii].on) { inMode = outMode = "ascii"; @@ -426,7 +426,7 @@ NSSSymmetricKey *symkey; if (cipher->opt[opt_Size].on) { size = atoi(cipher->opt[opt_Size].arg); } else size = 0; - symkey = GenerateSymmetricKey(td, /*cc, */ token, + symkey = GenerateSymKey(td, /*cc, */ token, cipher->opt[opt_Cipher].arg, size, NULL); break; diff --git a/security/nss/cmd/cipher/cipher.h b/security/nss/cmd/cipher/cipher.h index 69dd74670..1e253c2cb 100644 --- a/security/nss/cmd/cipher/cipher.h +++ b/security/nss/cmd/cipher/cipher.h @@ -72,8 +72,8 @@ Encrypt CMDRunTimeData *rtData ); -NSSSymmetricKey * -GenerateSymmetricKey +NSSSymKey * +GenerateSymKey ( NSSTrustDomain *td, /*NSSCryptoContext *cc,*/ diff --git a/security/nss/cmd/cipher/ciphertests.c b/security/nss/cmd/cipher/ciphertests.c index 54c4c0ce7..6a43c261b 100644 --- a/security/nss/cmd/cipher/ciphertests.c +++ b/security/nss/cmd/cipher/ciphertests.c @@ -42,7 +42,7 @@ #define SYMKEY_TEST_FILE "symtests.txt" PRStatus -EncryptionTest(NSSSymmetricKey *symKey, +EncryptionTest(NSSSymKey *symKey, NSSAlgNParam *cipher, NSSItem *plaintext, NSSItem *ciphertext) @@ -51,7 +51,7 @@ EncryptionTest(NSSSymmetricKey *symKey, NSSCryptoContext *cc; /* Create a crypto context for encryption with the symkey */ - cc = NSSSymmetricKey_CreateCryptoContext(symKey, cipher, NULL); + cc = NSSSymKey_CreateCryptoContext(symKey, cipher, NULL); if (!cc) { CMD_PrintError("Failed to create crypto context"); return PR_FAILURE; @@ -70,7 +70,7 @@ EncryptionTest(NSSSymmetricKey *symKey, NSSItem_Destroy(encryptedData); /* repeat using symkey directly */ - encryptedData = NSSSymmetricKey_Encrypt(symKey, cipher, + encryptedData = NSSSymKey_Encrypt(symKey, cipher, plaintext, NULL, NULL, NULL); if (!encryptedData || !NSSItem_Equal(encryptedData, ciphertext, NULL)) @@ -95,7 +95,7 @@ EncryptionTest(NSSSymmetricKey *symKey, NSSItem_Destroy(decryptedData); /* repeat using symkey directly */ - decryptedData = NSSSymmetricKey_Decrypt(symKey, cipher, + decryptedData = NSSSymKey_Decrypt(symKey, cipher, ciphertext, NULL, NULL, NULL); if (!decryptedData || !NSSItem_Equal(decryptedData, plaintext, NULL)) @@ -126,16 +126,16 @@ static const char *cipherArgs[] = { static int numCipherArgs = sizeof(cipherArgs) / sizeof(cipherArgs[0]); -static NSSSymmetricKey * +static NSSSymKey * unwrap_symkey(NSSVolatileDomain *vd, NSSPrivateKey *unwrapKey, NSSAlgNParam *wrapAP, const NSSOID *keyAlg, char *value) { - NSSSymmetricKey *symKey = NULL; + NSSSymKey *symKey = NULL; NSSItem *wrappedKey; wrappedKey = CMD_ConvertHex(value, strlen(value), NULL); if (wrappedKey) { - symKey = NSSVolatileDomain_UnwrapSymmetricKey(vd, wrapAP, + symKey = NSSVolatileDomain_UnwrapSymKey(vd, wrapAP, unwrapKey, wrappedKey, keyAlg, @@ -155,7 +155,7 @@ SymmetricCipherTests(CMDRunTimeData *rtData, char *value; PRStatus status; NSSArena *arena = NULL; - NSSSymmetricKey *symKey = NULL; + NSSSymKey *symKey = NULL; NSSAlgNParam *ap = NULL; NSSItem *plaintext = NULL; NSSItem *ciphertext = NULL; @@ -174,7 +174,7 @@ SymmetricCipherTests(CMDRunTimeData *rtData, NSSAlgNParam_Destroy(ap); ap = NULL; } if (symKey) { - NSSSymmetricKey_Destroy(symKey); symKey = NULL; + NSSSymKey_Destroy(symKey); symKey = NULL; } if (arena) { NSSArena_Destroy(arena); @@ -319,10 +319,10 @@ CreateASelfTest(char *cipher, int keysize, char *input) CMDRunTimeData rtData; NSSOID *alg; NSSAlgNParam *ap, *wrapAP; - NSSSymmetricKey *symKey; + NSSSymKey *symKey; NSSItem *wrappedKey, *algID, plaintext, *ciphertext; NSSToken *token = GetInternalCryptoToken(); - NSSCertificate *wrapCert; + NSSCert *wrapCert; NSSItem *encodedCert; plaintext.data = input; plaintext.size = strlen(input); @@ -347,7 +347,7 @@ CreateASelfTest(char *cipher, int keysize, char *input) } /* import the cert into the volatile domain */ - wrapCert = NSSVolatileDomain_ImportEncodedCertificate(vd, + wrapCert = NSSVolatileDomain_ImportEncodedCert(vd, encodedCert, NULL); NSSItem_Destroy(encodedCert); @@ -360,14 +360,14 @@ CreateASelfTest(char *cipher, int keysize, char *input) status = CMD_SetRunTimeData(NULL, NULL, "binary", NULL, "binary", &rtData); if (status == PR_FAILURE) { - NSSCertificate_Destroy(wrapCert); + NSSCert_Destroy(wrapCert); return PR_FAILURE; } alg = NSSOID_CreateFromTag(NSS_OID_PKCS1_RSA_ENCRYPTION); wrapAP = NSSOID_CreateAlgNParam(alg, NULL, NULL); if (!wrapAP) { - NSSCertificate_Destroy(wrapCert); + NSSCert_Destroy(wrapCert); CMD_PrintError("failed to create alg/param for unwrap"); return PR_FAILURE; } @@ -377,7 +377,7 @@ CreateASelfTest(char *cipher, int keysize, char *input) return PR_FAILURE; } - symKey = NSSVolatileDomain_GenerateSymmetricKey(vd, ap, keysize, NULL, + symKey = NSSVolatileDomain_GenerateSymKey(vd, ap, keysize, NULL, 0, 0, token, NULL); NSSAlgNParam_Destroy(ap); if (!symKey) { @@ -390,14 +390,14 @@ CreateASelfTest(char *cipher, int keysize, char *input) return PR_FAILURE; } - ciphertext = NSSSymmetricKey_Encrypt(symKey, ap, &plaintext, + ciphertext = NSSSymKey_Encrypt(symKey, ap, &plaintext, NULL, NULL, NULL); if (!ciphertext) { CMD_PrintError("encryption failed\n"); return PR_FAILURE; } - wrappedKey = NSSCertificate_WrapSymmetricKey(wrapCert, wrapAP, + wrappedKey = NSSCert_WrapSymKey(wrapCert, wrapAP, symKey, NSSTime_Now(), NULL, NULL, NULL, NULL, NULL); diff --git a/security/nss/cmd/cipher/cipherutil.c b/security/nss/cmd/cipher/cipherutil.c index 6cdfbbff9..42fcc3273 100644 --- a/security/nss/cmd/cipher/cipherutil.c +++ b/security/nss/cmd/cipher/cipherutil.c @@ -127,8 +127,8 @@ GetSymKeyGenAP(char *cipher) return ap; } -NSSSymmetricKey * -GenerateSymmetricKey +NSSSymKey * +GenerateSymKey ( NSSTrustDomain *td, /*NSSCryptoContext *cc,*/ @@ -139,14 +139,14 @@ GenerateSymmetricKey ) { NSSAlgNParam *keygen; - NSSSymmetricKey *skey; + NSSSymKey *skey; keygen = GetSymKeyGenAP(cipher); if (!keygen) { return NULL; } - skey = NSSTrustDomain_GenerateSymmetricKey(td, keygen, length, + skey = NSSTrustDomain_GenerateSymKey(td, keygen, length, token, NULL); NSSAlgNParam_Destroy(keygen); diff --git a/security/nss/cmd/cmdlib/cmdutil.h b/security/nss/cmd/cmdlib/cmdutil.h index 5b7a376cd..a47b121e2 100644 --- a/security/nss/cmd/cmdlib/cmdutil.h +++ b/security/nss/cmd/cmdlib/cmdutil.h @@ -216,7 +216,7 @@ void CMD_PrintHex(CMDPrinter *printer, NSSItem *item, char *message); void -CMD_PrintPKIXCertificate(CMDPrinter *printer, NSSPKIXCertificate *pkixCert, +CMD_PrintPKIXCert(CMDPrinter *printer, NSSPKIXCertificate *pkixCert, char *message); void diff --git a/security/nss/cmd/pkiutil/pkiobject.c b/security/nss/cmd/pkiutil/pkiobject.c index a79dc4779..305da6f7e 100644 --- a/security/nss/cmd/pkiutil/pkiobject.c +++ b/security/nss/cmd/pkiutil/pkiobject.c @@ -52,7 +52,7 @@ get_object_class(char *type) } if (strcmp(type, "certificate") == 0 || strcmp(type, "cert") == 0 || strcmp(type, "Certificate") == 0 || strcmp(type, "Cert") == 0) { - return PKICertificate; + return PKICert; } else if (strcmp(type, "public-key") == 0 || strcmp(type, "PublicKey") == 0) { return PKIPublicKey; @@ -103,23 +103,23 @@ get_key_pair_alg(char *type) /* XXX */ static NSSItem * -get_cert_serial_number(NSSCertificate *c) +get_cert_serial_number(NSSCert *c) { NSSPKIXCertificate *pkixCert; NSSPKIXTBSCertificate *tbsCert; - pkixCert = (NSSPKIXCertificate *)NSSCertificate_GetDecoding(c); + pkixCert = (NSSPKIXCertificate *)NSSCert_GetDecoding(c); tbsCert = NSSPKIXCertificate_GetTBSCertificate(pkixCert); return NSSPKIXTBSCertificate_GetSerialNumber(tbsCert); } /* XXX should have a filter function */ -static NSSCertificate * +static NSSCert * find_nick_cert_by_sn(NSSTrustDomain *td, char *nickname, char *serial) { int i = 0; - NSSCertificate **certs; - NSSCertificate *c = NULL; - certs = NSSTrustDomain_FindCertificatesByNickname(td, nickname, + NSSCert **certs; + NSSCert *c = NULL; + certs = NSSTrustDomain_FindCertsByNickname(td, nickname, NULL, 0, NULL); if (certs) { while (certs[i]) { @@ -138,22 +138,22 @@ find_nick_cert_by_sn(NSSTrustDomain *td, char *nickname, char *serial) } i++; } - NSSCertificateArray_Destroy(certs); + NSSCertArray_Destroy(certs); } return c; } static PRStatus -print_cert_callback(NSSCertificate *c, void *arg) +print_cert_callback(NSSCert *c, void *arg) { CMDRunTimeData *rtData = (CMDRunTimeData *)arg; CMDPrinter printer; - NSSUTF8 *nickname = nssCertificate_GetNickname(c, NULL); + NSSUTF8 *nickname = nssCert_GetNickname(c, NULL); NSSItem *serialNumber; NSSUsages usages; - PRBool isUserCert = NSSCertificate_IsPrivateKeyAvailable(c, NULL, NULL); + PRBool isUserCert = NSSCert_IsPrivateKeyAvailable(c, NULL, NULL); serialNumber = get_cert_serial_number(c); - if (NSSCertificate_GetTrustedUsages(c, &usages) == NULL) { + if (NSSCert_GetTrustedUsages(c, &usages) == NULL) { CMD_PrintError("Failed to obtain trusted usages"); return PR_FAILURE; } @@ -168,18 +168,18 @@ print_cert_callback(NSSCertificate *c, void *arg) } static PRStatus -print_decoded_cert(CMDRunTimeData *rtData, NSSCertificate *c) +print_decoded_cert(CMDRunTimeData *rtData, NSSCert *c) { CMDPrinter printer; CMD_InitPrinter(&printer, rtData->output.file, DEFAULT_LEFT_MARGIN, DEFAULT_RIGHT_MARGIN); - if (NSSCertificate_GetType(c) == NSSCertificateType_PKIX) { + if (NSSCert_GetType(c) == NSSCertType_PKIX) { NSSPKIXCertificate *pkixCert; - pkixCert = (NSSPKIXCertificate *)NSSCertificate_GetDecoding(c); + pkixCert = (NSSPKIXCertificate *)NSSCert_GetDecoding(c); if (pkixCert) { - CMD_PrintPKIXCertificate(&printer, pkixCert, "Certificate"); + CMD_PrintPKIXCertificate(&printer, pkixCert, "Cert"); } } /* XXX */ @@ -188,7 +188,7 @@ print_decoded_cert(CMDRunTimeData *rtData, NSSCertificate *c) } static PRStatus -dump_cert_callback(NSSCertificate *c, void *arg) +dump_cert_callback(NSSCert *c, void *arg) { CMDRunTimeData *rtData = (CMDRunTimeData *)arg; print_decoded_cert(rtData, c); @@ -200,17 +200,17 @@ print_privkey_callback(NSSPrivateKey *vk, void *arg) { CMDRunTimeData *rtData = (CMDRunTimeData *)arg; NSSUTF8 *nickname = nssPrivateKey_GetNickname(vk, NULL); - NSSCertificate **certs, **cp; + NSSCert **certs, **cp; NSSPublicKey *pubkey; PR_fprintf(rtData->output.file, "Listing %s", nickname); - certs = NSSPrivateKey_FindCertificates(vk, NULL, 0, NULL); + certs = NSSPrivateKey_FindCerts(vk, NULL, 0, NULL); if (certs) { PR_fprintf(rtData->output.file, " for certs "); for (cp = certs; *cp; cp++) { - nickname = nssCertificate_GetNickname(*cp, NULL); + nickname = nssCert_GetNickname(*cp, NULL); PR_fprintf(rtData->output.file, "%s ", nickname); } - NSSCertificateArray_Destroy(certs); + NSSCertArray_Destroy(certs); } printf("\n"); return PR_SUCCESS; @@ -256,15 +256,15 @@ list_nickname_certs NSSTrustDomain *td, char *nickname, PRUint32 maximumOpt, - PRStatus (* callback)(NSSCertificate *c, void *arg), + PRStatus (* callback)(NSSCert *c, void *arg), void *arg ) { - NSSCertificate **certs = NULL; - NSSCertificate **certp; - NSSCertificate *cert[2]; + NSSCert **certs = NULL; + NSSCert **certp; + NSSCert *cert[2]; if (maximumOpt == 1) { - cert[0] = NSSTrustDomain_FindBestCertificateByNickname(td, + cert[0] = NSSTrustDomain_FindBestCertByNickname(td, nickname, NSSTime_Now(), NULL, @@ -272,7 +272,7 @@ list_nickname_certs cert[1] = NULL; certs = cert; } else { - certs = NSSTrustDomain_FindCertificatesByNickname(td, + certs = NSSTrustDomain_FindCertsByNickname(td, nickname, NULL, maximumOpt, @@ -284,16 +284,16 @@ list_nickname_certs for (certp = certs; *certp; certp++) { (*callback)(*certp, arg); { - NSSDER *encoding = nssCertificate_GetEncoding(*certp); - NSSCertificate *c; - c = NSSTrustDomain_FindCertificateByEncodedCertificate(td, + NSSDER *encoding = nssCert_GetEncoding(*certp); + NSSCert *c; + c = NSSTrustDomain_FindCertByEncodedCert(td, encoding); } } if (maximumOpt == 1) { - NSSCertificate_Destroy(cert[0]); + NSSCert_Destroy(cert[0]); } else { - NSSCertificateArray_Destroy(certs); + NSSCertArray_Destroy(certs); } return PR_SUCCESS; } @@ -306,7 +306,7 @@ list_certs CMDRunTimeData *rtData ) { - (void)NSSTrustDomain_TraverseCertificates(td, + (void)NSSTrustDomain_TraverseCerts(td, print_cert_callback, rtData); return PR_SUCCESS; @@ -344,7 +344,7 @@ ListObjects PKIObjectType objectKind; objectKind = get_object_class(objectTypeOpt); switch (objectKind) { - case PKICertificate: + case PKICert: if (nicknameOpt) { status = list_nickname_certs(td, nicknameOpt, 0, print_cert_callback, rtData); @@ -393,13 +393,13 @@ ListChain { int i; PRStatus status; - NSSCertificate *c; - NSSCertificate **chain; + NSSCert *c; + NSSCert **chain; if (serial) { c = find_nick_cert_by_sn(td, nickname, serial); } else { - c = NSSTrustDomain_FindBestCertificateByNickname(td, nickname, + c = NSSTrustDomain_FindBestCertByNickname(td, nickname, NSSTime_Now(), NULL, NULL); } @@ -409,7 +409,7 @@ ListChain return PR_FAILURE; } - chain = NSSCertificate_BuildChain(c, NSSTime_Now(), + chain = NSSCert_BuildChain(c, NSSTime_Now(), NULL, /* usage */ NULL, /* policies */ NULL, /* certs[] */ @@ -422,7 +422,7 @@ ListChain --i; status = print_cert_callback(chain[i], rtData); } - NSSCertificateArray_Destroy(chain); + NSSCertArray_Destroy(chain); return PR_SUCCESS; } @@ -430,7 +430,7 @@ static PRStatus dump_cert_info ( NSSTrustDomain *td, - NSSCertificate *c, + NSSCert *c, CMDRunTimeData *rtData ) { @@ -443,22 +443,22 @@ dump_cert_info * different label will not match. Should the library do the * this workaround? */ - NSSDER *issuer = NSSCertificate_GetIssuer(c); - NSSDER *serial = NSSCertificate_GetSerialNumber(c); - NSSCertificate *cp = NSSTrustDomain_FindCertificateByIssuerAndSerialNumber(td, issuer, serial); + NSSDER *issuer = NSSCert_GetIssuer(c); + NSSDER *serial = NSSCert_GetSerialNumber(c); + NSSCert *cp = NSSTrustDomain_FindCertByIssuerAndSerialNumber(td, issuer, serial); - tokens = NSSCertificate_GetTokens(cp, NULL); + tokens = NSSCert_GetTokens(cp, NULL); if (tokens) { for (tp = tokens; *tp; tp++) { PR_fprintf(rtData->output.file, "nickname \"%s\" on token \"%s\"\n", - NSSCertificate_GetNickname(cp, *tp), + NSSCert_GetNickname(cp, *tp), NSSToken_GetName(*tp)); } NSSTokenArray_Destroy(tokens); PR_fprintf(rtData->output.file, "\n"); } - NSSCertificate_Destroy(cp); + NSSCert_Destroy(cp); return PR_SUCCESS; } @@ -474,24 +474,24 @@ DumpObject ) { PRStatus status; - NSSCertificate *c; + NSSCert *c; NSSPrivateKey *vkey; NSSPublicKey *bkey; switch (get_object_class(objectType)) { - case PKICertificate: + case PKICert: case PKIAny: /* default to certificate */ if (serialOpt) { c = find_nick_cert_by_sn(td, nickname, serialOpt); status = dump_cert_info(td, c, rtData); - NSSCertificate_Destroy(c); + NSSCert_Destroy(c); } else if (info) { - c = NSSTrustDomain_FindBestCertificateByNickname(td, nickname, + c = NSSTrustDomain_FindBestCertByNickname(td, nickname, NSSTime_Now(), NULL, NULL); status = dump_cert_info(td, c, rtData); - NSSCertificate_Destroy(c); + NSSCert_Destroy(c); } else { status = list_nickname_certs(td, nickname, 1, dump_cert_callback, rtData); @@ -499,17 +499,17 @@ DumpObject break; case PKIPublicKey: /* XXX this ain't the right way */ - c = NSSTrustDomain_FindBestCertificateByNickname(td, nickname, + c = NSSTrustDomain_FindBestCertByNickname(td, nickname, NSSTime_Now(), NULL, NULL); if (c) { - bkey = NSSCertificate_GetPublicKey(c); + bkey = NSSCert_GetPublicKey(c); if (bkey) { print_public_key_info(bkey, rtData); NSSPublicKey_Destroy(bkey); } - NSSCertificate_Destroy(c); + NSSCert_Destroy(c); } break; case PKIPrivateKey: @@ -558,7 +558,7 @@ ValidateCert ) { PRStatus status; - NSSCertificate *c; + NSSCert *c; NSSUsages usages; if (usageStr) { @@ -568,7 +568,7 @@ ValidateCert if (serial) { c = find_nick_cert_by_sn(td, nickname, serial); } else { - c = NSSTrustDomain_FindBestCertificateByNickname(td, nickname, + c = NSSTrustDomain_FindBestCertByNickname(td, nickname, NSSTime_Now(), NULL, NULL); @@ -578,9 +578,9 @@ ValidateCert return PR_FAILURE; } - status = NSSCertificate_Validate(c, NSSTime_Now(), &usages, NULL); + status = NSSCert_Validate(c, NSSTime_Now(), &usages, NULL); if (status == PR_SUCCESS) { - PR_fprintf(PR_STDOUT, "Certificate validated.\n"); + PR_fprintf(PR_STDOUT, "Cert validated.\n"); } else { CMD_PrintError("Validation failed"); } @@ -599,7 +599,7 @@ SetCertTrust { PRStatus status; NSSUsages usages; - NSSCertificate *c; + NSSCert *c; get_usages_from_string(trustedUsages, &usages); @@ -614,7 +614,7 @@ SetCertTrust if (serial) { c = find_nick_cert_by_sn(td, nickname, serial); } else { - c = NSSTrustDomain_FindBestCertificateByNickname(td, nickname, + c = NSSTrustDomain_FindBestCertByNickname(td, nickname, NSSTime_Now(), NULL, NULL); @@ -624,9 +624,9 @@ SetCertTrust return PR_FAILURE; } - status = NSSCertificate_SetTrustedUsages(c, &usages); + status = NSSCert_SetTrustedUsages(c, &usages); - NSSCertificate_Destroy(c); + NSSCert_Destroy(c); return status; } @@ -641,17 +641,17 @@ import_certificate { PRStatus status; NSSItem *encoding; - NSSCertificate *cert; + NSSCert *cert; /* get the encoded cert from the input source */ encoding = CMD_GetInput(rtData); /* import into trust domain */ - cert = NSSTrustDomain_ImportEncodedCertificate(td, encoding, + cert = NSSTrustDomain_ImportEncodedCert(td, encoding, token, nickname); if (cert) { PR_fprintf(PR_STDOUT, "Import successful.\n"); dump_cert_info(td, cert, rtData); - NSSCertificate_Destroy(cert); + NSSCert_Destroy(cert); status = PR_SUCCESS; } else { PR_fprintf(PR_STDERR, "Import failed!\n"); @@ -733,7 +733,7 @@ ImportObject objectKind = get_object_class(objectTypeOpt); switch (objectKind) { case PKIAny: /* default to certificate */ - case PKICertificate: + case PKICert: status = import_certificate(td, token, nickname, rtData); break; case PKIPublicKey: @@ -793,13 +793,13 @@ private_key_chooser(NSSPrivateKey **vkeys) static void cert_choice(void *arg) { - NSSCertificate *c = (NSSCertificate *)arg; - NSSUTF8 *nickname = nssCertificate_GetNickname(c, NULL); + NSSCert *c = (NSSCert *)arg; + NSSUTF8 *nickname = nssCert_GetNickname(c, NULL); PR_fprintf(PR_STDOUT, "%s", nickname); } -static NSSCertificate * -cert_chooser(NSSCertificate **certs) +static NSSCert * +cert_chooser(NSSCert **certs) { int choice = 0; if (certs[1]) { @@ -821,17 +821,17 @@ export_certificate ( ) { PRStatus status = PR_FAILURE; - NSSCertificate *cert, **certs; - certs = NSSTrustDomain_FindCertificatesByNickname(td, nickname, + NSSCert *cert, **certs; + certs = NSSTrustDomain_FindCertsByNickname(td, nickname, NULL, 0, NULL); if (certs) { cert = cert_chooser(certs); if (cert) { - NSSDER *enc = nssCertificate_GetEncoding(cert); + NSSDER *enc = nssCert_GetEncoding(cert); CMD_DumpOutput(enc, rtData); status = PR_SUCCESS; } - NSSCertificateArray_Destroy(certs); + NSSCertArray_Destroy(certs); } return status; } @@ -855,7 +855,7 @@ export_private_key ( { PRStatus status = PR_FAILURE; NSSPrivateKey *vkey, **vkeys; - NSSCertificate *ucert, **ucerts; + NSSCert *ucert, **ucerts; vkey = NULL; #if 0 @@ -866,13 +866,13 @@ vkeys = NULL; if (vkeys) { vkey = private_key_chooser(vkeys); } else { - ucerts = NSSTrustDomain_FindUserCertificates(td, NULL, 0, NULL); + ucerts = NSSTrustDomain_FindUserCerts(td, NULL, 0, NULL); if (ucerts) { ucert = cert_chooser(ucerts); if (ucert) { - vkey = NSSCertificate_FindPrivateKey(ucert, NULL); + vkey = NSSCert_FindPrivateKey(ucert, NULL); } - NSSCertificateArray_Destroy(ucerts); + NSSCertArray_Destroy(ucerts); } } if (vkey) { @@ -922,7 +922,7 @@ ExportObject ( objectKind = get_object_class(objectTypeOpt); switch (objectKind) { case PKIAny: /* default to certificate */ - case PKICertificate: + case PKICert: status = export_certificate(td, tokenOpt, nickname, rtData); break; case PKIPrivateKey: @@ -1038,21 +1038,21 @@ delete_certificates ) { PRStatus status; - NSSCertificate **certs, **cp; - cp = certs = NSSTrustDomain_FindCertificatesByNickname(td, + NSSCert **certs, **cp; + cp = certs = NSSTrustDomain_FindCertsByNickname(td, nickname, NULL, 0, NULL); while (cp && *cp) { - status = NSSCertificate_DeleteStoredObject(*cp, NULL); + status = NSSCert_DeleteStoredObject(*cp, NULL); if (status != PR_SUCCESS) { fprintf(stderr, "Failed to delete certificate %s\n", nickname); break; } cp++; } - NSSCertificateArray_Destroy(certs); + NSSCertArray_Destroy(certs); return status; } @@ -1070,7 +1070,7 @@ DeleteObject objectKind = get_object_class(objectTypeOpt); switch (objectKind) { case PKIAny: /* default to certificate */ - case PKICertificate: + case PKICert: status = delete_certificates(td, tokenOpt, nickname); break; case PKIPublicKey: @@ -1090,12 +1090,12 @@ delete_orphan_callback(NSSPrivateKey *vk, void *arg) PRStatus status; CMDRunTimeData *rtData = (CMDRunTimeData *)arg; NSSUTF8 *nickname = nssPrivateKey_GetNickname(vk, NULL); - NSSCertificate **certs; + NSSCert **certs; NSSPublicKey *pubkey; PR_fprintf(rtData->output.file, "Deleting %s\n", nickname); - certs = NSSPrivateKey_FindCertificates(vk, NULL, 0, NULL); + certs = NSSPrivateKey_FindCerts(vk, NULL, 0, NULL); if (certs) { - NSSCertificateArray_Destroy(certs); + NSSCertArray_Destroy(certs); return PR_SUCCESS; /* not an orphan */ } pubkey = NSSPrivateKey_FindPublicKey(vk); diff --git a/security/nss/cmd/pkiutil/pkiutil.c b/security/nss/cmd/pkiutil/pkiutil.c index 40bbc12b3..3985bb5f2 100644 --- a/security/nss/cmd/pkiutil/pkiutil.c +++ b/security/nss/cmd/pkiutil/pkiutil.c @@ -141,7 +141,7 @@ static cmdCommandLineArg pkiutil_commands[] = }, "Export an object from the profile/token\n" " private-key ==> PKCS#8 Encrypted Private Key Info\n" - " certificate ==> DER-encoded Certificate" + " certificate ==> DER-encoded Cert" }, { /* cmd_GenerateKeyPair */ 'G', "generate-key-pair", diff --git a/security/nss/cmd/pkiutil/pkiutil.h b/security/nss/cmd/pkiutil/pkiutil.h index df51605e8..6332824e7 100644 --- a/security/nss/cmd/pkiutil/pkiutil.h +++ b/security/nss/cmd/pkiutil/pkiutil.h @@ -8,7 +8,7 @@ extern char *progName; typedef enum { PKIUnknown = -1, - PKICertificate, + PKICert, PKIPublicKey, PKIPrivateKey, PKIAny diff --git a/security/nss/lib/dev/ckhelper.c b/security/nss/lib/dev/ckhelper.c index 8241635ff..b9a098c0a 100644 --- a/security/nss/lib/dev/ckhelper.c +++ b/security/nss/lib/dev/ckhelper.c @@ -358,30 +358,30 @@ nssCKTemplate_SetPropertyAttributes ( return numSet; } -static NSSCertificateType +static NSSCertType nss_cert_type_from_ck_attrib(CK_ATTRIBUTE_PTR attrib) { CK_CERTIFICATE_TYPE ckCertType; if (!attrib->pValue) { /* default to PKIX */ - return NSSCertificateType_PKIX; + return NSSCertType_PKIX; } ckCertType = *((CK_ULONG *)attrib->pValue); switch (ckCertType) { case CKC_X_509: - return NSSCertificateType_PKIX; + return NSSCertType_PKIX; default: break; } - return NSSCertificateType_Unknown; + return NSSCertType_Unknown; } /* incoming pointers must be valid */ NSS_IMPLEMENT PRStatus -nssCryptokiCertificate_GetAttributes ( +nssCryptokiCert_GetAttributes ( nssCryptokiObject *certObject, NSSArena *arenaOpt, - NSSCertificateType *certTypeOpt, + NSSCertType *certTypeOpt, NSSItem *idOpt, NSSDER *encodingOpt, NSSDER *issuerOpt, @@ -751,7 +751,7 @@ nssCryptokiCRL_GetAttributes ( } NSS_IMPLEMENT PRStatus -nssCryptokiPrivateKey_SetCertificate ( +nssCryptokiPrivateKey_SetCert ( nssCryptokiObject *keyObject, nssSession *session, NSSUTF8 *nickname, @@ -782,29 +782,29 @@ nssCryptokiPrivateKey_SetCertificate ( return (ckrv == CKR_OK) ? PR_SUCCESS : PR_FAILURE; } -static NSSSymmetricKeyType +static NSSSymKeyType nss_symm_key_type_from_ck_attrib(CK_ATTRIBUTE_PTR attrib) { CK_KEY_TYPE ckKeyType; PR_ASSERT(attrib->pValue); ckKeyType = *((CK_ULONG *)attrib->pValue); switch (ckKeyType) { - case CKK_DES: return NSSSymmetricKeyType_DES; - case CKK_DES3: return NSSSymmetricKeyType_TripleDES; - case CKK_RC2: return NSSSymmetricKeyType_RC2; - case CKK_RC4: return NSSSymmetricKeyType_RC4; - case CKK_RC5: return NSSSymmetricKeyType_RC5; - case CKK_AES: return NSSSymmetricKeyType_AES; + case CKK_DES: return NSSSymKeyType_DES; + case CKK_DES3: return NSSSymKeyType_TripleDES; + case CKK_RC2: return NSSSymKeyType_RC2; + case CKK_RC4: return NSSSymKeyType_RC4; + case CKK_RC5: return NSSSymKeyType_RC5; + case CKK_AES: return NSSSymKeyType_AES; default: break; } return NSSKeyPairType_Unknown; } NSS_IMPLEMENT PRStatus -nssCryptokiSymmetricKey_GetAttributes ( +nssCryptokiSymKey_GetAttributes ( nssCryptokiObject *keyObject, NSSArena *arenaOpt, - NSSSymmetricKeyType *keyTypeOpt, + NSSSymKeyType *keyTypeOpt, PRUint32 *keyLengthOpt, NSSOperations *opsOpt ) @@ -892,7 +892,7 @@ nssCryptokiSymmetricKey_GetAttributes ( } NSS_IMPLEMENT nssCryptokiObject * -nssCryptokiSymmetricKey_Copy ( +nssCryptokiSymKey_Copy ( nssCryptokiObject *sourceKey, nssSession *sourceSession, NSSToken *destination, @@ -960,16 +960,16 @@ loser: NSS_IMPLEMENT CK_KEY_TYPE nssCK_GetSymKeyType ( - NSSSymmetricKeyType keyType + NSSSymKeyType keyType ) { switch (keyType) { - case NSSSymmetricKeyType_DES: return CKK_DES; - case NSSSymmetricKeyType_TripleDES: return CKK_DES3; - case NSSSymmetricKeyType_AES: return CKK_AES; - case NSSSymmetricKeyType_RC2: return CKK_RC2; - case NSSSymmetricKeyType_RC4: return CKK_RC4; - case NSSSymmetricKeyType_RC5: return CKK_RC5; + case NSSSymKeyType_DES: return CKK_DES; + case NSSSymKeyType_TripleDES: return CKK_DES3; + case NSSSymKeyType_AES: return CKK_AES; + case NSSSymKeyType_RC2: return CKK_RC2; + case NSSSymKeyType_RC4: return CKK_RC4; + case NSSSymKeyType_RC5: return CKK_RC5; default: return CKK_GENERIC_SECRET; } } diff --git a/security/nss/lib/dev/ckhelper.h b/security/nss/lib/dev/ckhelper.h index 9cbe59356..27e164e89 100644 --- a/security/nss/lib/dev/ckhelper.h +++ b/security/nss/lib/dev/ckhelper.h @@ -202,7 +202,7 @@ nssCKObject_IsTokenObjectTemplate ( NSS_EXTERN CK_KEY_TYPE nssCK_GetSymKeyType ( - NSSSymmetricKeyType keyType + NSSSymKeyType keyType ); NSS_EXTERN CK_KEY_TYPE diff --git a/security/nss/lib/dev/dev.h b/security/nss/lib/dev/dev.h index 20b2a7e09..7dd288e2a 100644 --- a/security/nss/lib/dev/dev.h +++ b/security/nss/lib/dev/dev.h @@ -298,18 +298,18 @@ nssSlot_CreateSession ( * nssToken_NeedsPINInitialization * * ------ certificate objects -------- - * nssToken_ImportCertificate - * nssToken_FindCertificates - * nssToken_FindCertificatesBySubject - * nssToken_FindCertificatesByNickname - * nssToken_FindCertificatesByEmail - * nssToken_FindCertificateByIssuerAndSerialNumber - * nssToken_FindCertificateByEncodedCertificate + * nssToken_ImportCert + * nssToken_FindCerts + * nssToken_FindCertsBySubject + * nssToken_FindCertsByNickname + * nssToken_FindCertsByEmail + * nssToken_FindCertByIssuerAndSerialNumber + * nssToken_FindCertByEncodedCert * * ------ trust objects -------- * nssToken_ImportTrust * nssToken_FindTrustObjects - * nssToken_FindTrustForCertificate + * nssToken_FindTrustForCert * * ------ CRL objects -------- * nssToken_ImportCRL @@ -323,11 +323,11 @@ nssSlot_CreateSession ( * nssToken_FindPublicKeyByID * * ------ secret key objects -------- - * nssToken_GenerateSymmetricKey + * nssToken_GenerateSymKey * * ------ generic key stuff ------- * nssToken_UnwrapPrivateKey - * nssToken_UnwrapSymmetricKey + * nssToken_UnwrapSymKey * nssToken_WrapKey * nssToken_DeriveKey * @@ -404,10 +404,10 @@ nssToken_NeedsPINInitialization ( ); NSS_EXTERN nssCryptokiObject * -nssToken_ImportCertificate ( +nssToken_ImportCert ( NSSToken *tok, nssSession *session, - NSSCertificateType certType, + NSSCertType certType, NSSItem *id, NSSUTF8 *nickname, NSSDER *encoding, @@ -419,7 +419,7 @@ nssToken_ImportCertificate ( ); NSS_EXTERN nssCryptokiObject ** -nssToken_FindCertificates ( +nssToken_FindCerts ( NSSToken *token, nssSession *session, nssTokenSearchType searchType, @@ -428,7 +428,7 @@ nssToken_FindCertificates ( ); NSS_EXTERN nssCryptokiObject ** -nssToken_FindCertificatesBySubject ( +nssToken_FindCertsBySubject ( NSSToken *token, nssSession *session, NSSDER *subject, @@ -438,7 +438,7 @@ nssToken_FindCertificatesBySubject ( ); NSS_EXTERN nssCryptokiObject ** -nssToken_FindCertificatesByNickname ( +nssToken_FindCertsByNickname ( NSSToken *token, nssSession *session, NSSUTF8 *name, @@ -448,7 +448,7 @@ nssToken_FindCertificatesByNickname ( ); NSS_EXTERN nssCryptokiObject ** -nssToken_FindCertificatesByEmail ( +nssToken_FindCertsByEmail ( NSSToken *token, nssSession *session, NSSASCII7 *email, @@ -458,7 +458,7 @@ nssToken_FindCertificatesByEmail ( ); NSS_EXTERN nssCryptokiObject ** -nssToken_FindCertificatesByID ( +nssToken_FindCertsByID ( NSSToken *token, nssSession *session, NSSItem *id, @@ -468,7 +468,7 @@ nssToken_FindCertificatesByID ( ); NSS_EXTERN nssCryptokiObject * -nssToken_FindCertificateByIssuerAndSerialNumber ( +nssToken_FindCertByIssuerAndSerialNumber ( NSSToken *token, nssSession *session, NSSDER *issuer, @@ -478,10 +478,10 @@ nssToken_FindCertificateByIssuerAndSerialNumber ( ); NSS_EXTERN nssCryptokiObject * -nssToken_FindCertificateByEncodedCertificate ( +nssToken_FindCertByEncodedCert ( NSSToken *token, nssSession *session, - NSSBER *encodedCertificate, + NSSBER *encodedCert, nssTokenSearchType searchType, PRStatus *statusOpt ); @@ -510,7 +510,7 @@ nssToken_FindTrustObjects ( ); NSS_EXTERN nssCryptokiObject * -nssToken_FindTrustForCertificate ( +nssToken_FindTrustForCert ( NSSToken *token, nssSession *session, NSSDER *certEncoding, @@ -594,7 +594,7 @@ nssToken_FindPublicKeyByID ( ); NSS_EXTERN nssCryptokiObject * -nssToken_GenerateSymmetricKey ( +nssToken_GenerateSymKey ( NSSToken *token, nssSession *session, const NSSAlgNParam *ap, @@ -619,7 +619,7 @@ nssToken_UnwrapPrivateKey ( ); NSS_IMPLEMENT nssCryptokiObject * -nssToken_UnwrapSymmetricKey ( +nssToken_UnwrapSymKey ( NSSToken *token, nssSession *session, const NSSAlgNParam *ap, @@ -628,7 +628,7 @@ nssToken_UnwrapSymmetricKey ( PRBool asTokenObject, NSSOperations operations, NSSProperties properties, - NSSSymmetricKeyType symKeyType + NSSSymKeyType symKeyType ); NSS_EXTERN NSSItem * @@ -666,7 +666,7 @@ nssToken_DeriveSSLSessionKeys ( nssSession *session, const NSSAlgNParam *ap, nssCryptokiObject *masterSecret, - NSSSymmetricKeyType bulkKeyType, + NSSSymKeyType bulkKeyType, NSSOperations operations, NSSProperties properties, PRUint32 keySizeOpt, @@ -988,12 +988,12 @@ nssSession_IsReadWrite ( * nssCryptokiObject_DeleteStoredObject * nssCryptokiObject_Equal * nssCryptokiObject_Clone - * nssCryptokiCertificate_GetAttributes + * nssCryptokiCert_GetAttributes * nssCryptokiPrivateKey_GetAttributes * nssCryptokiPublicKey_GetAttributes * nssCryptokiTrust_GetAttributes * nssCryptokiCRL_GetAttributes - * nssCryptokiSymmetricKey_GetAttributes + * nssCryptokiSymKey_GetAttributes */ NSS_EXTERN void @@ -1038,10 +1038,10 @@ nssCryptokiObject_WeakClone ( ); NSS_EXTERN PRStatus -nssCryptokiCertificate_GetAttributes ( +nssCryptokiCert_GetAttributes ( nssCryptokiObject *object, NSSArena *arenaOpt, - NSSCertificateType *certTypeOpt, + NSSCertType *certTypeOpt, NSSItem *idOpt, NSSDER *encodingOpt, NSSDER *issuerOpt, @@ -1085,16 +1085,16 @@ nssCryptokiCRL_GetAttributes ( ); NSS_EXTERN PRStatus -nssCryptokiSymmetricKey_GetAttributes ( +nssCryptokiSymKey_GetAttributes ( nssCryptokiObject *keyObject, NSSArena *arenaOpt, - NSSSymmetricKeyType *keyTypeOpt, + NSSSymKeyType *keyTypeOpt, PRUint32 *keyLengthOpt, NSSOperations *opsOpt ); NSS_EXTERN nssCryptokiObject * -nssCryptokiSymmetricKey_Copy ( +nssCryptokiSymKey_Copy ( nssCryptokiObject *sourceKey, nssSession *sourceSession, NSSToken *destination, @@ -1107,7 +1107,7 @@ nssCryptokiSymmetricKey_Copy ( * associate it with a cert. Does it stay like this for 4.0? */ NSS_EXTERN PRStatus -nssCryptokiPrivateKey_SetCertificate ( +nssCryptokiPrivateKey_SetCert ( nssCryptokiObject *keyObject, nssSession *session, NSSUTF8 *nickname, @@ -1268,7 +1268,7 @@ nssSlotList_GetBestTokenForAlgorithm ( ); NSS_EXTERN PRStatus -nssToken_TraverseCertificates ( +nssToken_TraverseCerts ( NSSToken *token, nssSession *session, nssTokenSearchType searchType, diff --git a/security/nss/lib/dev/devtoken.c b/security/nss/lib/dev/devtoken.c index c687668f4..dcfd21074 100644 --- a/security/nss/lib/dev/devtoken.c +++ b/security/nss/lib/dev/devtoken.c @@ -573,10 +573,10 @@ find_objects_by_template ( } NSS_IMPLEMENT nssCryptokiObject * -nssToken_ImportCertificate ( +nssToken_ImportCert ( NSSToken *tok, nssSession *session, - NSSCertificateType certType, + NSSCertType certType, NSSItem *id, NSSUTF8 *nickname, NSSDER *encoding, @@ -594,7 +594,7 @@ nssToken_ImportCertificate ( nssTokenSearchType searchType; nssCryptokiObject *rvObject = NULL; - if (certType == NSSCertificateType_PKIX) { + if (certType == NSSCertType_PKIX) { cert_type = CKC_X_509; } else { return (nssCryptokiObject *)NULL; @@ -626,7 +626,7 @@ nssToken_ImportCertificate ( } NSS_CK_TEMPLATE_FINISH(cert_tmpl, attr, ctsize); /* see if the cert is already there */ - rvObject = nssToken_FindCertificateByIssuerAndSerialNumber(tok, + rvObject = nssToken_FindCertByIssuerAndSerialNumber(tok, session, issuer, serial, @@ -672,7 +672,7 @@ nssToken_ImportCertificate ( * has been marked as "traversable" */ NSS_IMPLEMENT nssCryptokiObject ** -nssToken_FindCertificates ( +nssToken_FindCerts ( NSSToken *token, nssSession *session, nssTokenSearchType searchType, @@ -708,7 +708,7 @@ nssToken_FindCertificates ( } NSS_IMPLEMENT nssCryptokiObject ** -nssToken_FindCertificatesBySubject ( +nssToken_FindCertsBySubject ( NSSToken *token, nssSession *session, NSSDER *subject, @@ -739,7 +739,7 @@ nssToken_FindCertificatesBySubject ( } NSS_IMPLEMENT nssCryptokiObject ** -nssToken_FindCertificatesByNickname ( +nssToken_FindCertsByNickname ( NSSToken *token, nssSession *session, NSSUTF8 *name, @@ -788,7 +788,7 @@ nssToken_FindCertificatesByNickname ( * it just won't return a value for it. */ NSS_IMPLEMENT nssCryptokiObject ** -nssToken_FindCertificatesByEmail ( +nssToken_FindCertsByEmail ( NSSToken *token, nssSession *session, NSSASCII7 *email, @@ -831,7 +831,7 @@ nssToken_FindCertificatesByEmail ( } NSS_IMPLEMENT nssCryptokiObject ** -nssToken_FindCertificatesByID ( +nssToken_FindCertsByID ( NSSToken *token, nssSession *session, NSSItem *id, @@ -904,7 +904,7 @@ nssToken_decodeSerialItem(NSSItem *serial, NSSItem *serialDecode) } NSS_IMPLEMENT nssCryptokiObject * -nssToken_FindCertificateByIssuerAndSerialNumber ( +nssToken_FindCertByIssuerAndSerialNumber ( NSSToken *token, nssSession *session, NSSDER *issuer, @@ -979,10 +979,10 @@ nssToken_FindCertificateByIssuerAndSerialNumber ( } NSS_IMPLEMENT nssCryptokiObject * -nssToken_FindCertificateByEncodedCertificate ( +nssToken_FindCertByEncodedCert ( NSSToken *token, nssSession *session, - NSSBER *encodedCertificate, + NSSBER *encodedCert, nssTokenSearchType searchType, PRStatus *statusOpt ) @@ -1000,7 +1000,7 @@ nssToken_FindCertificateByEncodedCertificate ( NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true); } NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CLASS, &g_ck_class_cert); - NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_VALUE, encodedCertificate); + NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_VALUE, encodedCert); NSS_CK_TEMPLATE_FINISH(cert_template, attr, ctsize); /* get the object handle */ objects = find_objects_by_template(token, session, @@ -1273,7 +1273,7 @@ nssToken_FindTrustObjects ( } NSS_IMPLEMENT nssCryptokiObject * -nssToken_FindTrustForCertificate ( +nssToken_FindTrustForCert ( NSSToken *token, nssSession *session, NSSDER *certEncoding, @@ -1610,7 +1610,7 @@ nssToken_GenerateKeyPair ( } NSS_IMPLEMENT nssCryptokiObject * -nssToken_GenerateSymmetricKey ( +nssToken_GenerateSymKey ( NSSToken *token, nssSession *session, const NSSAlgNParam *ap, @@ -1775,7 +1775,7 @@ nssToken_UnwrapPrivateKey ( } NSS_IMPLEMENT nssCryptokiObject * -nssToken_UnwrapSymmetricKey ( +nssToken_UnwrapSymKey ( NSSToken *token, nssSession *session, const NSSAlgNParam *ap, @@ -1784,7 +1784,7 @@ nssToken_UnwrapSymmetricKey ( PRBool asTokenObject, NSSOperations operations, NSSProperties properties, - NSSSymmetricKeyType symKeyType + NSSSymKeyType symKeyType ) { CK_KEY_TYPE keyType = nssCK_GetSymKeyType(symKeyType); @@ -1924,7 +1924,7 @@ nssToken_DeriveSSLSessionKeys ( nssSession *session, const NSSAlgNParam *ap, nssCryptokiObject *masterSecret, - NSSSymmetricKeyType bulkKeyType, + NSSSymKeyType bulkKeyType, NSSOperations operations, NSSProperties properties, PRUint32 keySizeOpt, @@ -2903,7 +2903,7 @@ nssToken_FinishDigest ( * increasing the likelihood that the cache takes care of it. */ NSS_IMPLEMENT PRStatus -nssToken_TraverseCertificates ( +nssToken_TraverseCerts ( NSSToken *token, nssSession *session, nssTokenSearchType searchType, diff --git a/security/nss/lib/dev/devutil.c b/security/nss/lib/dev/devutil.c index bd23eee9d..8ab96e48e 100644 --- a/security/nss/lib/dev/devutil.c +++ b/security/nss/lib/dev/devutil.c @@ -896,7 +896,7 @@ get_token_certs_for_cache ( return PR_SUCCESS; } session = nssToken_GetDefaultSession(cache->token); /* XXX */ - objects = nssToken_FindCertificates(cache->token, session, + objects = nssToken_FindCerts(cache->token, session, nssTokenSearchType_TokenForced, MAX_LOCAL_CACHE_OBJECTS, &status); if (status != PR_SUCCESS) { diff --git a/security/nss/lib/dev/nssdevt.h b/security/nss/lib/dev/nssdevt.h index a70a5f594..1c2352d41 100644 --- a/security/nss/lib/dev/nssdevt.h +++ b/security/nss/lib/dev/nssdevt.h @@ -85,9 +85,9 @@ struct NSSCallbackStr { }; typedef enum { - NSSCertificateType_Unknown = 0, - NSSCertificateType_PKIX = 1 -} NSSCertificateType; + NSSCertType_Unknown = 0, + NSSCertType_PKIX = 1 +} NSSCertType; typedef enum { @@ -134,16 +134,16 @@ NSSPublicKeyInfo; typedef enum { - NSSSymmetricKeyType_Unknown = 0, - NSSSymmetricKeyType_DES = 1, - NSSSymmetricKeyType_TripleDES = 2, - NSSSymmetricKeyType_RC2 = 3, - NSSSymmetricKeyType_RC4 = 4, - NSSSymmetricKeyType_RC5 = 5, - NSSSymmetricKeyType_AES = 6, - NSSSymmetricKeyType_SSLPMS = 7, - NSSSymmetricKeyType_SSLMS = 8 -} NSSSymmetricKeyType; + NSSSymKeyType_Unknown = 0, + NSSSymKeyType_DES = 1, + NSSSymKeyType_TripleDES = 2, + NSSSymKeyType_RC2 = 3, + NSSSymKeyType_RC4 = 4, + NSSSymKeyType_RC5 = 5, + NSSSymKeyType_AES = 6, + NSSSymKeyType_SSLPMS = 7, + NSSSymKeyType_SSLMS = 8 +} NSSSymKeyType; /* * RSA diff --git a/security/nss/lib/nss/nss.def b/security/nss/lib/nss/nss.def index 2f1197dc8..92ac88562 100644 --- a/security/nss/lib/nss/nss.def +++ b/security/nss/lib/nss/nss.def @@ -53,7 +53,7 @@ NSS_Initialize; NSS_InitReadWrite; NSS_GenerateRandom; NSS_NoDB_Init; -NSS_SetDefaultCertificateHandler; +NSS_SetDefaultCertHandler; NSS_Shutdown; NSS_VersionCheck; NSS_GetError; @@ -100,38 +100,38 @@ NSSAlgNParam_Encode; NSSAlgNParam_Decode; NSSAlgNParam_Destroy; NSSAlgNParam_GetAlgorithm; -NSSCertificate_Destroy; -NSSCertificate_DeleteStoredObject; -NSSCertificate_Validate; -;+#NSSCertificate_ValidateCompletely; -;+#NSSCertificate_ValidateAndDiscoverUsagesAndPolicies; -;+#NSSCertificate_Encode; -NSSCertificate_BuildChain; -;+#NSSCertificate_GetTrustDomain; -NSSCertificate_GetTokens; -;+#NSSCertificate_GetSlot; -;+#NSSCertificate_GetModule; -NSSCertificate_GetIssuer; -NSSCertificate_GetNickname; -NSSCertificate_GetDecoding; -NSSCertificate_GetSerialNumber; -NSSCertificate_GetType; -NSSCertificate_GetTrustedUsages; -NSSCertificate_SetTrustedUsages; -;+#NSSCertificate_Encrypt; -;+#NSSCertificate_Verify; -;+#NSSCertificate_VerifyRecover; -NSSCertificate_WrapSymmetricKey; -;+#NSSCertificate_CreateCryptoContext; -NSSCertificate_GetPublicKey; -NSSCertificate_FindPrivateKey; -NSSCertificate_IsPrivateKeyAvailable; -;+#NSSUserCertificate_IsStillPresent; -;+#NSSUserCertificate_Decrypt; -;+#NSSUserCertificate_Sign; -;+#NSSUserCertificate_SignRecover; -;+#NSSUserCertificate_UnwrapSymmetricKey; -;+#NSSUserCertificate_DeriveSymmetricKey; +NSSCert_Destroy; +NSSCert_DeleteStoredObject; +NSSCert_Validate; +;+#NSSCert_ValidateCompletely; +;+#NSSCert_ValidateAndDiscoverUsagesAndPolicies; +;+#NSSCert_Encode; +NSSCert_BuildChain; +;+#NSSCert_GetTrustDomain; +NSSCert_GetTokens; +;+#NSSCert_GetSlot; +;+#NSSCert_GetModule; +NSSCert_GetIssuer; +NSSCert_GetNickname; +NSSCert_GetDecoding; +NSSCert_GetSerialNumber; +NSSCert_GetType; +NSSCert_GetTrustedUsages; +NSSCert_SetTrustedUsages; +;+#NSSCert_Encrypt; +;+#NSSCert_Verify; +;+#NSSCert_VerifyRecover; +NSSCert_WrapSymKey; +;+#NSSCert_CreateCryptoContext; +NSSCert_GetPublicKey; +NSSCert_FindPrivateKey; +NSSCert_IsPrivateKeyAvailable; +;+#NSSUserCert_IsStillPresent; +;+#NSSUserCert_Decrypt; +;+#NSSUserCert_Sign; +;+#NSSUserCert_SignRecover; +;+#NSSUserCert_UnwrapSymKey; +;+#NSSUserCert_DeriveSymKey; NSSPrivateKey_Destroy; NSSPrivateKey_DeleteStoredObject; NSSPrivateKey_GetType; @@ -146,12 +146,12 @@ NSSPrivateKey_Encode; ;+#NSSPrivateKey_Decrypt; ;+#NSSPrivateKey_Sign; ;+#NSSPrivateKey_SignRecover; -;+#NSSPrivateKey_UnwrapSymmetricKey; -;+#NSSPrivateKey_DeriveSymmetricKey; +;+#NSSPrivateKey_UnwrapSymKey; +;+#NSSPrivateKey_DeriveSymKey; NSSPrivateKey_FindPublicKey; ;+#NSSPrivateKey_CreateCryptoContext; -NSSPrivateKey_FindCertificates; -;+#NSSPrivateKey_FindBestCertificate; +NSSPrivateKey_FindCerts; +;+#NSSPrivateKey_FindBestCert; NSSPublicKey_Destroy; NSSPublicKey_DeleteStoredObject; ;+#NSSPublicKey_Encode; @@ -163,32 +163,32 @@ NSSPublicKey_GetInfo; ;+#NSSPublicKey_Encrypt; NSSPublicKey_Verify; ;+#NSSPublicKey_VerifyRecover; -;+#NSSPublicKey_WrapSymmetricKey; +;+#NSSPublicKey_WrapSymKey; ;+#NSSPublicKey_CreateCryptoContext; -;+#NSSPublicKey_FindCertificates; -;+#NSSPublicKey_FindBestCertificate; +;+#NSSPublicKey_FindCerts; +;+#NSSPublicKey_FindBestCert; ;+#NSSPublicKey_FindPrivateKey; -NSSSymmetricKey_Destroy; -;+#NSSSymmetricKey_DeleteStoredObject; -;+#NSSSymmetricKey_GetKeyLength; -;+#NSSSymmetricKey_GetKeyStrength; -;+#NSSSymmetricKey_IsStillPresent; -;+#NSSSymmetricKey_GetTrustDomain; -;+#NSSSymmetricKey_GetToken; -;+#NSSSymmetricKey_GetSlot; -;+#NSSSymmetricKey_GetModule; -NSSSymmetricKey_Encrypt; -NSSSymmetricKey_Decrypt; -;+#NSSSymmetricKey_Sign; -;+#NSSSymmetricKey_SignRecover; -;+#NSSSymmetricKey_Verify; -;+#NSSSymmetricKey_VerifyRecover; -;+#NSSSymmetricKey_WrapSymmetricKey; -;+#NSSSymmetricKey_WrapPrivateKey; -;+#NSSSymmetricKey_UnwrapSymmetricKey; -;+#NSSSymmetricKey_UnwrapPrivateKey; -;+#NSSSymmetricKey_DeriveSymmetricKey; -NSSSymmetricKey_CreateCryptoContext; +NSSSymKey_Destroy; +;+#NSSSymKey_DeleteStoredObject; +;+#NSSSymKey_GetKeyLength; +;+#NSSSymKey_GetKeyStrength; +;+#NSSSymKey_IsStillPresent; +;+#NSSSymKey_GetTrustDomain; +;+#NSSSymKey_GetToken; +;+#NSSSymKey_GetSlot; +;+#NSSSymKey_GetModule; +NSSSymKey_Encrypt; +NSSSymKey_Decrypt; +;+#NSSSymKey_Sign; +;+#NSSSymKey_SignRecover; +;+#NSSSymKey_Verify; +;+#NSSSymKey_VerifyRecover; +;+#NSSSymKey_WrapSymKey; +;+#NSSSymKey_WrapPrivateKey; +;+#NSSSymKey_UnwrapSymKey; +;+#NSSSymKey_UnwrapPrivateKey; +;+#NSSSymKey_DeriveSymKey; +NSSSymKey_CreateCryptoContext; NSSTrustDomain_Create; ;+#NSSTrustDomain_Destroy; NSSTrustDomain_SetDefaultCallback; @@ -204,33 +204,33 @@ NSSTrustDomain_FindTokenByName; ;+#NSSTrustDomain_FindBestTokenForAlgorithms; NSSTrustDomain_Login; ;+#NSSTrustDomain_Logout; -;+#NSSTrustDomain_ImportCertificate; -;+#NSSTrustDomain_ImportPKIXCertificate; -NSSTrustDomain_ImportEncodedCertificate; -;+#NSSTrustDomain_ImportEncodedCertificateChain; +;+#NSSTrustDomain_ImportCert; +;+#NSSTrustDomain_ImportPKIXCert; +NSSTrustDomain_ImportEncodedCert; +;+#NSSTrustDomain_ImportEncodedCertChain; NSSTrustDomain_ImportEncodedPrivateKey; ;+#NSSTrustDomain_ImportEncodedPublicKey; -NSSTrustDomain_FindBestCertificateByNickname; -NSSTrustDomain_FindCertificatesByNickname; -NSSTrustDomain_FindCertificateByIssuerAndSerialNumber; -NSSTrustDomain_FindBestCertificateBySubject; -NSSTrustDomain_FindCertificatesBySubject; -;+#NSSTrustDomain_FindBestCertificateByNameComponents; -;+#NSSTrustDomain_FindCertificatesByNameComponents; -NSSTrustDomain_FindCertificateByEncodedCertificate; -;+#NSSTrustDomain_FindCertificateByEmail; -;+#NSSTrustDomain_FindCertificatesByEmail; -;+#NSSTrustDomain_FindCertificateByOCSPHash; -;+#NSSTrustDomain_FindBestUserCertificate; -NSSTrustDomain_FindUserCertificates; -;+#NSSTrustDomain_FindBestUserCertificateForSSLClientAuth; -;+#NSSTrustDomain_FindUserCertificatesForSSLClientAuth; -;+#NSSTrustDomain_FindBestUserCertificateForEmailSigning; -;+#NSSTrustDomain_FindUserCertificatesForEmailSigning; +NSSTrustDomain_FindBestCertByNickname; +NSSTrustDomain_FindCertsByNickname; +NSSTrustDomain_FindCertByIssuerAndSerialNumber; +NSSTrustDomain_FindBestCertBySubject; +NSSTrustDomain_FindCertsBySubject; +;+#NSSTrustDomain_FindBestCertByNameComponents; +;+#NSSTrustDomain_FindCertsByNameComponents; +NSSTrustDomain_FindCertByEncodedCert; +;+#NSSTrustDomain_FindCertByEmail; +;+#NSSTrustDomain_FindCertsByEmail; +;+#NSSTrustDomain_FindCertByOCSPHash; +;+#NSSTrustDomain_FindBestUserCert; +NSSTrustDomain_FindUserCerts; +;+#NSSTrustDomain_FindBestUserCertForSSLClientAuth; +;+#NSSTrustDomain_FindUserCertsForSSLClientAuth; +;+#NSSTrustDomain_FindBestUserCertForEmailSigning; +;+#NSSTrustDomain_FindUserCertsForEmailSigning; NSSTrustDomain_GenerateKeyPair; -NSSTrustDomain_GenerateSymmetricKey; -;+#NSSTrustDomain_GenerateSymmetricKeyFromPassword; -;+#NSSTrustDomain_FindSymmetricKeyByAlgorithmAndKeyID; +NSSTrustDomain_GenerateSymKey; +;+#NSSTrustDomain_GenerateSymKeyFromPassword; +;+#NSSTrustDomain_FindSymKeyByAlgorithmAndKeyID; NSSTrustDomain_CreateCryptoContext; ;+#NSSTrustDomain_CreateCryptoContextForAlgorithm; ;+#NSSTrustDomain_CreateCryptoContextForAlgNParam; @@ -251,8 +251,8 @@ NSSCryptoContext_FinishDecrypt; ;+#NSSCryptoContext_BeginSignRecover; ;+#NSSCryptoContext_ContinueSignRecover; ;+#NSSCryptoContext_FinishSignRecover; -;+#NSSCryptoContext_UnwrapSymmetricKey; -;+#NSSCryptoContext_DeriveSymmetricKey; +;+#NSSCryptoContext_UnwrapSymKey; +;+#NSSCryptoContext_DeriveSymKey; NSSCryptoContext_Encrypt; ;+#NSSCryptoContext_BeginEncrypt; ;+#NSSCryptoContext_ContinueEncrypt; @@ -265,51 +265,51 @@ NSSCryptoContext_Encrypt; ;+#NSSCryptoContext_BeginVerifyRecover; ;+#NSSCryptoContext_ContinueVerifyRecover; ;+#NSSCryptoContext_FinishVerifyRecover; -;+#NSSCryptoContext_WrapSymmetricKey; +;+#NSSCryptoContext_WrapSymKey; NSSCryptoContext_Digest; ;+#NSSCryptoContext_BeginDigest; ;+#NSSCryptoContext_ContinueDigest; ;+#NSSCryptoContext_FinishDigest; ;+#NSSCryptoContext_Clone; NSSVolatileDomain_Destroy; -;+#NSSVolatileDomain_ImportCertificate; -NSSVolatileDomain_ImportEncodedCertificate; -;+#NSSVolatileDomain_ImportEncodedCertificateChain; +;+#NSSVolatileDomain_ImportCert; +NSSVolatileDomain_ImportEncodedCert; +;+#NSSVolatileDomain_ImportEncodedCertChain; NSSVolatileDomain_ImportEncodedPrivateKey; -NSSVolatileDomain_FindBestCertificateByNickname; -NSSVolatileDomain_FindCertificatesByNickname; -NSSVolatileDomain_FindCertificateByIssuerAndSerialNumber; -NSSVolatileDomain_FindBestCertificateBySubject; -NSSVolatileDomain_FindCertificatesBySubject; -;+#NSSVolatileDomain_FindBestCertificateByNameComponents; -;+#NSSVolatileDomain_FindCertificatesByNameComponents; -NSSVolatileDomain_FindCertificateByEncodedCertificate; -NSSVolatileDomain_FindBestCertificateByEmail; -NSSVolatileDomain_FindCertificatesByEmail; -;+#NSSVolatileDomain_FindCertificateByOCSPHash; -;+#NSSVolatileDomain_FindBestUserCertificate; -;+#NSSVolatileDomain_FindUserCertificates; -;+#NSSVolatileDomain_FindBestUserCertificateForSSLClientAuth; -;+#NSSVolatileDomain_FindUserCertificatesForSSLClientAuth; -;+#NSSVolatileDomain_FindBestUserCertificateForEmailSigning; -;+#NSSVolatileDomain_FindUserCertificatesForEmailSigning; +NSSVolatileDomain_FindBestCertByNickname; +NSSVolatileDomain_FindCertsByNickname; +NSSVolatileDomain_FindCertByIssuerAndSerialNumber; +NSSVolatileDomain_FindBestCertBySubject; +NSSVolatileDomain_FindCertsBySubject; +;+#NSSVolatileDomain_FindBestCertByNameComponents; +;+#NSSVolatileDomain_FindCertsByNameComponents; +NSSVolatileDomain_FindCertByEncodedCert; +NSSVolatileDomain_FindBestCertByEmail; +NSSVolatileDomain_FindCertsByEmail; +;+#NSSVolatileDomain_FindCertByOCSPHash; +;+#NSSVolatileDomain_FindBestUserCert; +;+#NSSVolatileDomain_FindUserCerts; +;+#NSSVolatileDomain_FindBestUserCertForSSLClientAuth; +;+#NSSVolatileDomain_FindUserCertsForSSLClientAuth; +;+#NSSVolatileDomain_FindBestUserCertForEmailSigning; +;+#NSSVolatileDomain_FindUserCertsForEmailSigning; ;+#NSSVolatileDomain_GenerateKeyPair; -NSSVolatileDomain_GenerateSymmetricKey; -;+#NSSVolatileDomain_GenerateSymmetricKeyFromPassword; -;+#NSSVolatileDomain_FindSymmetricKeyByAlgorithmAndKeyID; -NSSVolatileDomain_UnwrapSymmetricKey; +NSSVolatileDomain_GenerateSymKey; +;+#NSSVolatileDomain_GenerateSymKeyFromPassword; +;+#NSSVolatileDomain_FindSymKeyByAlgorithmAndKeyID; +NSSVolatileDomain_UnwrapSymKey; ;+# ;+# for debugging, determine whether to keep later ;+# NSSToken_GetName; -nssCertificate_GetNickname; -nssCertificate_GetEncoding; -NSSCertificateArray_Destroy; +nssCert_GetNickname; +nssCert_GetEncoding; +NSSCertArray_Destroy; NSSModuleArray_Destroy; NSSSlotArray_Destroy; NSSTokenArray_Destroy; nssPrivateKey_GetNickname; -NSSTrustDomain_TraverseCertificates; +NSSTrustDomain_TraverseCerts; NSSTrustDomain_TraversePrivateKeys; nss_GetDefaultDatabaseToken; nssToken_NeedsPINInitialization; diff --git a/security/nss/lib/nss/nss.h b/security/nss/lib/nss/nss.h index 5baf32e71..00915151b 100644 --- a/security/nss/lib/nss/nss.h +++ b/security/nss/lib/nss/nss.h @@ -158,7 +158,7 @@ void PK11_ConfigurePKCS11(const char *man, const char *libdes, * Dump the contents of the certificate cache and the temporary cert store. * Use to detect leaked references of certs at shutdown time. */ -void nss_DumpCertificateCacheInfo(void); +void nss_DumpCertCacheInfo(void); NSS_EXTERN NSSTrustDomain * NSS_GetDefaultTrustDomain ( @@ -166,9 +166,9 @@ NSS_GetDefaultTrustDomain ( ); NSS_EXTERN PRStatus -NSS_SetDefaultCertificateHandler ( - NSSCertificateType certType, - NSSCertificateMethods *certMethods +NSS_SetDefaultCertHandler ( + NSSCertType certType, + NSSCertMethods *certMethods ); PR_END_EXTERN_C diff --git a/security/nss/lib/nss/nsscert.c b/security/nss/lib/nss/nsscert.c index 33273638e..8a297823b 100644 --- a/security/nss/lib/nss/nsscert.c +++ b/security/nss/lib/nss/nsscert.c @@ -34,29 +34,29 @@ #include "nss.h" #include "nssdevt.h" -static NSSCertificateMethods *pkixMethods = NULL; +static NSSCertMethods *pkixMethods = NULL; NSS_IMPLEMENT PRStatus -NSS_SetDefaultCertificateHandler ( - NSSCertificateType certType, - NSSCertificateMethods *certMethods +NSS_SetDefaultCertHandler ( + NSSCertType certType, + NSSCertMethods *certMethods ) { - if (certType == NSSCertificateType_PKIX) { + if (certType == NSSCertType_PKIX) { pkixMethods = certMethods; return PR_SUCCESS; } return PR_FAILURE; } -NSS_IMPLEMENT NSSCertificateMethods * +NSS_IMPLEMENT NSSCertMethods * nss_GetMethodsForType ( - NSSCertificateType certType + NSSCertType certType ) { - if (certType == NSSCertificateType_PKIX) { + if (certType == NSSCertType_PKIX) { return pkixMethods; } - return (NSSCertificateMethods *)NULL; + return (NSSCertMethods *)NULL; } diff --git a/security/nss/lib/nss/nssrenam.h b/security/nss/lib/nss/nssrenam.h index 7791173f5..13b67207b 100644 --- a/security/nss/lib/nss/nssrenam.h +++ b/security/nss/lib/nss/nssrenam.h @@ -34,12 +34,12 @@ #ifndef __nssrenam_h_ #define __nssrenam_h_ -#define CERT_NewTempCertificate __CERT_NewTempCertificate +#define CERT_NewTempCert __CERT_NewTempCert #define PK11_CreateContextByRawKey __PK11_CreateContextByRawKey #define PK11_GetKeyData __PK11_GetKeyData #define nss_InitLock __nss_InitLock #define CERT_ClosePermCertDB __CERT_ClosePermCertDB -#define CERT_DecodeDERCertificate __CERT_DecodeDERCertificate +#define CERT_DecodeDERCert __CERT_DecodeDERCert #define CERT_TraversePermCertsForNickname __CERT_TraversePermCertsForNickname #define CERT_TraversePermCertsForSubject __CERT_TraversePermCertsForSubject #define PBE_CreateContext __PBE_CreateContext diff --git a/security/nss/lib/nss/nsst.h b/security/nss/lib/nss/nsst.h index 44f57e686..4d5195396 100644 --- a/security/nss/lib/nss/nsst.h +++ b/security/nss/lib/nss/nsst.h @@ -107,7 +107,7 @@ typedef struct */ void (PR_CALLBACK *destroy)(void *cert); } -NSSCertificateMethods; +NSSCertMethods; PR_END_EXTERN_C diff --git a/security/nss/lib/pki/asymmkey.c b/security/nss/lib/pki/asymmkey.c index 25bd7cf68..47201aa0a 100644 --- a/security/nss/lib/pki/asymmkey.c +++ b/security/nss/lib/pki/asymmkey.c @@ -322,8 +322,9 @@ nssPrivateKey_Encode ( return (NSSItem *)NULL; } + /* XXX use GenByPassword!!! */ /* use the supplied PBE alg/param to create a wrapping key */ - pbeKey = nssToken_GenerateSymmetricKey(vkey->token, vkey->session, ap, + pbeKey = nssToken_GenerateSymKey(vkey->token, vkey->session, ap, 0, NULL, PR_FALSE, NSSOperations_WRAP, 0); nss_ZFreeIf(password); @@ -460,7 +461,7 @@ nssPrivateKey_Decode ( } /* use the supplied PBE alg/param to create a wrapping key */ - pbeKey = nssToken_GenerateSymmetricKey(destination, session, pbeAP, + pbeKey = nssToken_GenerateSymKey(destination, session, pbeAP, 0, NULL, PR_FALSE, NSSOperations_UNWRAP, 0); nss_ZFreeIf(password); @@ -608,8 +609,8 @@ NSSPrivateKey_SignRecover ( return NULL; } -NSS_IMPLEMENT NSSSymmetricKey * -NSSPrivateKey_UnwrapSymmetricKey ( +NSS_IMPLEMENT NSSSymKey * +NSSPrivateKey_UnwrapSymKey ( NSSPrivateKey *vk, const NSSAlgNParam *apOpt, NSSItem *wrappedKey, @@ -620,8 +621,8 @@ NSSPrivateKey_UnwrapSymmetricKey ( return NULL; } -NSS_IMPLEMENT NSSSymmetricKey * -NSSPrivateKey_DeriveSymmetricKey ( +NSS_IMPLEMENT NSSSymKey * +NSSPrivateKey_DeriveSymKey ( NSSPrivateKey *vk, NSSPublicKey *bk, const NSSAlgNParam *apOpt, @@ -711,32 +712,32 @@ NSSPrivateKey_CreateCryptoContext ( return NULL; } -NSS_IMPLEMENT NSSCertificate ** -nssPrivateKey_FindCertificates ( +NSS_IMPLEMENT NSSCert ** +nssPrivateKey_FindCerts ( NSSPrivateKey *vk, - NSSCertificate **rvOpt, + NSSCert **rvOpt, PRUint32 maximumOpt, NSSArena *arenaOpt ) { NSSTrustDomain *td = nssPrivateKey_GetTrustDomain(vk, NULL); - return nssTrustDomain_FindCertificatesByID(td, &vk->id, + return nssTrustDomain_FindCertsByID(td, &vk->id, rvOpt, maximumOpt, arenaOpt); } -NSS_IMPLEMENT NSSCertificate ** -NSSPrivateKey_FindCertificates ( +NSS_IMPLEMENT NSSCert ** +NSSPrivateKey_FindCerts ( NSSPrivateKey *vk, - NSSCertificate **rvOpt, + NSSCert **rvOpt, PRUint32 maximumOpt, NSSArena *arenaOpt ) { - return nssPrivateKey_FindCertificates(vk, rvOpt, maximumOpt, arenaOpt); + return nssPrivateKey_FindCerts(vk, rvOpt, maximumOpt, arenaOpt); } -NSS_IMPLEMENT NSSCertificate * -NSSPrivateKey_FindBestCertificate ( +NSS_IMPLEMENT NSSCert * +NSSPrivateKey_FindBestCert ( NSSPrivateKey *vk, NSSTime time, NSSUsages *usagesOpt, @@ -1216,10 +1217,10 @@ nssPublicKey_GetInstanceForAlgorithmAndObject ( } NSS_IMPLEMENT NSSItem * -nssPublicKey_WrapSymmetricKey ( +nssPublicKey_WrapSymKey ( NSSPublicKey *bk, const NSSAlgNParam *ap, - NSSSymmetricKey *keyToWrap, + NSSSymKey *keyToWrap, NSSCallback *uhh, NSSItem *rvOpt, NSSArena *arenaOpt @@ -1240,16 +1241,16 @@ nssPublicKey_WrapSymmetricKey ( } NSS_IMPLEMENT NSSItem * -NSSPublicKey_WrapSymmetricKey ( +NSSPublicKey_WrapSymKey ( NSSPublicKey *bk, const NSSAlgNParam *ap, - NSSSymmetricKey *keyToWrap, + NSSSymKey *keyToWrap, NSSCallback *uhh, NSSItem *rvOpt, NSSArena *arenaOpt ) { - return nssPublicKey_WrapSymmetricKey(bk, ap, keyToWrap, + return nssPublicKey_WrapSymKey(bk, ap, keyToWrap, uhh, rvOpt, arenaOpt); } @@ -1264,60 +1265,60 @@ NSSPublicKey_CreateCryptoContext ( return NULL; } -NSS_IMPLEMENT NSSCertificate ** -nssPublicKey_FindCertificates ( +NSS_IMPLEMENT NSSCert ** +nssPublicKey_FindCerts ( NSSPublicKey *bk, - NSSCertificate **rvOpt, + NSSCert **rvOpt, PRUint32 maximumOpt, NSSArena *arenaOpt ) { NSSTrustDomain *td = nssPublicKey_GetTrustDomain(bk, NULL); - return nssTrustDomain_FindCertificatesByID(td, &bk->id, + return nssTrustDomain_FindCertsByID(td, &bk->id, rvOpt, maximumOpt, arenaOpt); } -NSS_IMPLEMENT NSSCertificate ** -NSSPublicKey_FindCertificates ( +NSS_IMPLEMENT NSSCert ** +NSSPublicKey_FindCerts ( NSSPublicKey *bk, - NSSCertificate **rvOpt, + NSSCert **rvOpt, PRUint32 maximumOpt, NSSArena *arenaOpt ) { - return nssPublicKey_FindCertificates(bk, rvOpt, maximumOpt, arenaOpt); + return nssPublicKey_FindCerts(bk, rvOpt, maximumOpt, arenaOpt); } -NSS_IMPLEMENT NSSCertificate * -nssPublicKey_FindBestCertificate ( +NSS_IMPLEMENT NSSCert * +nssPublicKey_FindBestCert ( NSSPublicKey *bk, NSSTime time, NSSUsages *usageOpt, NSSPolicies *policiesOpt ) { - NSSCertificate *rvCert = NULL; - NSSCertificate **certs; + NSSCert *rvCert = NULL; + NSSCert **certs; - certs = nssPublicKey_FindCertificates(bk, NULL, 0, NULL); + certs = nssPublicKey_FindCerts(bk, NULL, 0, NULL); if (!certs) { - return (NSSCertificate *)NULL; + return (NSSCert *)NULL; } - rvCert = nssCertificateArray_FindBestCertificate(certs, time, + rvCert = nssCertArray_FindBestCert(certs, time, usageOpt, policiesOpt); - nssCertificateArray_Destroy(certs); + nssCertArray_Destroy(certs); return rvCert; } -NSS_IMPLEMENT NSSCertificate * -NSSPublicKey_FindBestCertificate ( +NSS_IMPLEMENT NSSCert * +NSSPublicKey_FindBestCert ( NSSPublicKey *bk, NSSTime time, NSSUsages *usageOpt, NSSPolicies *policiesOpt ) { - return nssPublicKey_FindBestCertificate(bk, time, + return nssPublicKey_FindBestCert(bk, time, usageOpt, policiesOpt); } diff --git a/security/nss/lib/pki/certificate.c b/security/nss/lib/pki/certificate.c index b2357d92b..6cee3fc12 100644 --- a/security/nss/lib/pki/certificate.c +++ b/security/nss/lib/pki/certificate.c @@ -52,7 +52,7 @@ static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"; typedef struct { void *data; - NSSCertificateMethods *methods; + NSSCertMethods *methods; PRBool haveValidity; NSSTime notBefore; NSSTime notAfter; @@ -62,10 +62,10 @@ typedef struct } nssCertDecoding; -struct NSSCertificateStr +struct NSSCertStr { nssPKIObject object; - NSSCertificateType kind; + NSSCertType kind; NSSItem id; NSSBER encoding; NSSDER issuer; @@ -77,29 +77,29 @@ struct NSSCertificateStr }; -NSS_EXTERN NSSCertificateMethods * +NSS_EXTERN NSSCertMethods * nss_GetMethodsForType ( - NSSCertificateType certType + NSSCertType certType ); /* Creates a certificate from a base object */ -NSS_IMPLEMENT NSSCertificate * -nssCertificate_Create ( +NSS_IMPLEMENT NSSCert * +nssCert_Create ( nssPKIObject *object ) { PRStatus status; - NSSCertificate *rvCert; + NSSCert *rvCert; /* mark? */ NSSArena *arena = object->arena; PR_ASSERT(object->instances != NULL && object->numInstances > 0); - rvCert = nss_ZNEW(arena, NSSCertificate); + rvCert = nss_ZNEW(arena, NSSCert); if (!rvCert) { - return (NSSCertificate *)NULL; + return (NSSCert *)NULL; } rvCert->object = *object; /* XXX should choose instance based on some criteria */ - status = nssCryptokiCertificate_GetAttributes(object->instances[0], + status = nssCryptokiCert_GetAttributes(object->instances[0], arena, &rvCert->kind, &rvCert->id, @@ -109,36 +109,36 @@ nssCertificate_Create ( &rvCert->subject, &rvCert->email); if (status != PR_SUCCESS) { - return (NSSCertificate *)NULL; + return (NSSCert *)NULL; } /* all certs need an encoding value */ if (rvCert->encoding.data == NULL) { - return (NSSCertificate *)NULL; + return (NSSCert *)NULL; } rvCert->decoding.methods = nss_GetMethodsForType(rvCert->kind); if (!rvCert->decoding.methods) { - return (NSSCertificate *)NULL; + return (NSSCert *)NULL; } return rvCert; } -NSS_IMPLEMENT NSSCertificate * -nssCertificate_Decode ( +NSS_IMPLEMENT NSSCert * +nssCert_Decode ( NSSBER *ber ) { NSSArena *arena; - NSSCertificate *rvCert; - NSSCertificateMethods *decoder; + NSSCert *rvCert; + NSSCertMethods *decoder; void *decoding; NSSItem *it; /* create the PKIObject */ arena = nssArena_Create(); if (!arena) { - return (NSSCertificate *)NULL; + return (NSSCert *)NULL; } - rvCert = nss_ZNEW(arena, NSSCertificate); + rvCert = nss_ZNEW(arena, NSSCert); if (!rvCert) { goto loser; } @@ -149,7 +149,7 @@ nssCertificate_Decode ( goto loser; } /* try to decode it */ - decoder = nss_GetMethodsForType(NSSCertificateType_PKIX); + decoder = nss_GetMethodsForType(NSSCertType_PKIX); if (!decoder) { /* nss_SetError(UNKNOWN_CERT_TYPE); */ goto loser; @@ -159,7 +159,7 @@ nssCertificate_Decode ( /* it's a PKIX cert */ rvCert->decoding.methods = decoder; rvCert->decoding.data = decoding; - rvCert->kind = NSSCertificateType_PKIX; + rvCert->kind = NSSCertType_PKIX; } else { goto loser; } @@ -191,17 +191,17 @@ nssCertificate_Decode ( return rvCert; loser: nssArena_Destroy(arena); - return (NSSCertificate *)NULL; + return (NSSCert *)NULL; } /* XXX */ -NSS_IMPLEMENT NSSCertificate * -nssCertificate_CreateIndexCert ( +NSS_IMPLEMENT NSSCert * +nssCert_CreateIndexCert ( NSSDER *issuer, NSSDER *serial ) { - NSSCertificate *c = nss_ZNEW(NULL, NSSCertificate); + NSSCert *c = nss_ZNEW(NULL, NSSCert); if (c) { c->issuer = *issuer; c->serial = *serial; @@ -209,9 +209,9 @@ nssCertificate_CreateIndexCert ( return c; } -NSS_IMPLEMENT NSSCertificate * -nssCertificate_AddRef ( - NSSCertificate *c +NSS_IMPLEMENT NSSCert * +nssCert_AddRef ( + NSSCert *c ) { if (c) { @@ -221,14 +221,14 @@ nssCertificate_AddRef ( } NSS_IMPLEMENT PRStatus -nssCertificate_Destroy ( - NSSCertificate *c +nssCert_Destroy ( + NSSCert *c ) { PRBool destroyed; if (c) { void *dc = c->decoding.data; - NSSCertificateMethods *methods = c->decoding.methods; + NSSCertMethods *methods = c->decoding.methods; destroyed = nssPKIObject_Destroy(&c->object); if (destroyed) { if (dc) { @@ -240,16 +240,16 @@ nssCertificate_Destroy ( } NSS_IMPLEMENT PRStatus -NSSCertificate_Destroy ( - NSSCertificate *c +NSSCert_Destroy ( + NSSCert *c ) { - return nssCertificate_Destroy(c); + return nssCert_Destroy(c); } NSS_IMPLEMENT PRUint32 -nssCertificate_Hash ( - NSSCertificate *c +nssCert_Hash ( + NSSCert *c ) { PRUint32 i; @@ -262,8 +262,8 @@ nssCertificate_Hash ( } NSS_IMPLEMENT NSSDER * -nssCertificate_GetEncoding ( - NSSCertificate *c +nssCert_GetEncoding ( + NSSCert *c ) { if (c->encoding.size > 0 && c->encoding.data) { @@ -274,8 +274,8 @@ nssCertificate_GetEncoding ( } NSS_IMPLEMENT NSSDER * -nssCertificate_GetIssuer ( - NSSCertificate *c +nssCert_GetIssuer ( + NSSCert *c ) { if (c->issuer.size > 0 && c->issuer.data) { @@ -286,16 +286,16 @@ nssCertificate_GetIssuer ( } NSS_IMPLEMENT NSSDER * -NSSCertificate_GetIssuer ( - NSSCertificate *c +NSSCert_GetIssuer ( + NSSCert *c ) { - return nssCertificate_GetIssuer(c); + return nssCert_GetIssuer(c); } NSS_IMPLEMENT NSSDER * -nssCertificate_GetSerialNumber ( - NSSCertificate *c +nssCert_GetSerialNumber ( + NSSCert *c ) { if (c->serial.size > 0 && c->serial.data) { @@ -306,16 +306,16 @@ nssCertificate_GetSerialNumber ( } NSS_IMPLEMENT NSSDER * -NSSCertificate_GetSerialNumber ( - NSSCertificate *c +NSSCert_GetSerialNumber ( + NSSCert *c ) { - return nssCertificate_GetSerialNumber(c); + return nssCert_GetSerialNumber(c); } NSS_IMPLEMENT NSSDER * -nssCertificate_GetSubject ( - NSSCertificate *c +nssCert_GetSubject ( + NSSCert *c ) { if (c->subject.size > 0 && c->subject.data) { @@ -326,8 +326,8 @@ nssCertificate_GetSubject ( } NSS_IMPLEMENT PRStatus -nssCertificate_SetNickname ( - NSSCertificate *c, +nssCert_SetNickname ( + NSSCert *c, NSSToken *tokenOpt, NSSUTF8 *nickname ) @@ -336,8 +336,8 @@ nssCertificate_SetNickname ( } NSS_IMPLEMENT NSSUTF8 * -nssCertificate_GetNickname ( - NSSCertificate *c, +nssCert_GetNickname ( + NSSCert *c, NSSToken *tokenOpt ) { @@ -345,8 +345,8 @@ nssCertificate_GetNickname ( } NSS_IMPLEMENT NSSToken * -nssCertificate_GetWriteToken ( - NSSCertificate *c, +nssCert_GetWriteToken ( + NSSCert *c, nssSession **rvSessionOpt ) { @@ -354,25 +354,25 @@ nssCertificate_GetWriteToken ( } NSS_IMPLEMENT NSSUTF8 * -NSSCertificate_GetNickname ( - NSSCertificate *c, +NSSCert_GetNickname ( + NSSCert *c, NSSToken *tokenOpt ) { - return nssCertificate_GetNickname(c, tokenOpt); + return nssCert_GetNickname(c, tokenOpt); } NSS_IMPLEMENT NSSASCII7 * -nssCertificate_GetEmailAddress ( - NSSCertificate *c +nssCert_GetEmailAddress ( + NSSCert *c ) { return c->email; } static nssCertDecoding * -nssCertificate_GetDecoding ( - NSSCertificate *c +nssCert_GetDecoding ( + NSSCert *c ) { if (!c->decoding.data) { @@ -382,35 +382,35 @@ nssCertificate_GetDecoding ( } NSS_IMPLEMENT void * -NSSCertificate_GetDecoding ( - NSSCertificate *c +NSSCert_GetDecoding ( + NSSCert *c ) { nssCertDecoding *dc; - dc = nssCertificate_GetDecoding(c); + dc = nssCert_GetDecoding(c); if (dc) { return dc->data; } return (void *)NULL; } -NSS_EXTERN NSSCertificateType -NSSCertificate_GetType ( - NSSCertificate *c +NSS_EXTERN NSSCertType +NSSCert_GetType ( + NSSCert *c ) { return c->kind; } NSS_IMPLEMENT NSSUsages * -nssCertificate_GetUsages ( - NSSCertificate *c, +nssCert_GetUsages ( + NSSCert *c, PRStatus *statusOpt ) { PRStatus status; - nssCertDecoding *dc = nssCertificate_GetDecoding(c); + nssCertDecoding *dc = nssCert_GetDecoding(c); if (statusOpt) *statusOpt = PR_SUCCESS; if (dc) { if (!dc->haveUsages) { @@ -437,14 +437,14 @@ get_validity_period(nssCertDecoding *dc) /* XXX */ NSS_IMPLEMENT PRBool -nssCertificate_IsValidAtTime ( - NSSCertificate *c, +nssCert_IsValidAtTime ( + NSSCert *c, NSSTime time, PRStatus *statusOpt ) { PRStatus status; - nssCertDecoding *dc = nssCertificate_GetDecoding(c); + nssCertDecoding *dc = nssCert_GetDecoding(c); if (statusOpt) *statusOpt = PR_FAILURE; if (dc) { status = get_validity_period(dc); @@ -462,14 +462,14 @@ nssCertificate_IsValidAtTime ( /* XXX */ /* note this isn't the same as CERT_IsNewer, but doesn't intend to be */ NSS_IMPLEMENT PRBool -nssCertificate_IsNewer ( - NSSCertificate *c1, - NSSCertificate *c2, +nssCert_IsNewer ( + NSSCert *c1, + NSSCert *c2, PRStatus *statusOpt ) { - nssCertDecoding *dc1 = nssCertificate_GetDecoding(c1); - nssCertDecoding *dc2 = nssCertificate_GetDecoding(c2); + nssCertDecoding *dc1 = nssCert_GetDecoding(c1); + nssCertDecoding *dc2 = nssCert_GetDecoding(c2); if (statusOpt) *statusOpt = PR_SUCCESS; /* get the times from the decoding */ if (get_validity_period(dc1) == PR_FAILURE) { @@ -484,9 +484,9 @@ nssCertificate_IsNewer ( } NSS_IMPLEMENT PRBool -nssCertificate_IssuerAndSerialEqual ( - NSSCertificate *c1, - NSSCertificate *c2 +nssCert_IssuerAndSerialEqual ( + NSSCert *c1, + NSSCert *c2 ) { return (nssItem_Equal(&c1->issuer, &c2->issuer, NULL) && @@ -494,8 +494,8 @@ nssCertificate_IssuerAndSerialEqual ( } NSS_IMPLEMENT void -nssCertificate_SetVolatileDomain ( - NSSCertificate *c, +nssCert_SetVolatileDomain ( + NSSCert *c, NSSVolatileDomain *vd ) { @@ -504,32 +504,32 @@ nssCertificate_SetVolatileDomain ( } NSS_IMPLEMENT NSSVolatileDomain * -nssCertificate_GetVolatileDomain ( - NSSCertificate *c +nssCert_GetVolatileDomain ( + NSSCert *c ) { return c->object.vd; } NSS_IMPLEMENT NSSTrustDomain * -nssCertificate_GetTrustDomain ( - NSSCertificate *c +nssCert_GetTrustDomain ( + NSSCert *c ) { return c->object.td; } NSS_IMPLEMENT NSSTrustDomain * -NSSCertificate_GetTrustDomain ( - NSSCertificate *c +NSSCert_GetTrustDomain ( + NSSCert *c ) { - return nssCertificate_GetTrustDomain(c); + return nssCert_GetTrustDomain(c); } NSS_IMPLEMENT NSSToken ** -nssCertificate_GetTokens ( - NSSCertificate *c, +nssCert_GetTokens ( + NSSCert *c, PRStatus *statusOpt ) { @@ -537,17 +537,17 @@ nssCertificate_GetTokens ( } NSS_IMPLEMENT NSSToken ** -NSSCertificate_GetTokens ( - NSSCertificate *c, +NSSCert_GetTokens ( + NSSCert *c, PRStatus *statusOpt ) { - return nssCertificate_GetTokens(c, statusOpt); + return nssCert_GetTokens(c, statusOpt); } NSS_IMPLEMENT NSSSlot * -NSSCertificate_GetSlot ( - NSSCertificate *c, +NSSCert_GetSlot ( + NSSCert *c, PRStatus *statusOpt ) { @@ -555,8 +555,8 @@ NSSCertificate_GetSlot ( } NSS_IMPLEMENT NSSModule * -NSSCertificate_GetModule ( - NSSCertificate *c, +NSSCert_GetModule ( + NSSCert *c, PRStatus *statusOpt ) { @@ -564,8 +564,8 @@ NSSCertificate_GetModule ( } NSS_IMPLEMENT nssCryptokiObject * -nssCertificate_FindInstanceForAlgorithm ( - NSSCertificate *c, +nssCert_FindInstanceForAlgorithm ( + NSSCert *c, NSSAlgNParam *ap ) { @@ -573,8 +573,8 @@ nssCertificate_FindInstanceForAlgorithm ( } NSS_IMPLEMENT PRStatus -nssCertificate_DeleteStoredObject ( - NSSCertificate *c, +nssCert_DeleteStoredObject ( + NSSCert *c, NSSCallback *uhh ) { @@ -582,17 +582,17 @@ nssCertificate_DeleteStoredObject ( } NSS_IMPLEMENT PRStatus -NSSCertificate_DeleteStoredObject ( - NSSCertificate *c, +NSSCert_DeleteStoredObject ( + NSSCert *c, NSSCallback *uhh ) { - return nssCertificate_DeleteStoredObject(c, uhh); + return nssCert_DeleteStoredObject(c, uhh); } NSS_IMPLEMENT PRStatus -nssCertificate_CopyToToken ( - NSSCertificate *c, +nssCert_CopyToToken ( + NSSCert *c, NSSToken *token, NSSUTF8 *nicknameOpt ) @@ -605,7 +605,7 @@ nssCertificate_CopyToToken ( if (!rwSession) { return PR_FAILURE; } - instance = nssToken_ImportCertificate(token, rwSession, + instance = nssToken_ImportCert(token, rwSession, c->kind, NULL, nicknameOpt, &c->encoding, &c->issuer, &c->subject, &c->serial, @@ -623,7 +623,7 @@ nssCertificate_CopyToToken ( static NSSUsage get_trusted_usage ( - NSSCertificate *c, + NSSCert *c, PRBool asCA, PRStatus *status ) @@ -636,7 +636,7 @@ get_trusted_usage ( checkLevel = asCA ? nssTrustLevel_TrustedDelegator : nssTrustLevel_Trusted; /* XXX needs to be cached with cert */ - trust = nssTrustDomain_FindTrustForCertificate(c->object.td, c); + trust = nssTrustDomain_FindTrustForCert(c->object.td, c); if (!trust) { if (NSS_GetError() == NSS_ERROR_NO_ERROR) { *status = PR_SUCCESS; @@ -664,7 +664,7 @@ get_trusted_usage ( static PRStatus validate_and_discover_trust ( - NSSCertificate *c, + NSSCert *c, NSSTime time, NSSUsage usage, NSSPolicies *policiesOpt, @@ -680,7 +680,7 @@ validate_and_discover_trust ( *trusted = PR_FALSE; /* First verify the time is within the cert's validity period */ - if (!nssCertificate_IsValidAtTime(c, time, &status)) { + if (!nssCert_IsValidAtTime(c, time, &status)) { if (status == PR_SUCCESS) { /* The function was successful, so we own the error */ nss_SetError(NSS_ERROR_CERTIFICATE_NOT_VALID_AT_TIME); @@ -696,7 +696,7 @@ validate_and_discover_trust ( } /* Verify the cert is capable of the desired set of usages */ - certUsages = nssCertificate_GetUsages(c, &status); + certUsages = nssCert_GetUsages(c, &status); if (status == PR_FAILURE) { return PR_FAILURE; } @@ -715,15 +715,15 @@ validate_and_discover_trust ( static PRStatus validate_chain_link ( - NSSCertificate *subjectCert, - NSSCertificate *issuerCert, + NSSCert *subjectCert, + NSSCert *issuerCert, void **vData ) { PRStatus status; nssCertDecoding *dcs; - dcs = nssCertificate_GetDecoding(subjectCert); + dcs = nssCert_GetDecoding(subjectCert); if (!dcs) { return PR_FAILURE; } @@ -751,16 +751,16 @@ validate_chain_link ( #if 0 static PRBool cert_in_chain_revoked ( - NSSCertificate **chain, + NSSCert **chain, PRStatus *status ) { - NSSCertificate **cp; + NSSCert **cp; nssCRL *crl; for (cp = chain; *cp; cp++) { crl = nssTrustDomain_FindCRLBySubject(td, subject); if (crl) { - status = nssCRL_FindCertificate(*cp); + status = nssCRL_FindCert(*cp); } } /* If OCSP is enabled, check revocation status of the cert */ @@ -774,8 +774,8 @@ cert_in_chain_revoked ( #endif NSS_IMPLEMENT PRStatus -nssCertificate_Validate ( - NSSCertificate *c, +nssCert_Validate ( + NSSCert *c, NSSTime time, NSSUsages *usages, NSSPolicies *policiesOpt @@ -785,14 +785,14 @@ nssCertificate_Validate ( PRBool asCA; PRBool trusted = PR_FALSE; PRBool atRoot = PR_FALSE; - NSSCertificate **cp, **chain; - NSSCertificate *subjectCert = NULL; - NSSCertificate *issuerCert = NULL; + NSSCert **cp, **chain; + NSSCert *subjectCert = NULL; + NSSCert *issuerCert = NULL; NSSUsage usage; void *vData = NULL; /* Build the chain (this cert will be first) */ - chain = nssCertificate_BuildChain(c, time, usages, policiesOpt, + chain = nssCert_BuildChain(c, time, usages, policiesOpt, NULL, 0, NULL, &status); if (status == PR_FAILURE) { return PR_FAILURE; @@ -857,25 +857,25 @@ check_revocation: #endif done: - nssCertificateArray_Destroy(chain); + nssCertArray_Destroy(chain); return status; } NSS_IMPLEMENT PRStatus -NSSCertificate_Validate ( - NSSCertificate *c, +NSSCert_Validate ( + NSSCert *c, NSSTime time, NSSUsages *usages, NSSPolicies *policiesOpt ) { - return nssCertificate_Validate(c, time, usages, policiesOpt); + return nssCert_Validate(c, time, usages, policiesOpt); } #if 0 struct NSSValidationErrorStr { - NSSCertificate *c; + NSSCert *c; NSSUsage usage; NSSError error; PRUint32 level; @@ -883,8 +883,8 @@ struct NSSValidationErrorStr #endif NSS_IMPLEMENT void ** /* void *[] */ -NSSCertificate_ValidateCompletely ( - NSSCertificate *c, +NSSCert_ValidateCompletely ( + NSSCert *c, NSSTime time, /* NULL for "now" */ NSSUsages *usages, NSSPolicies *policiesOpt, /* NULL for none */ @@ -898,8 +898,8 @@ NSSCertificate_ValidateCompletely ( } NSS_IMPLEMENT PRStatus -NSSCertificate_ValidateAndDiscoverUsagesAndPolicies ( - NSSCertificate *c, +NSSCert_ValidateAndDiscoverUsagesAndPolicies ( + NSSCert *c, NSSTime **notBeforeOutOpt, NSSTime **notAfterOutOpt, void *allowedUsages, @@ -915,8 +915,8 @@ NSSCertificate_ValidateAndDiscoverUsagesAndPolicies ( } NSS_IMPLEMENT NSSUsages * -nssCertificate_GetTrustedUsages ( - NSSCertificate *c, +nssCert_GetTrustedUsages ( + NSSCert *c, NSSUsages *usagesOpt ) { @@ -943,23 +943,23 @@ nssCertificate_GetTrustedUsages ( } NSS_IMPLEMENT NSSUsages * -NSSCertificate_GetTrustedUsages ( - NSSCertificate *c, +NSSCert_GetTrustedUsages ( + NSSCert *c, NSSUsages *usagesOpt ) { - return nssCertificate_GetTrustedUsages(c, usagesOpt); + return nssCert_GetTrustedUsages(c, usagesOpt); } NSS_IMPLEMENT PRBool -nssCertificate_IsTrustedForUsages ( - NSSCertificate *c, +nssCert_IsTrustedForUsages ( + NSSCert *c, NSSUsages *usages, PRStatus *statusOpt ) { NSSUsages certUsages; - if (nssCertificate_GetTrustedUsages(c, &certUsages) == NULL) { + if (nssCert_GetTrustedUsages(c, &certUsages) == NULL) { if (statusOpt) *statusOpt = PR_FAILURE; return PR_FALSE; } @@ -1031,8 +1031,8 @@ nssTrust_CreateNull ( } NSS_IMPLEMENT PRStatus -nssCertificate_SetTrustedUsages ( - NSSCertificate *c, +nssCert_SetTrustedUsages ( + NSSCert *c, NSSUsages *usages ) { @@ -1043,7 +1043,7 @@ nssCertificate_SetTrustedUsages ( nssCryptokiObject *instance; /* XXX needs to be cached with cert */ - trust = nssTrustDomain_FindTrustForCertificate(c->object.td, c); + trust = nssTrustDomain_FindTrustForCert(c->object.td, c); if (trust) { token = nssTrust_GetWriteToken(trust, &session); nssTrust_Clear(trust); @@ -1057,7 +1057,7 @@ nssCertificate_SetTrustedUsages ( if (!trust) { return PR_FAILURE; } - token = nssCertificate_GetWriteToken(c, &session); + token = nssCert_GetWriteToken(c, &session); if (!token) { /* XXX should extract from trust domain */ PR_ASSERT(0); @@ -1089,17 +1089,17 @@ nssCertificate_SetTrustedUsages ( } NSS_IMPLEMENT PRStatus -NSSCertificate_SetTrustedUsages ( - NSSCertificate *c, +NSSCert_SetTrustedUsages ( + NSSCert *c, NSSUsages *usages ) { - return nssCertificate_SetTrustedUsages(c, usages); + return nssCert_SetTrustedUsages(c, usages); } NSS_IMPLEMENT NSSDER * -nssCertificate_Encode ( - NSSCertificate *c, +nssCert_Encode ( + NSSCert *c, NSSDER *rvOpt, NSSArena *arenaOpt ) @@ -1108,57 +1108,57 @@ nssCertificate_Encode ( } NSS_IMPLEMENT NSSDER * -NSSCertificate_Encode ( - NSSCertificate *c, +NSSCert_Encode ( + NSSCert *c, NSSDER *rvOpt, NSSArena *arenaOpt ) { - return nssCertificate_Encode(c, rvOpt, arenaOpt); + return nssCert_Encode(c, rvOpt, arenaOpt); } -static NSSCertificate * +static NSSCert * filter_subject_certs_for_id ( - NSSCertificate **subjectCerts, + NSSCert **subjectCerts, void *id ) { - NSSCertificate **si; - NSSCertificate *rvCert = NULL; + NSSCert **si; + NSSCert *rvCert = NULL; /* walk the subject certs */ for (si = subjectCerts; *si; si++) { - nssCertDecoding *dcp = nssCertificate_GetDecoding(*si); + nssCertDecoding *dcp = nssCert_GetDecoding(*si); if (dcp->methods->isMyIdentifier(dcp->data, id)) { /* this cert has the correct identifier */ - rvCert = nssCertificate_AddRef(*si); + rvCert = nssCert_AddRef(*si); break; } } return rvCert; } -static NSSCertificate * +static NSSCert * find_cert_issuer ( - NSSCertificate *c, + NSSCert *c, NSSTime time, NSSUsages *usagesOpt, NSSPolicies *policiesOpt ) { - NSSCertificate **issuers = NULL; - NSSCertificate *issuer = NULL; + NSSCert **issuers = NULL; + NSSCert *issuer = NULL; NSSTrustDomain *td; NSSVolatileDomain *vd; - vd = nssCertificate_GetVolatileDomain(c); - td = nssCertificate_GetTrustDomain(c); + vd = nssCert_GetVolatileDomain(c); + td = nssCert_GetTrustDomain(c); if (vd) { - issuers = nssVolatileDomain_FindCertificatesBySubject(vd, + issuers = nssVolatileDomain_FindCertsBySubject(vd, &c->issuer, NULL, 0, NULL); } else { - issuers = nssTrustDomain_FindCertificatesBySubject(td, + issuers = nssTrustDomain_FindCertsBySubject(td, &c->issuer, NULL, 0, @@ -1167,7 +1167,7 @@ find_cert_issuer ( if (issuers) { nssCertDecoding *dc = NULL; void *issuerID = NULL; - dc = nssCertificate_GetDecoding(c); + dc = nssCert_GetDecoding(c); if (dc) { issuerID = dc->methods->getIssuerIdentifier(dc->data); } @@ -1175,12 +1175,12 @@ find_cert_issuer ( issuer = filter_subject_certs_for_id(issuers, issuerID); dc->methods->freeIdentifier(issuerID); } else { - issuer = nssCertificateArray_FindBestCertificate(issuers, + issuer = nssCertArray_FindBestCert(issuers, time, usagesOpt, policiesOpt); } - nssCertificateArray_Destroy(issuers); + nssCertArray_Destroy(issuers); } return issuer; } @@ -1189,32 +1189,32 @@ find_cert_issuer ( * this function is not using the authCertIssuer field as a fallback * if authority key id does not exist */ -NSS_IMPLEMENT NSSCertificate ** -nssCertificate_BuildChain ( - NSSCertificate *c, +NSS_IMPLEMENT NSSCert ** +nssCert_BuildChain ( + NSSCert *c, NSSTime time, NSSUsages *usagesOpt, NSSPolicies *policiesOpt, - NSSCertificate **rvOpt, + NSSCert **rvOpt, PRUint32 rvLimit, NSSArena *arenaOpt, PRStatus *statusOpt ) { PRStatus status; - NSSCertificate **rvChain; + NSSCert **rvChain; NSSTrustDomain *td; nssPKIObjectCollection *collection; NSSUsages usages = { 0 }; - td = NSSCertificate_GetTrustDomain(c); + td = NSSCert_GetTrustDomain(c); if (statusOpt) *statusOpt = PR_SUCCESS; /* initialize the collection with the current cert */ - collection = nssCertificateCollection_Create(td, NULL); + collection = nssCertCollection_Create(td, NULL); if (!collection) { if (statusOpt) *statusOpt = PR_FAILURE; - return (NSSCertificate **)NULL; + return (NSSCert **)NULL; } nssPKIObjectCollection_AddObject(collection, (nssPKIObject *)c); if (rvLimit == 1) { @@ -1230,7 +1230,7 @@ nssCertificate_BuildChain ( c = find_cert_issuer(c, time, usagesOpt, policiesOpt); if (c) { nssPKIObjectCollection_AddObject(collection, (nssPKIObject *)c); - nssCertificate_Destroy(c); /* collection has it */ + nssCert_Destroy(c); /* collection has it */ if (rvLimit > 0 && nssPKIObjectCollection_Count(collection) == rvLimit) { @@ -1243,7 +1243,7 @@ nssCertificate_BuildChain ( } } finish: - rvChain = nssPKIObjectCollection_GetCertificates(collection, + rvChain = nssPKIObjectCollection_GetCerts(collection, rvOpt, rvLimit, arenaOpt); @@ -1251,25 +1251,25 @@ finish: return rvChain; } -NSS_IMPLEMENT NSSCertificate ** -NSSCertificate_BuildChain ( - NSSCertificate *c, +NSS_IMPLEMENT NSSCert ** +NSSCert_BuildChain ( + NSSCert *c, NSSTime time, NSSUsages *usagesOpt, NSSPolicies *policiesOpt, - NSSCertificate **rvOpt, + NSSCert **rvOpt, PRUint32 rvLimit, /* zero for no limit */ NSSArena *arenaOpt, PRStatus *statusOpt ) { - return nssCertificate_BuildChain(c, time, usagesOpt, policiesOpt, + return nssCert_BuildChain(c, time, usagesOpt, policiesOpt, rvOpt, rvLimit, arenaOpt, statusOpt); } NSS_IMPLEMENT NSSItem * -NSSCertificate_Encrypt ( - NSSCertificate *c, +NSSCert_Encrypt ( + NSSCert *c, const NSSAlgNParam *apOpt, NSSItem *data, NSSTime time, @@ -1285,8 +1285,8 @@ NSSCertificate_Encrypt ( } NSS_IMPLEMENT PRStatus -NSSCertificate_Verify ( - NSSCertificate *c, +NSSCert_Verify ( + NSSCert *c, const NSSAlgNParam *apOpt, NSSItem *data, NSSItem *signature, @@ -1301,8 +1301,8 @@ NSSCertificate_Verify ( } NSS_IMPLEMENT NSSItem * -NSSCertificate_VerifyRecover ( - NSSCertificate *c, +NSSCert_VerifyRecover ( + NSSCert *c, const NSSAlgNParam *apOpt, NSSItem *signature, NSSTime time, @@ -1318,10 +1318,10 @@ NSSCertificate_VerifyRecover ( } NSS_IMPLEMENT NSSItem * -nssCertificate_WrapSymmetricKey ( - NSSCertificate *c, +nssCert_WrapSymKey ( + NSSCert *c, const NSSAlgNParam *ap, - NSSSymmetricKey *keyToWrap, + NSSSymKey *keyToWrap, NSSTime time, NSSUsages *usages, NSSPolicies *policiesOpt, @@ -1335,22 +1335,22 @@ nssCertificate_WrapSymmetricKey ( /* XXX do some validation */ - pubKey = nssCertificate_GetPublicKey(c); + pubKey = nssCert_GetPublicKey(c); if (!pubKey) { return (NSSItem *)NULL; } - wrap = nssPublicKey_WrapSymmetricKey(pubKey, ap, keyToWrap, + wrap = nssPublicKey_WrapSymKey(pubKey, ap, keyToWrap, uhh, rvOpt, arenaOpt); nssPublicKey_Destroy(pubKey); return wrap; } NSS_IMPLEMENT NSSItem * -NSSCertificate_WrapSymmetricKey ( - NSSCertificate *c, +NSSCert_WrapSymKey ( + NSSCert *c, const NSSAlgNParam *ap, - NSSSymmetricKey *keyToWrap, + NSSSymKey *keyToWrap, NSSTime time, NSSUsages *usages, NSSPolicies *policiesOpt, @@ -1359,14 +1359,14 @@ NSSCertificate_WrapSymmetricKey ( NSSArena *arenaOpt ) { - return nssCertificate_WrapSymmetricKey(c, ap, keyToWrap, + return nssCert_WrapSymKey(c, ap, keyToWrap, time, usages, policiesOpt, uhh, rvOpt, arenaOpt); } NSS_IMPLEMENT NSSCryptoContext * -NSSCertificate_CreateCryptoContext ( - NSSCertificate *c, +NSSCert_CreateCryptoContext ( + NSSCert *c, const NSSAlgNParam *apOpt, NSSTime time, NSSUsages *usages, @@ -1379,15 +1379,15 @@ NSSCertificate_CreateCryptoContext ( } NSS_IMPLEMENT NSSPublicKey * -nssCertificate_GetPublicKey ( - NSSCertificate *c +nssCert_GetPublicKey ( + NSSCert *c ) { PRStatus status; NSSToken **tokens, **tp; nssCryptokiObject *instance = NULL; - NSSTrustDomain *td = nssCertificate_GetTrustDomain(c); - NSSVolatileDomain *vd = nssCertificate_GetVolatileDomain(c); + NSSTrustDomain *td = nssCert_GetTrustDomain(c); + NSSVolatileDomain *vd = nssCert_GetVolatileDomain(c); /* first look for a persistent object in the trust domain */ tokens = nssPKIObject_GetTokens(&c->object, &status); @@ -1419,7 +1419,7 @@ nssCertificate_GetPublicKey ( } else { NSSOID *keyAlg; NSSBitString keyBits; - nssCertDecoding *dc = nssCertificate_GetDecoding(c); + nssCertDecoding *dc = nssCert_GetDecoding(c); /* create an ephemeral pubkey object, either in the cert's * volatile domain (if it exists), or as a standalone object @@ -1435,23 +1435,23 @@ nssCertificate_GetPublicKey ( } NSS_IMPLEMENT NSSPublicKey * -NSSCertificate_GetPublicKey ( - NSSCertificate *c +NSSCert_GetPublicKey ( + NSSCert *c ) { - return nssCertificate_GetPublicKey(c); + return nssCert_GetPublicKey(c); } NSS_IMPLEMENT NSSPrivateKey * -nssCertificate_FindPrivateKey ( - NSSCertificate *c, +nssCert_FindPrivateKey ( + NSSCert *c, NSSCallback *uhh ) { PRStatus status; NSSToken **tokens, **tp; nssCryptokiObject *instance; - NSSTrustDomain *td = nssCertificate_GetTrustDomain(c); + NSSTrustDomain *td = nssCert_GetTrustDomain(c); tokens = nssPKIObject_GetTokens(&c->object, &status); if (!tokens) { @@ -1498,17 +1498,17 @@ nssCertificate_FindPrivateKey ( } NSS_IMPLEMENT NSSPrivateKey * -NSSCertificate_FindPrivateKey ( - NSSCertificate *c, +NSSCert_FindPrivateKey ( + NSSCert *c, NSSCallback *uhh ) { - return nssCertificate_FindPrivateKey(c, uhh); + return nssCert_FindPrivateKey(c, uhh); } NSS_IMPLEMENT PRBool -nssCertificate_IsPrivateKeyAvailable ( - NSSCertificate *c, +nssCert_IsPrivateKeyAvailable ( + NSSCert *c, NSSCallback *uhh, PRStatus *statusOpt ) @@ -1516,7 +1516,7 @@ nssCertificate_IsPrivateKeyAvailable ( PRStatus status; NSSToken **tokens, **tp; nssCryptokiObject *instance = NULL; - NSSTrustDomain *td = nssCertificate_GetTrustDomain(c); + NSSTrustDomain *td = nssCert_GetTrustDomain(c); PRBool isLoggedIn; tokens = nssPKIObject_GetTokens(&c->object, &status); if (!tokens) { @@ -1552,18 +1552,18 @@ nssCertificate_IsPrivateKeyAvailable ( } NSS_IMPLEMENT PRBool -NSSCertificate_IsPrivateKeyAvailable ( - NSSCertificate *c, +NSSCert_IsPrivateKeyAvailable ( + NSSCert *c, NSSCallback *uhh, PRStatus *statusOpt ) { - return nssCertificate_IsPrivateKeyAvailable(c, uhh, statusOpt); + return nssCert_IsPrivateKeyAvailable(c, uhh, statusOpt); } NSS_IMPLEMENT PRBool -NSSUserCertificate_IsStillPresent ( - NSSUserCertificate *uc, +NSSUserCert_IsStillPresent ( + NSSUserCert *uc, PRStatus *statusOpt ) { @@ -1572,8 +1572,8 @@ NSSUserCertificate_IsStillPresent ( } NSS_IMPLEMENT NSSItem * -NSSUserCertificate_Decrypt ( - NSSUserCertificate *uc, +NSSUserCert_Decrypt ( + NSSUserCert *uc, const NSSAlgNParam *apOpt, NSSItem *data, NSSTime time, @@ -1589,8 +1589,8 @@ NSSUserCertificate_Decrypt ( } NSS_IMPLEMENT NSSItem * -NSSUserCertificate_Sign ( - NSSUserCertificate *uc, +NSSUserCert_Sign ( + NSSUserCert *uc, const NSSAlgNParam *apOpt, NSSItem *data, NSSTime time, @@ -1606,8 +1606,8 @@ NSSUserCertificate_Sign ( } NSS_IMPLEMENT NSSItem * -NSSUserCertificate_SignRecover ( - NSSUserCertificate *uc, +NSSUserCert_SignRecover ( + NSSUserCert *uc, const NSSAlgNParam *apOpt, NSSItem *data, NSSTime time, @@ -1622,9 +1622,9 @@ NSSUserCertificate_SignRecover ( return NULL; } -NSS_IMPLEMENT NSSSymmetricKey * -NSSUserCertificate_UnwrapSymmetricKey ( - NSSUserCertificate *uc, +NSS_IMPLEMENT NSSSymKey * +NSSUserCert_UnwrapSymKey ( + NSSUserCert *uc, const NSSAlgNParam *apOpt, NSSItem *wrappedKey, NSSTime time, @@ -1639,10 +1639,10 @@ NSSUserCertificate_UnwrapSymmetricKey ( return NULL; } -NSS_IMPLEMENT NSSSymmetricKey * -NSSUserCertificate_DeriveSymmetricKey ( - NSSUserCertificate *uc, /* provides private key */ - NSSCertificate *c, /* provides public key */ +NSS_IMPLEMENT NSSSymKey * +NSSUserCert_DeriveSymKey ( + NSSUserCert *uc, /* provides private key */ + NSSCert *c, /* provides public key */ const NSSAlgNParam *apOpt, NSSOID *target, PRUint32 keySizeOpt, /* zero for best allowed */ @@ -1742,7 +1742,7 @@ nssTrust_Destroy ( struct nssSMIMEProfileStr { nssPKIObject object; - NSSCertificate *certificate; + NSSCert *certificate; NSSASCII7 *email; NSSDER *subject; NSSItem *profileTime; @@ -1751,7 +1751,7 @@ struct nssSMIMEProfileStr NSS_IMPLEMENT nssSMIMEProfile * nssSMIMEProfile_Create ( - NSSCertificate *cert, + NSSCert *cert, NSSItem *profileTime, NSSItem *profileData ) @@ -1760,8 +1760,8 @@ nssSMIMEProfile_Create ( NSSArena *arena; nssSMIMEProfile *rvProfile; nssPKIObject *object; - NSSTrustDomain *td = nssCertificate_GetTrustDomain(cert); - NSSCryptoContext *cc = nssCertificate_GetCryptoContext(cert); + NSSTrustDomain *td = nssCert_GetTrustDomain(cert); + NSSCryptoContext *cc = nssCert_GetCryptoContext(cert); arena = nssArena_Create(); if (!arena) { return NULL; diff --git a/security/nss/lib/pki/cryptocontext.c b/security/nss/lib/pki/cryptocontext.c index 72ccd8a55..fd0af5e6b 100644 --- a/security/nss/lib/pki/cryptocontext.c +++ b/security/nss/lib/pki/cryptocontext.c @@ -71,10 +71,10 @@ struct NSSCryptoContextStr nssCryptokiObject *key; /* key used for crypto */ nssCryptokiObject *bkey; /* public key of user cert */ union { - NSSSymmetricKey *mkey; + NSSSymKey *mkey; NSSPublicKey *bkey; NSSPrivateKey *vkey; - NSSCertificate *cert; + NSSCert *cert; } u; /* the distinguished object */ pki_object_type which; }; @@ -116,19 +116,19 @@ nssCryptoContext_Create ( } NSS_IMPLEMENT NSSCryptoContext * -nssCryptoContext_CreateForSymmetricKey ( - NSSSymmetricKey *mkey, +nssCryptoContext_CreateForSymKey ( + NSSSymKey *mkey, const NSSAlgNParam *apOpt, NSSCallback *uhhOpt ) { NSSCryptoContext *rvCC; - NSSTrustDomain *td = nssSymmetricKey_GetTrustDomain(mkey, NULL); + NSSTrustDomain *td = nssSymKey_GetTrustDomain(mkey, NULL); rvCC = nssCryptoContext_Create(td, apOpt, uhhOpt); if (rvCC) { rvCC->which = a_symkey; - rvCC->u.mkey = nssSymmetricKey_AddRef(mkey); + rvCC->u.mkey = nssSymKey_AddRef(mkey); } return rvCC; } @@ -140,10 +140,10 @@ nssCryptoContext_Destroy ( { PRStatus status = PR_SUCCESS; switch (cc->which) { - case a_cert: nssCertificate_Destroy(cc->u.cert); break; + case a_cert: nssCert_Destroy(cc->u.cert); break; case a_pubkey: nssPublicKey_Destroy(cc->u.bkey); break; case a_privkey: nssPrivateKey_Destroy(cc->u.vkey); break; - case a_symkey: nssSymmetricKey_Destroy(cc->u.mkey); break; + case a_symkey: nssSymKey_Destroy(cc->u.mkey); break; default: break; } if (cc->key) { @@ -282,7 +282,7 @@ prepare_context_symmetric_key ( /* and the token can do the operation */ if (!cc->key) { /* get a key instance from it */ - cc->key = nssSymmetricKey_GetInstance(cc->u.mkey, cc->token); + cc->key = nssSymKey_GetInstance(cc->u.mkey, cc->token); } /* else we already have a key instance */ } else { /* the token can't do the math, so this context won't work */ @@ -290,7 +290,7 @@ prepare_context_symmetric_key ( } } else { /* find an instance of the key that will do the operation */ - cc->key = nssSymmetricKey_FindInstanceForAlgorithm(cc->u.mkey, cc->ap); + cc->key = nssSymKey_FindInstanceForAlgorithm(cc->u.mkey, cc->ap); if (cc->key) { /* okay, now we know what token to use */ cc->token = nssToken_AddRef(cc->key->token); @@ -307,7 +307,7 @@ prepare_context_symmetric_key ( * the token, copy it there as a temp (session) object */ if (!cc->key) { - cc->key = nssSymmetricKey_CopyToToken(cc->u.mkey, cc->token, + cc->key = nssSymKey_CopyToToken(cc->u.mkey, cc->token, PR_FALSE); if (!cc->key) { goto loser; @@ -335,7 +335,7 @@ prepare_context_private_key ( NSSPrivateKey *vkey = NULL; if (cc->which == a_cert) { /* try to get the key from the cert */ - vkey = nssCertificate_FindPrivateKey(cc->u.cert, cc->callback); + vkey = nssCert_FindPrivateKey(cc->u.cert, cc->callback); if (!vkey) { goto loser; } @@ -410,7 +410,7 @@ prepare_context_public_key ( NSSPublicKey *bkey = NULL; if (cc->which == a_cert) { /* try to get the key from the cert */ - bkey = nssCertificate_GetPublicKey(cc->u.cert); + bkey = nssCert_GetPublicKey(cc->u.cert); if (!bkey) { goto loser; } @@ -891,8 +891,8 @@ NSSCryptoContext_SignRecover ( } #if 0 -NSS_IMPLEMENT NSSSymmetricKey * -nssCryptoContext_UnwrapSymmetricKey ( +NSS_IMPLEMENT NSSSymKey * +nssCryptoContext_UnwrapSymKey ( NSSCryptoContext *cc, const NSSAlgNParam *apOpt, NSSItem *wrappedKey, @@ -904,11 +904,11 @@ nssCryptoContext_UnwrapSymmetricKey ( const NSSAlgNParam *ap = apOpt ? apOpt : cc->ap; if (!ap) { nss_SetError(NSS_ERROR_INVALID_CRYPTO_CONTEXT); - return (NSSSymmetricKey *)NULL; + return (NSSSymKey *)NULL; } /* set up the private key */ if (prepare_context_private_key(cc, ap) == PR_FAILURE) { - return (NSSSymmetricKey *)NULL; + return (NSSSymKey *)NULL; } /* do the unwrap */ cc->mko = nssToken_UnwrapKey(cc->token, cc->session, ap, cc->vko, @@ -921,12 +921,12 @@ nssCryptoContext_UnwrapSymmetricKey ( if (!pkio) { goto loser; } - cc->mk = nssSymmetricKey_Create(pkio); + cc->mk = nssSymKey_Create(pkio); if (!cc->mk) { nssPKIObject_Destroy(pkio); goto loser; } - return nssSymmetricKey_AddRef(cc->mk); + return nssSymKey_AddRef(cc->mk); } loser: if (cc->mko) { @@ -934,11 +934,11 @@ loser: cc->mko = NULL; } nss_SetError(NSS_ERROR_INVALID_CRYPTO_CONTEXT); - return (NSSSymmetricKey *)NULL; + return (NSSSymKey *)NULL; } -NSS_IMPLEMENT NSSSymmetricKey * -NSSCryptoContext_UnwrapSymmetricKey ( +NSS_IMPLEMENT NSSSymKey * +NSSCryptoContext_UnwrapSymKey ( NSSCryptoContext *cc, const NSSAlgNParam *apOpt, NSSItem *wrappedKey, @@ -949,9 +949,9 @@ NSSCryptoContext_UnwrapSymmetricKey ( { if (!cc->vk && !cc->cert) { nss_SetError(NSS_ERROR_INVALID_CRYPTO_CONTEXT); - return (NSSSymmetricKey *)NULL; + return (NSSSymKey *)NULL; } - return nssCryptoContext_UnwrapSymmetricKey(cc, apOpt, + return nssCryptoContext_UnwrapSymKey(cc, apOpt, wrappedKey, uhhOpt, operations, properties); } @@ -1115,10 +1115,10 @@ NSSCryptoContext_VerifyRecover ( #if 0 NSS_IMPLEMENT NSSItem * -nssCryptoContext_WrapSymmetricKey ( +nssCryptoContext_WrapSymKey ( NSSCryptoContext *cc, const NSSAlgNParam *apOpt, - NSSSymmetricKey *keyToWrap, + NSSSymKey *keyToWrap, NSSCallback *uhhOpt, NSSItem *rvOpt, NSSArena *arenaOpt @@ -1130,7 +1130,7 @@ nssCryptoContext_WrapSymmetricKey ( return (NSSItem *)NULL; } /* set the context's symkey to the key to wrap */ - cc->mk = nssSymmetricKey_AddRef(keyToWrap); + cc->mk = nssSymKey_AddRef(keyToWrap); /* initialize the context with the symkey first */ if (prepare_context_symmetric_key(cc, ap) == PR_FAILURE) { /* didn't find a token that could do the operation */ @@ -1147,10 +1147,10 @@ nssCryptoContext_WrapSymmetricKey ( } NSS_IMPLEMENT NSSItem * -NSSCryptoContext_WrapSymmetricKey ( +NSSCryptoContext_WrapSymKey ( NSSCryptoContext *cc, const NSSAlgNParam *apOpt, - NSSSymmetricKey *keyToWrap, + NSSSymKey *keyToWrap, NSSCallback *uhhOpt, NSSItem *rvOpt, NSSArena *arenaOpt @@ -1160,7 +1160,7 @@ NSSCryptoContext_WrapSymmetricKey ( nss_SetError(NSS_ERROR_INVALID_CRYPTO_CONTEXT); return (NSSItem *)NULL; } - return nssCryptoContext_WrapSymmetricKey(cc, apOpt, keyToWrap, + return nssCryptoContext_WrapSymKey(cc, apOpt, keyToWrap, uhhOpt, rvOpt, arenaOpt); } #endif diff --git a/security/nss/lib/pki/nsspki.h b/security/nss/lib/pki/nsspki.h index 519fdeaba..63995a112 100644 --- a/security/nss/lib/pki/nsspki.h +++ b/security/nss/lib/pki/nsspki.h @@ -105,7 +105,7 @@ PR_BEGIN_EXTERN_C */ /* - * NSSCertificate + * NSSCert * * These things can do crypto ops like public keys, except that the trust, * usage, and other constraints are checked. These objects are "high-level," @@ -115,18 +115,18 @@ PR_BEGIN_EXTERN_C */ /* - * NSSCertificate_Destroy + * NSSCert_Destroy * * Free a pointer to a certificate object. */ NSS_EXTERN PRStatus -NSSCertificate_Destroy ( - NSSCertificate *c +NSSCert_Destroy ( + NSSCert *c ); /* - * NSSCertificate_DeleteStoredObject + * NSSCert_DeleteStoredObject * * Permanently remove this certificate from storage. If this is the * only (remaining) certificate corresponding to a private key, @@ -135,31 +135,31 @@ NSSCertificate_Destroy ( */ NSS_EXTERN PRStatus -NSSCertificate_DeleteStoredObject ( - NSSCertificate *c, +NSSCert_DeleteStoredObject ( + NSSCert *c, NSSCallback *uhh ); /* - * NSSCertificate_Validate + * NSSCert_Validate * * Verify that this certificate is trusted, for the specified usage(s), * at the specified time, {word word} the specified policies. */ NSS_EXTERN PRStatus -NSSCertificate_Validate ( - NSSCertificate *c, +NSSCert_Validate ( + NSSCert *c, NSSTime time, NSSUsages *usages, NSSPolicies *policiesOpt /* NULL for none */ ); /* - * NSSCertificate_ValidateCompletely + * NSSCert_ValidateCompletely * * Verify that this certificate is trusted. The difference between - * this and the previous call is that NSSCertificate_Validate merely + * this and the previous call is that NSSCert_Validate merely * returns success or failure with an appropriate error stack. * However, there may be (and often are) multiple problems with a * certificate. This routine returns an array of errors, specifying @@ -173,8 +173,8 @@ NSSCertificate_Validate ( */ NSS_EXTERN void ** /* void *[] */ -NSSCertificate_ValidateCompletely ( - NSSCertificate *c, +NSSCert_ValidateCompletely ( + NSSCert *c, NSSTime time, /* NULL for "now" */ NSSUsages *usages, NSSPolicies *policiesOpt, /* NULL for none */ @@ -184,14 +184,14 @@ NSSCertificate_ValidateCompletely ( ); /* - * NSSCertificate_ValidateAndDiscoverUsagesAndPolicies + * NSSCert_ValidateAndDiscoverUsagesAndPolicies * * Returns PR_SUCCESS if the certificate is valid for at least something. */ NSS_EXTERN PRStatus -NSSCertificate_ValidateAndDiscoverUsagesAndPolicies ( - NSSCertificate *c, +NSSCert_ValidateAndDiscoverUsagesAndPolicies ( + NSSCert *c, NSSTime **notBeforeOutOpt, NSSTime **notAfterOutOpt, void *allowedUsages, @@ -203,33 +203,33 @@ NSSCertificate_ValidateAndDiscoverUsagesAndPolicies ( ); NSS_EXTERN NSSUsages * -NSSCertificate_GetTrustedUsages ( - NSSCertificate *c, +NSSCert_GetTrustedUsages ( + NSSCert *c, NSSUsages *usagesOpt ); NSS_EXTERN PRStatus -NSSCertificate_SetTrustedUsages ( - NSSCertificate *c, +NSSCert_SetTrustedUsages ( + NSSCert *c, NSSUsages *usages ); /* - * NSSCertificate_Encode + * NSSCert_Encode * */ NSS_EXTERN NSSDER * -NSSCertificate_Encode ( - NSSCertificate *c, +NSSCert_Encode ( + NSSCert *c, NSSDER *rvOpt, NSSArena *arenaOpt ); /* - * NSSCertificate_BuildChain + * NSSCert_BuildChain * - * This routine returns NSSCertificate *'s for each certificate + * This routine returns NSSCert *'s for each certificate * in the "chain" starting from the specified one up to and * including the root. The zeroth element in the array is the * specified ("leaf") certificate. @@ -242,86 +242,86 @@ NSSCertificate_Encode ( */ -NSS_EXTERN NSSCertificate ** -NSSCertificate_BuildChain ( - NSSCertificate *c, +NSS_EXTERN NSSCert ** +NSSCert_BuildChain ( + NSSCert *c, NSSTime time, NSSUsages *usagesOpt, NSSPolicies *policiesOpt, - NSSCertificate **rvOpt, + NSSCert **rvOpt, PRUint32 rvLimit, /* zero for no limit */ NSSArena *arenaOpt, PRStatus *statusOpt ); /* - * NSSCertificate_GetTrustDomain + * NSSCert_GetTrustDomain * */ NSS_EXTERN NSSTrustDomain * -NSSCertificate_GetTrustDomain ( - NSSCertificate *c +NSSCert_GetTrustDomain ( + NSSCert *c ); /* - * NSSCertificate_GetToken + * NSSCert_GetToken * * There doesn't have to be any. */ NSS_EXTERN NSSToken ** -NSSCertificate_GetTokens ( - NSSCertificate *c, +NSSCert_GetTokens ( + NSSCert *c, PRStatus *statusOpt ); /* - * NSSCertificate_GetSlot + * NSSCert_GetSlot * * There doesn't have to be one. */ NSS_EXTERN NSSSlot * -NSSCertificate_GetSlot ( - NSSCertificate *c, +NSSCert_GetSlot ( + NSSCert *c, PRStatus *statusOpt ); /* - * NSSCertificate_GetModule + * NSSCert_GetModule * * There doesn't have to be one. */ NSS_EXTERN NSSModule * -NSSCertificate_GetModule ( - NSSCertificate *c, +NSSCert_GetModule ( + NSSCert *c, PRStatus *statusOpt ); /* XXX make sure this is right */ NSS_EXTERN void * -NSSCertificate_GetDecoding ( - NSSCertificate *c +NSSCert_GetDecoding ( + NSSCert *c ); /* XXX make sure this is right */ -NSS_EXTERN NSSCertificateType -NSSCertificate_GetType ( - NSSCertificate *c +NSS_EXTERN NSSCertType +NSSCert_GetType ( + NSSCert *c ); /* - * NSSCertificate_Encrypt + * NSSCert_Encrypt * * Encrypt a single chunk of data with the public key corresponding to * this certificate. */ NSS_EXTERN NSSItem * -NSSCertificate_Encrypt ( - NSSCertificate *c, +NSSCert_Encrypt ( + NSSCert *c, const NSSAlgNParam *apOpt, NSSItem *data, NSSTime time, @@ -333,13 +333,13 @@ NSSCertificate_Encrypt ( ); /* - * NSSCertificate_Verify + * NSSCert_Verify * */ NSS_EXTERN PRStatus -NSSCertificate_Verify ( - NSSCertificate *c, +NSSCert_Verify ( + NSSCert *c, const NSSAlgNParam *apOpt, NSSItem *data, NSSItem *signature, @@ -350,13 +350,13 @@ NSSCertificate_Verify ( ); /* - * NSSCertificate_VerifyRecover + * NSSCert_VerifyRecover * */ NSS_EXTERN NSSItem * -NSSCertificate_VerifyRecover ( - NSSCertificate *c, +NSSCert_VerifyRecover ( + NSSCert *c, const NSSAlgNParam *apOpt, NSSItem *signature, NSSTime time, @@ -368,7 +368,7 @@ NSSCertificate_VerifyRecover ( ); /* - * NSSCertificate_WrapSymmetricKey + * NSSCert_WrapSymKey * * This method tries very hard to to succeed, even in situations * involving sensitive keys and multiple modules. @@ -376,10 +376,10 @@ NSSCertificate_VerifyRecover ( */ NSS_EXTERN NSSItem * -NSSCertificate_WrapSymmetricKey ( - NSSCertificate *c, +NSSCert_WrapSymKey ( + NSSCert *c, const NSSAlgNParam *ap, - NSSSymmetricKey *keyToWrap, + NSSSymKey *keyToWrap, NSSTime time, NSSUsages *usages, NSSPolicies *policiesOpt, @@ -389,15 +389,15 @@ NSSCertificate_WrapSymmetricKey ( ); /* - * NSSCertificate_CreateCryptoContext + * NSSCert_CreateCryptoContext * * Create a crypto context, in this certificate's trust domain, with this * as the distinguished certificate. */ NSS_EXTERN NSSCryptoContext * -NSSCertificate_CreateCryptoContext ( - NSSCertificate *c, +NSSCert_CreateCryptoContext ( + NSSCert *c, const NSSAlgNParam *apOpt, NSSTime time, NSSUsages *usages, @@ -406,68 +406,68 @@ NSSCertificate_CreateCryptoContext ( ); /* - * NSSCertificate_GetPublicKey + * NSSCert_GetPublicKey * * Returns the public key corresponding to this certificate. */ NSS_EXTERN NSSPublicKey * -NSSCertificate_GetPublicKey ( - NSSCertificate *c +NSSCert_GetPublicKey ( + NSSCert *c ); /* - * NSSCertificate_FindPrivateKey + * NSSCert_FindPrivateKey * * Finds and returns the private key corresponding to this certificate, * if it is available. * - * { Should this hang off of NSSUserCertificate? } + * { Should this hang off of NSSUserCert? } */ NSS_EXTERN NSSPrivateKey * -NSSCertificate_FindPrivateKey ( - NSSCertificate *c, +NSSCert_FindPrivateKey ( + NSSCert *c, NSSCallback *uhh ); /* - * NSSCertificate_IsPrivateKeyAvailable + * NSSCert_IsPrivateKeyAvailable * * Returns success if the private key corresponding to this certificate * is available to be used. * - * { Should *this* hang off of NSSUserCertificate?? } + * { Should *this* hang off of NSSUserCert?? } */ NSS_EXTERN PRBool -NSSCertificate_IsPrivateKeyAvailable ( - NSSCertificate *c, +NSSCert_IsPrivateKeyAvailable ( + NSSCert *c, NSSCallback *uhh, PRStatus *statusOpt ); /* - * If we make NSSUserCertificate not a typedef of NSSCertificate, + * If we make NSSUserCert not a typedef of NSSCert, * then we'll need implementations of the following: * - * NSSUserCertificate_Destroy - * NSSUserCertificate_DeleteStoredObject - * NSSUserCertificate_Validate - * NSSUserCertificate_ValidateCompletely - * NSSUserCertificate_ValidateAndDiscoverUsagesAndPolicies - * NSSUserCertificate_Encode - * NSSUserCertificate_BuildChain - * NSSUserCertificate_GetTrustDomain - * NSSUserCertificate_GetToken - * NSSUserCertificate_GetSlot - * NSSUserCertificate_GetModule - * NSSUserCertificate_GetCryptoContext - * NSSUserCertificate_GetPublicKey + * NSSUserCert_Destroy + * NSSUserCert_DeleteStoredObject + * NSSUserCert_Validate + * NSSUserCert_ValidateCompletely + * NSSUserCert_ValidateAndDiscoverUsagesAndPolicies + * NSSUserCert_Encode + * NSSUserCert_BuildChain + * NSSUserCert_GetTrustDomain + * NSSUserCert_GetToken + * NSSUserCert_GetSlot + * NSSUserCert_GetModule + * NSSUserCert_GetCryptoContext + * NSSUserCert_GetPublicKey */ /* - * NSSUserCertificate_IsStillPresent + * NSSUserCert_IsStillPresent * * Verify that if this certificate lives on a token, that the token * is still present and the certificate still exists. This is a @@ -477,21 +477,21 @@ NSSCertificate_IsPrivateKeyAvailable ( */ NSS_EXTERN PRBool -NSSUserCertificate_IsStillPresent ( - NSSUserCertificate *uc, +NSSUserCert_IsStillPresent ( + NSSUserCert *uc, PRStatus *statusOpt ); /* - * NSSUserCertificate_Decrypt + * NSSUserCert_Decrypt * * Decrypt a single chunk of data with the private key corresponding * to this certificate. */ NSS_EXTERN NSSItem * -NSSUserCertificate_Decrypt ( - NSSUserCertificate *uc, +NSSUserCert_Decrypt ( + NSSUserCert *uc, const NSSAlgNParam *apOpt, NSSItem *data, NSSTime time, @@ -503,13 +503,13 @@ NSSUserCertificate_Decrypt ( ); /* - * NSSUserCertificate_Sign + * NSSUserCert_Sign * */ NSS_EXTERN NSSItem * -NSSUserCertificate_Sign ( - NSSUserCertificate *uc, +NSSUserCert_Sign ( + NSSUserCert *uc, const NSSAlgNParam *apOpt, NSSItem *data, NSSTime time, @@ -521,13 +521,13 @@ NSSUserCertificate_Sign ( ); /* - * NSSUserCertificate_SignRecover + * NSSUserCert_SignRecover * */ NSS_EXTERN NSSItem * -NSSUserCertificate_SignRecover ( - NSSUserCertificate *uc, +NSSUserCert_SignRecover ( + NSSUserCert *uc, const NSSAlgNParam *apOpt, NSSItem *data, NSSTime time, @@ -539,13 +539,13 @@ NSSUserCertificate_SignRecover ( ); /* - * NSSUserCertificate_UnwrapSymmetricKey + * NSSUserCert_UnwrapSymKey * */ -NSS_EXTERN NSSSymmetricKey * -NSSUserCertificate_UnwrapSymmetricKey ( - NSSUserCertificate *uc, +NSS_EXTERN NSSSymKey * +NSSUserCert_UnwrapSymKey ( + NSSUserCert *uc, const NSSAlgNParam *apOpt, NSSItem *wrappedKey, NSSTime time, @@ -557,14 +557,14 @@ NSSUserCertificate_UnwrapSymmetricKey ( ); /* - * NSSUserCertificate_DeriveSymmetricKey + * NSSUserCert_DeriveSymKey * */ -NSS_EXTERN NSSSymmetricKey * -NSSUserCertificate_DeriveSymmetricKey ( - NSSUserCertificate *uc, /* provides private key */ - NSSCertificate *c, /* provides public key */ +NSS_EXTERN NSSSymKey * +NSSUserCert_DeriveSymKey ( + NSSUserCert *uc, /* provides private key */ + NSSCert *c, /* provides public key */ const NSSAlgNParam *apOpt, NSSOID *target, PRUint32 keySizeOpt, /* zero for best allowed */ @@ -746,12 +746,12 @@ NSSPrivateKey_SignRecover ( ); /* - * NSSPrivateKey_UnwrapSymmetricKey + * NSSPrivateKey_UnwrapSymKey * */ -NSS_EXTERN NSSSymmetricKey * -NSSPrivateKey_UnwrapSymmetricKey ( +NSS_EXTERN NSSSymKey * +NSSPrivateKey_UnwrapSymKey ( NSSPrivateKey *vk, const NSSAlgNParam *apOpt, NSSItem *wrappedKey, @@ -759,12 +759,12 @@ NSSPrivateKey_UnwrapSymmetricKey ( ); /* - * NSSPrivateKey_DeriveSymmetricKey + * NSSPrivateKey_DeriveSymKey * */ -NSS_EXTERN NSSSymmetricKey * -NSSPrivateKey_DeriveSymmetricKey ( +NSS_EXTERN NSSSymKey * +NSSPrivateKey_DeriveSymKey ( NSSPrivateKey *vk, NSSPublicKey *bk, const NSSAlgNParam *apOpt, @@ -800,30 +800,30 @@ NSSPrivateKey_CreateCryptoContext ( ); /* - * NSSPrivateKey_FindCertificates + * NSSPrivateKey_FindCerts * * Note that there may be more than one certificate for this - * private key. { FilterCertificates function to further + * private key. { FilterCerts function to further * reduce the list. } */ -NSS_EXTERN NSSCertificate ** -NSSPrivateKey_FindCertificates ( +NSS_EXTERN NSSCert ** +NSSPrivateKey_FindCerts ( NSSPrivateKey *vk, - NSSCertificate *rvOpt[], + NSSCert *rvOpt[], PRUint32 maximumOpt, /* 0 for no max */ NSSArena *arenaOpt ); /* - * NSSPrivateKey_FindBestCertificate + * NSSPrivateKey_FindBestCert * * The parameters for this function will depend on what the users * need. This is just a starting point. */ -NSS_EXTERN NSSCertificate * -NSSPrivateKey_FindBestCertificate ( +NSS_EXTERN NSSCert * +NSSPrivateKey_FindBestCert ( NSSPrivateKey *vk, NSSTime time, NSSUsages *usagesOpt, @@ -972,15 +972,15 @@ NSSPublicKey_VerifyRecover ( ); /* - * NSSPublicKey_WrapSymmetricKey + * NSSPublicKey_WrapSymKey * */ NSS_EXTERN NSSItem * -NSSPublicKey_WrapSymmetricKey ( +NSSPublicKey_WrapSymKey ( NSSPublicKey *bk, const NSSAlgNParam *ap, - NSSSymmetricKey *keyToWrap, + NSSSymKey *keyToWrap, NSSCallback *uhh, NSSItem *rvOpt, NSSArena *arenaOpt @@ -1001,33 +1001,33 @@ NSSPublicKey_CreateCryptoContext ( ); /* - * NSSPublicKey_FindCertificates + * NSSPublicKey_FindCerts * * Note that there may be more than one certificate for this * public key. The current implementation may not find every * last certificate available for this public key: that would * involve trolling e.g. huge ldap databases, which will be * grossly inefficient and not generally useful. - * { FilterCertificates function to further reduce the list } + * { FilterCerts function to further reduce the list } */ -NSS_EXTERN NSSCertificate ** -NSSPublicKey_FindCertificates ( +NSS_EXTERN NSSCert ** +NSSPublicKey_FindCerts ( NSSPublicKey *bk, - NSSCertificate *rvOpt[], + NSSCert *rvOpt[], PRUint32 maximumOpt, /* 0 for no max */ NSSArena *arenaOpt ); /* - * NSSPrivateKey_FindBestCertificate + * NSSPrivateKey_FindBestCert * * The parameters for this function will depend on what the users * need. This is just a starting point. */ -NSS_EXTERN NSSCertificate * -NSSPublicKey_FindBestCertificate ( +NSS_EXTERN NSSCert * +NSSPublicKey_FindBestCert ( NSSPublicKey *bk, NSSTime time, NSSUsages *usagesOpt, @@ -1046,119 +1046,119 @@ NSSPublicKey_FindPrivateKey ( ); /* - * NSSSymmetricKey + * NSSSymKey * */ /* - * NSSSymmetricKey_Destroy + * NSSSymKey_Destroy * * Free a pointer to a symmetric key object. */ NSS_EXTERN PRStatus -NSSSymmetricKey_Destroy ( - NSSSymmetricKey *mk +NSSSymKey_Destroy ( + NSSSymKey *mk ); /* - * NSSSymmetricKey_DeleteStoredObject + * NSSSymKey_DeleteStoredObject * * Permanently remove this object. */ NSS_EXTERN PRStatus -NSSSymmetricKey_DeleteStoredObject ( - NSSSymmetricKey *mk, +NSSSymKey_DeleteStoredObject ( + NSSSymKey *mk, NSSCallback *uhh ); /* - * NSSSymmetricKey_GetKeyLength + * NSSSymKey_GetKeyLength * */ NSS_EXTERN PRUint32 -NSSSymmetricKey_GetKeyLength ( - NSSSymmetricKey *mk +NSSSymKey_GetKeyLength ( + NSSSymKey *mk ); /* - * NSSSymmetricKey_GetKeyStrength + * NSSSymKey_GetKeyStrength * */ NSS_EXTERN PRUint32 -NSSSymmetricKey_GetKeyStrength ( - NSSSymmetricKey *mk +NSSSymKey_GetKeyStrength ( + NSSSymKey *mk ); /* - * NSSSymmetricKey_IsStillPresent + * NSSSymKey_IsStillPresent * */ NSS_EXTERN PRStatus -NSSSymmetricKey_IsStillPresent ( - NSSSymmetricKey *mk +NSSSymKey_IsStillPresent ( + NSSSymKey *mk ); /* - * NSSSymmetricKey_GetTrustDomain + * NSSSymKey_GetTrustDomain * * There doesn't have to be one. */ NSS_EXTERN NSSTrustDomain * -NSSSymmetricKey_GetTrustDomain ( - NSSSymmetricKey *mk, +NSSSymKey_GetTrustDomain ( + NSSSymKey *mk, PRStatus *statusOpt ); /* - * NSSSymmetricKey_GetToken + * NSSSymKey_GetToken * * There doesn't have to be one. */ NSS_EXTERN NSSToken * -NSSSymmetricKey_GetToken ( - NSSSymmetricKey *mk, +NSSSymKey_GetToken ( + NSSSymKey *mk, PRStatus *statusOpt ); /* - * NSSSymmetricKey_GetSlot + * NSSSymKey_GetSlot * * There doesn't have to be one. */ NSS_EXTERN NSSSlot * -NSSSymmetricKey_GetSlot ( - NSSSymmetricKey *mk, +NSSSymKey_GetSlot ( + NSSSymKey *mk, PRStatus *statusOpt ); /* - * NSSSymmetricKey_GetModule + * NSSSymKey_GetModule * * There doesn't have to be one. */ NSS_EXTERN NSSModule * -NSSSymmetricKey_GetModule ( - NSSSymmetricKey *mk, +NSSSymKey_GetModule ( + NSSSymKey *mk, PRStatus *statusOpt ); /* - * NSSSymmetricKey_Encrypt + * NSSSymKey_Encrypt * */ NSS_EXTERN NSSItem * -NSSSymmetricKey_Encrypt ( - NSSSymmetricKey *mk, +NSSSymKey_Encrypt ( + NSSSymKey *mk, const NSSAlgNParam *ap, NSSItem *data, NSSCallback *uhh, @@ -1167,13 +1167,13 @@ NSSSymmetricKey_Encrypt ( ); /* - * NSSSymmetricKey_Decrypt + * NSSSymKey_Decrypt * */ NSS_EXTERN NSSItem * -NSSSymmetricKey_Decrypt ( - NSSSymmetricKey *mk, +NSSSymKey_Decrypt ( + NSSSymKey *mk, const NSSAlgNParam *ap, NSSItem *encryptedData, NSSCallback *uhh, @@ -1182,13 +1182,13 @@ NSSSymmetricKey_Decrypt ( ); /* - * NSSSymmetricKey_Sign + * NSSSymKey_Sign * */ NSS_EXTERN NSSItem * -NSSSymmetricKey_Sign ( - NSSSymmetricKey *mk, +NSSSymKey_Sign ( + NSSSymKey *mk, const NSSAlgNParam *ap, NSSItem *data, NSSCallback *uhh, @@ -1197,13 +1197,13 @@ NSSSymmetricKey_Sign ( ); /* - * NSSSymmetricKey_Verify + * NSSSymKey_Verify * */ NSS_EXTERN PRStatus -NSSSymmetricKey_Verify ( - NSSSymmetricKey *mk, +NSSSymKey_Verify ( + NSSSymKey *mk, const NSSAlgNParam *ap, NSSItem *data, NSSItem *signature, @@ -1211,28 +1211,28 @@ NSSSymmetricKey_Verify ( ); /* - * NSSSymmetricKey_WrapSymmetricKey + * NSSSymKey_WrapSymKey * */ NSS_EXTERN NSSItem * -NSSSymmetricKey_WrapSymmetricKey ( - NSSSymmetricKey *wrappingKey, +NSSSymKey_WrapSymKey ( + NSSSymKey *wrappingKey, const NSSAlgNParam *ap, - NSSSymmetricKey *keyToWrap, + NSSSymKey *keyToWrap, NSSCallback *uhh, NSSItem *rvOpt, NSSArena *arenaOpt ); /* - * NSSSymmetricKey_WrapPrivateKey + * NSSSymKey_WrapPrivateKey * */ NSS_EXTERN NSSItem * -NSSSymmetricKey_WrapPrivateKey ( - NSSSymmetricKey *wrappingKey, +NSSSymKey_WrapPrivateKey ( + NSSSymKey *wrappingKey, const NSSAlgNParam *ap, NSSPrivateKey *keyToWrap, NSSCallback *uhh, @@ -1241,13 +1241,13 @@ NSSSymmetricKey_WrapPrivateKey ( ); /* - * NSSSymmetricKey_UnwrapSymmetricKey + * NSSSymKey_UnwrapSymKey * */ -NSS_EXTERN NSSSymmetricKey * -NSSSymmetricKey_UnwrapSymmetricKey ( - NSSSymmetricKey *wrappingKey, +NSS_EXTERN NSSSymKey * +NSSSymKey_UnwrapSymKey ( + NSSSymKey *wrappingKey, const NSSAlgNParam *ap, NSSItem *wrappedKey, NSSOID *target, @@ -1257,13 +1257,13 @@ NSSSymmetricKey_UnwrapSymmetricKey ( ); /* - * NSSSymmetricKey_UnwrapPrivateKey + * NSSSymKey_UnwrapPrivateKey * */ NSS_EXTERN NSSPrivateKey * -NSSSymmetricKey_UnwrapPrivateKey ( - NSSSymmetricKey *wrappingKey, +NSSSymKey_UnwrapPrivateKey ( + NSSSymKey *wrappingKey, const NSSAlgNParam *ap, NSSItem *wrappedKey, NSSUTF8 *labelOpt, @@ -1275,30 +1275,30 @@ NSSSymmetricKey_UnwrapPrivateKey ( ); /* - * NSSSymmetricKey_DeriveSymmetricKey + * NSSSymKey_DeriveSymKey * */ -NSS_EXTERN NSSSymmetricKey * -NSSSymmetricKey_DeriveSymmetricKey ( - NSSSymmetricKey *originalKey, +NSS_EXTERN NSSSymKey * +NSSSymKey_DeriveSymKey ( + NSSSymKey *originalKey, const NSSAlgNParam *ap, - NSSSymmetricKeyType target, + NSSSymKeyType target, PRUint32 keySizeOpt, NSSOperations operations, NSSCallback *uhh ); /* - * NSSSymmetricKey_CreateCryptoContext + * NSSSymKey_CreateCryptoContext * * Create a crypto context, in this key's trust domain, * with this as the distinguished symmetric key. */ NSS_EXTERN NSSCryptoContext * -NSSSymmetricKey_CreateCryptoContext ( - NSSSymmetricKey *mk, +NSSSymKey_CreateCryptoContext ( + NSSSymKey *mk, const NSSAlgNParam *apOpt, NSSCallback *uhh ); @@ -1526,39 +1526,39 @@ NSSTrustDomain_Logout ( /* Importing things */ /* - * NSSTrustDomain_ImportCertificate + * NSSTrustDomain_ImportCert * * The implementation will pull some data out of the certificate * (e.g. e-mail address) for use in pkcs#11 object attributes. */ -NSS_EXTERN NSSCertificate * -NSSTrustDomain_ImportCertificate ( +NSS_EXTERN NSSCert * +NSSTrustDomain_ImportCert ( NSSTrustDomain *td, - NSSCertificate *c, + NSSCert *c, NSSToken *destinationOpt ); /* - * NSSTrustDomain_ImportPKIXCertificate + * NSSTrustDomain_ImportPKIXCert * */ -NSS_EXTERN NSSCertificate * -NSSTrustDomain_ImportPKIXCertificate ( +NSS_EXTERN NSSCert * +NSSTrustDomain_ImportPKIXCert ( NSSTrustDomain *td, /* declared as a struct until these "data types" are defined */ - struct NSSPKIXCertificateStr *pc + struct NSSPKIXCertStr *pc ); /* - * NSSTrustDomain_ImportEncodedCertificate + * NSSTrustDomain_ImportEncodedCert * * Imports any type of certificate we support. */ -NSS_EXTERN NSSCertificate * -NSSTrustDomain_ImportEncodedCertificate ( +NSS_EXTERN NSSCert * +NSSTrustDomain_ImportEncodedCert ( NSSTrustDomain *td, NSSBER *ber, NSSToken *destinationOpt, @@ -1566,16 +1566,16 @@ NSSTrustDomain_ImportEncodedCertificate ( ); /* - * NSSTrustDomain_ImportEncodedCertificateChain + * NSSTrustDomain_ImportEncodedCertChain * * If you just want the leaf, pass in a maximum of one. */ -NSS_EXTERN NSSCertificate ** -NSSTrustDomain_ImportEncodedCertificateChain ( +NSS_EXTERN NSSCert ** +NSSTrustDomain_ImportEncodedCertChain ( NSSTrustDomain *td, NSSBER *ber, - NSSCertificate *rvOpt[], + NSSCert *rvOpt[], PRUint32 maximumOpt, /* 0 for no max */ NSSArena *arenaOpt, NSSToken *destinationOpt @@ -1620,12 +1620,12 @@ NSSTrustDomain_ImportEncodedCRL ( /* Other importations: S/MIME capabilities */ /* - * NSSTrustDomain_FindBestCertificateByNickname + * NSSTrustDomain_FindBestCertByNickname * */ -NSS_EXTERN NSSCertificate * -NSSTrustDomain_FindBestCertificateByNickname ( +NSS_EXTERN NSSCert * +NSSTrustDomain_FindBestCertByNickname ( NSSTrustDomain *td, NSSUTF8 *name, NSSTime time, @@ -1634,33 +1634,33 @@ NSSTrustDomain_FindBestCertificateByNickname ( ); /* - * NSSTrustDomain_FindCertificatesByNickname + * NSSTrustDomain_FindCertsByNickname * */ -NSS_EXTERN NSSCertificate ** -NSSTrustDomain_FindCertificatesByNickname ( +NSS_EXTERN NSSCert ** +NSSTrustDomain_FindCertsByNickname ( NSSTrustDomain *td, NSSUTF8 *name, - NSSCertificate *rvOpt[], + NSSCert *rvOpt[], PRUint32 maximumOpt, /* 0 for no max */ NSSArena *arenaOpt ); /* - * NSSTrustDomain_FindCertificateByIssuerAndSerialNumber + * NSSTrustDomain_FindCertByIssuerAndSerialNumber * */ -NSS_EXTERN NSSCertificate * -NSSTrustDomain_FindCertificateByIssuerAndSerialNumber ( +NSS_EXTERN NSSCert * +NSSTrustDomain_FindCertByIssuerAndSerialNumber ( NSSTrustDomain *td, NSSDER *issuer, NSSDER *serialNumber ); /* - * NSSTrustDomain_FindCertificatesByIssuerAndSerialNumber + * NSSTrustDomain_FindCertsByIssuerAndSerialNumber * * Theoretically, this should never happen. However, some companies * we know have issued duplicate certificates with the same issuer @@ -1668,13 +1668,13 @@ NSSTrustDomain_FindCertificateByIssuerAndSerialNumber ( */ /* - * NSSTrustDomain_FindBestCertificateBySubject + * NSSTrustDomain_FindBestCertBySubject * * This does not search through alternate names hidden in extensions. */ -NSS_EXTERN NSSCertificate * -NSSTrustDomain_FindBestCertificateBySubject ( +NSS_EXTERN NSSCert * +NSSTrustDomain_FindBestCertBySubject ( NSSTrustDomain *td, NSSDER *subject, NSSTime time, @@ -1683,22 +1683,22 @@ NSSTrustDomain_FindBestCertificateBySubject ( ); /* - * NSSTrustDomain_FindCertificatesBySubject + * NSSTrustDomain_FindCertsBySubject * * This does not search through alternate names hidden in extensions. */ -NSS_EXTERN NSSCertificate ** -NSSTrustDomain_FindCertificatesBySubject ( +NSS_EXTERN NSSCert ** +NSSTrustDomain_FindCertsBySubject ( NSSTrustDomain *td, NSSDER *subject, - NSSCertificate *rvOpt[], + NSSCert *rvOpt[], PRUint32 maximumOpt, /* 0 for no max */ NSSArena *arenaOpt ); /* - * NSSTrustDomain_FindBestCertificateByNameComponents + * NSSTrustDomain_FindBestCertByNameComponents * * This call does try several tricks, including a pseudo pkcs#11 * attribute for the ldap module to try as a query. Eventually @@ -1706,8 +1706,8 @@ NSSTrustDomain_FindCertificatesBySubject ( * It will search through alternate names hidden in extensions. */ -NSS_EXTERN NSSCertificate * -NSSTrustDomain_FindBestCertificateByNameComponents ( +NSS_EXTERN NSSCert * +NSSTrustDomain_FindBestCertByNameComponents ( NSSTrustDomain *td, NSSUTF8 *nameComponents, NSSTime time, @@ -1716,40 +1716,40 @@ NSSTrustDomain_FindBestCertificateByNameComponents ( ); /* - * NSSTrustDomain_FindCertificatesByNameComponents + * NSSTrustDomain_FindCertsByNameComponents * * This call, too, tries several tricks. It will stop on the first * attempt that generates results, so it won't e.g. traverse the * entire ldap database. */ -NSS_EXTERN NSSCertificate ** -NSSTrustDomain_FindCertificatesByNameComponents ( +NSS_EXTERN NSSCert ** +NSSTrustDomain_FindCertsByNameComponents ( NSSTrustDomain *td, NSSUTF8 *nameComponents, - NSSCertificate *rvOpt[], + NSSCert *rvOpt[], PRUint32 maximumOpt, /* 0 for no max */ NSSArena *arenaOpt ); /* - * NSSTrustDomain_FindCertificateByEncodedCertificate + * NSSTrustDomain_FindCertByEncodedCert * */ -NSS_EXTERN NSSCertificate * -NSSTrustDomain_FindCertificateByEncodedCertificate ( +NSS_EXTERN NSSCert * +NSSTrustDomain_FindCertByEncodedCert ( NSSTrustDomain *td, - NSSBER *encodedCertificate + NSSBER *encodedCert ); /* - * NSSTrustDomain_FindBestCertificateByEmail + * NSSTrustDomain_FindBestCertByEmail * */ -NSS_EXTERN NSSCertificate * -NSSTrustDomain_FindBestCertificateByEmail ( +NSS_EXTERN NSSCert * +NSSTrustDomain_FindBestCertByEmail ( NSSTrustDomain *td, NSSASCII7 *email, NSSTime time, @@ -1758,33 +1758,33 @@ NSSTrustDomain_FindBestCertificateByEmail ( ); /* - * NSSTrustDomain_FindCertificatesByEmail + * NSSTrustDomain_FindCertsByEmail * */ -NSS_EXTERN NSSCertificate ** -NSSTrustDomain_FindCertificatesByEmail ( +NSS_EXTERN NSSCert ** +NSSTrustDomain_FindCertsByEmail ( NSSTrustDomain *td, NSSASCII7 *email, - NSSCertificate *rvOpt[], + NSSCert *rvOpt[], PRUint32 maximumOpt, /* 0 for no max */ NSSArena *arenaOpt ); /* - * NSSTrustDomain_FindCertificateByOCSPHash + * NSSTrustDomain_FindCertByOCSPHash * * There can be only one. */ -NSS_EXTERN NSSCertificate * -NSSTrustDomain_FindCertificateByOCSPHash ( +NSS_EXTERN NSSCert * +NSSTrustDomain_FindCertByOCSPHash ( NSSTrustDomain *td, NSSItem *hash ); /* - * NSSTrustDomain_TraverseCertificates + * NSSTrustDomain_TraverseCerts * * This function descends from one in older versions of NSS which * traverses the certs in the permanent database. That function @@ -1802,19 +1802,19 @@ NSSTrustDomain_FindCertificateByOCSPHash ( * needed in a "friend" header file? */ NSS_EXTERN PRStatus * -NSSTrustDomain_TraverseCertificates ( +NSSTrustDomain_TraverseCerts ( NSSTrustDomain *td, - PRStatus (*callback)(NSSCertificate *c, void *arg), + PRStatus (*callback)(NSSCert *c, void *arg), void *arg ); /* - * NSSTrustDomain_FindBestUserCertificate + * NSSTrustDomain_FindBestUserCert * */ -NSS_EXTERN NSSCertificate * -NSSTrustDomain_FindBestUserCertificate ( +NSS_EXTERN NSSCert * +NSSTrustDomain_FindBestUserCert ( NSSTrustDomain *td, NSSTime time, NSSUsages *usages, @@ -1822,25 +1822,25 @@ NSSTrustDomain_FindBestUserCertificate ( ); /* - * NSSTrustDomain_FindUserCertificates + * NSSTrustDomain_FindUserCerts * */ -NSS_EXTERN NSSCertificate ** -NSSTrustDomain_FindUserCertificates ( +NSS_EXTERN NSSCert ** +NSSTrustDomain_FindUserCerts ( NSSTrustDomain *td, - NSSCertificate **rvOpt, + NSSCert **rvOpt, PRUint32 rvLimit, /* zero for no limit */ NSSArena *arenaOpt ); /* - * NSSTrustDomain_FindBestUserCertificateForSSLClientAuth + * NSSTrustDomain_FindBestUserCertForSSLClientAuth * */ -NSS_EXTERN NSSCertificate * -NSSTrustDomain_FindBestUserCertificateForSSLClientAuth ( +NSS_EXTERN NSSCert * +NSSTrustDomain_FindBestUserCertForSSLClientAuth ( NSSTrustDomain *td, NSSUTF8 *sslHostOpt, NSSDER *rootCAsOpt[], /* null pointer for none */ @@ -1850,30 +1850,30 @@ NSSTrustDomain_FindBestUserCertificateForSSLClientAuth ( ); /* - * NSSTrustDomain_FindUserCertificatesForSSLClientAuth + * NSSTrustDomain_FindUserCertsForSSLClientAuth * */ -NSS_EXTERN NSSCertificate ** -NSSTrustDomain_FindUserCertificatesForSSLClientAuth ( +NSS_EXTERN NSSCert ** +NSSTrustDomain_FindUserCertsForSSLClientAuth ( NSSTrustDomain *td, NSSUTF8 *sslHostOpt, NSSDER *rootCAsOpt[], /* null pointer for none */ PRUint32 rootCAsMaxOpt, /* zero means list is null-terminated */ const NSSAlgNParam *apOpt, NSSPolicies *policiesOpt, - NSSCertificate **rvOpt, + NSSCert **rvOpt, PRUint32 rvLimit, /* zero for no limit */ NSSArena *arenaOpt ); /* - * NSSTrustDomain_FindBestUserCertificateForEmailSigning + * NSSTrustDomain_FindBestUserCertForEmailSigning * */ -NSS_EXTERN NSSCertificate * -NSSTrustDomain_FindBestUserCertificateForEmailSigning ( +NSS_EXTERN NSSCert * +NSSTrustDomain_FindBestUserCertForEmailSigning ( NSSTrustDomain *td, NSSASCII7 *signerOpt, NSSASCII7 *recipientOpt, @@ -1883,25 +1883,25 @@ NSSTrustDomain_FindBestUserCertificateForEmailSigning ( ); /* - * NSSTrustDomain_FindUserCertificatesForEmailSigning + * NSSTrustDomain_FindUserCertsForEmailSigning * */ -NSS_EXTERN NSSCertificate ** -NSSTrustDomain_FindUserCertificatesForEmailSigning ( +NSS_EXTERN NSSCert ** +NSSTrustDomain_FindUserCertsForEmailSigning ( NSSTrustDomain *td, NSSASCII7 *signerOpt, NSSASCII7 *recipientOpt, /* anything more here? */ const NSSAlgNParam *apOpt, NSSPolicies *policiesOpt, - NSSCertificate **rvOpt, + NSSCert **rvOpt, PRUint32 rvLimit, /* zero for no limit */ NSSArena *arenaOpt ); /* - * Here is where we'd add more Find[Best]UserCertificate[s]For<usage> + * Here is where we'd add more Find[Best]UserCert[s]For<usage> * routines. */ @@ -1946,12 +1946,12 @@ NSSTrustDomain_TraversePrivateKeys ( /* Symmetric Keys */ /* - * NSSTrustDomain_GenerateSymmetricKey + * NSSTrustDomain_GenerateSymKey * */ -NSS_EXTERN NSSSymmetricKey * -NSSTrustDomain_GenerateSymmetricKey ( +NSS_EXTERN NSSSymKey * +NSSTrustDomain_GenerateSymKey ( NSSTrustDomain *td, const NSSAlgNParam *ap, PRUint32 keysize, @@ -1960,12 +1960,12 @@ NSSTrustDomain_GenerateSymmetricKey ( ); /* - * NSSTrustDomain_GenerateSymmetricKeyFromPassword + * NSSTrustDomain_GenerateSymKeyFromPassword * */ -NSS_EXTERN NSSSymmetricKey * -NSSTrustDomain_GenerateSymmetricKeyFromPassword ( +NSS_EXTERN NSSSymKey * +NSSTrustDomain_GenerateSymKeyFromPassword ( NSSTrustDomain *td, const NSSAlgNParam *ap, NSSUTF8 *passwordOpt, /* if null, prompt */ @@ -1974,12 +1974,12 @@ NSSTrustDomain_GenerateSymmetricKeyFromPassword ( ); /* - * NSSTrustDomain_FindSymmetricKeyByAlgorithm + * NSSTrustDomain_FindSymKeyByAlgorithm * * Is this still needed? * - * NSS_EXTERN NSSSymmetricKey * - * NSSTrustDomain_FindSymmetricKeyByAlgorithm + * NSS_EXTERN NSSSymKey * + * NSSTrustDomain_FindSymKeyByAlgorithm * ( * NSSTrustDomain *td, * NSSOID *algorithm, @@ -1988,12 +1988,12 @@ NSSTrustDomain_GenerateSymmetricKeyFromPassword ( */ /* - * NSSTrustDomain_FindSymmetricKeyByAlgorithmAndKeyID + * NSSTrustDomain_FindSymKeyByAlgorithmAndKeyID * */ -NSS_EXTERN NSSSymmetricKey * -NSSTrustDomain_FindSymmetricKeyByAlgorithmAndKeyID ( +NSS_EXTERN NSSSymKey * +NSSTrustDomain_FindSymKeyByAlgorithmAndKeyID ( NSSTrustDomain *td, NSSOID *algorithm, NSSItem *keyID, @@ -2001,14 +2001,14 @@ NSSTrustDomain_FindSymmetricKeyByAlgorithmAndKeyID ( ); /* - * NSSTrustDomain_TraverseSymmetricKeys + * NSSTrustDomain_TraverseSymKeys * * * NSS_EXTERN PRStatus * - * NSSTrustDomain_TraverseSymmetricKeys + * NSSTrustDomain_TraverseSymKeys * ( * NSSTrustDomain *td, - * PRStatus (*callback)(NSSSymmetricKey *mk, void *arg), + * PRStatus (*callback)(NSSSymKey *mk, void *arg), * void *arg * ); */ @@ -2069,12 +2069,12 @@ NSSVolatileDomain_Destroy ( ); /* - * NSSVolatileDomain_FindBestCertificateByNickname + * NSSVolatileDomain_FindBestCertByNickname * */ -NSS_EXTERN NSSCertificate * -NSSVolatileDomain_FindBestCertificateByNickname ( +NSS_EXTERN NSSCert * +NSSVolatileDomain_FindBestCertByNickname ( NSSVolatileDomain *vd, NSSUTF8 *name, NSSTime time, /* NULL for "now" */ @@ -2083,39 +2083,39 @@ NSSVolatileDomain_FindBestCertificateByNickname ( ); /* - * NSSVolatileDomain_FindCertificatesByNickname + * NSSVolatileDomain_FindCertsByNickname * */ -NSS_EXTERN NSSCertificate ** -NSSVolatileDomain_FindCertificatesByNickname ( +NSS_EXTERN NSSCert ** +NSSVolatileDomain_FindCertsByNickname ( NSSVolatileDomain *vd, NSSUTF8 *name, - NSSCertificate *rvOpt[], + NSSCert *rvOpt[], PRUint32 maximumOpt, /* 0 for no max */ NSSArena *arenaOpt ); /* - * NSSVolatileDomain_FindCertificateByIssuerAndSerialNumber + * NSSVolatileDomain_FindCertByIssuerAndSerialNumber * */ -NSS_EXTERN NSSCertificate * -NSSVolatileDomain_FindCertificateByIssuerAndSerialNumber ( +NSS_EXTERN NSSCert * +NSSVolatileDomain_FindCertByIssuerAndSerialNumber ( NSSVolatileDomain *vd, NSSDER *issuer, NSSDER *serialNumber ); /* - * NSSVolatileDomain_FindBestCertificateBySubject + * NSSVolatileDomain_FindBestCertBySubject * * This does not search through alternate names hidden in extensions. */ -NSS_EXTERN NSSCertificate * -NSSVolatileDomain_FindBestCertificateBySubject ( +NSS_EXTERN NSSCert * +NSSVolatileDomain_FindBestCertBySubject ( NSSVolatileDomain *vd, NSSDER *subject, NSSTime time, @@ -2124,38 +2124,38 @@ NSSVolatileDomain_FindBestCertificateBySubject ( ); /* - * NSSVolatileDomain_FindCertificatesBySubject + * NSSVolatileDomain_FindCertsBySubject * * This does not search through alternate names hidden in extensions. */ -NSS_EXTERN NSSCertificate ** -NSSVolatileDomain_FindCertificatesBySubject ( +NSS_EXTERN NSSCert ** +NSSVolatileDomain_FindCertsBySubject ( NSSVolatileDomain *vd, NSSDER *subject, - NSSCertificate *rvOpt[], + NSSCert *rvOpt[], PRUint32 maximumOpt, /* 0 for no max */ NSSArena *arenaOpt ); /* - * NSSVolatileDomain_FindCertificateByEncodedCertificate + * NSSVolatileDomain_FindCertByEncodedCert * */ -NSS_EXTERN NSSCertificate * -NSSVolatileDomain_FindCertificateByEncodedCertificate ( +NSS_EXTERN NSSCert * +NSSVolatileDomain_FindCertByEncodedCert ( NSSVolatileDomain *vd, - NSSBER *encodedCertificate + NSSBER *encodedCert ); /* - * NSSVolatileDomain_FindBestCertificateByEmail + * NSSVolatileDomain_FindBestCertByEmail * */ -NSS_EXTERN NSSCertificate * -NSSVolatileDomain_FindBestCertificateByEmail ( +NSS_EXTERN NSSCert * +NSSVolatileDomain_FindBestCertByEmail ( NSSVolatileDomain *vd, NSSASCII7 *email, NSSTime time, @@ -2164,39 +2164,39 @@ NSSVolatileDomain_FindBestCertificateByEmail ( ); /* - * NSSVolatileDomain_FindCertificatesByEmail + * NSSVolatileDomain_FindCertsByEmail * */ -NSS_EXTERN NSSCertificate ** -NSSVolatileDomain_FindCertificatesByEmail ( +NSS_EXTERN NSSCert ** +NSSVolatileDomain_FindCertsByEmail ( NSSVolatileDomain *vd, NSSASCII7 *email, - NSSCertificate *rvOpt[], + NSSCert *rvOpt[], PRUint32 maximumOpt, /* 0 for no max */ NSSArena *arenaOpt ); /* - * NSSVolatileDomain_TraverseCertificates + * NSSVolatileDomain_TraverseCerts * * * NSS_EXTERN PRStatus * - * NSSVolatileDomain_TraverseCertificates + * NSSVolatileDomain_TraverseCerts * ( * NSSVolatileDomain *vd, - * PRStatus (*callback)(NSSCertificate *c, void *arg), + * PRStatus (*callback)(NSSCert *c, void *arg), * void *arg * ); */ /* - * NSSVolatileDomain_FindBestUserCertificate + * NSSVolatileDomain_FindBestUserCert * */ -NSS_EXTERN NSSCertificate * -NSSVolatileDomain_FindBestUserCertificate ( +NSS_EXTERN NSSCert * +NSSVolatileDomain_FindBestUserCert ( NSSVolatileDomain *vd, NSSTime time, NSSUsages *usages, @@ -2204,28 +2204,28 @@ NSSVolatileDomain_FindBestUserCertificate ( ); /* - * NSSVolatileDomain_FindUserCertificates + * NSSVolatileDomain_FindUserCerts * */ -NSS_EXTERN NSSCertificate ** -NSSVolatileDomain_FindUserCertificates ( +NSS_EXTERN NSSCert ** +NSSVolatileDomain_FindUserCerts ( NSSVolatileDomain *vd, NSSTime time, NSSUsages *usagesOpt, NSSPolicies *policiesOpt, - NSSCertificate **rvOpt, + NSSCert **rvOpt, PRUint32 rvLimit, /* zero for no limit */ NSSArena *arenaOpt ); /* - * NSSVolatileDomain_FindBestUserCertificateForSSLClientAuth + * NSSVolatileDomain_FindBestUserCertForSSLClientAuth * */ -NSS_EXTERN NSSCertificate * -NSSVolatileDomain_FindBestUserCertificateForSSLClientAuth ( +NSS_EXTERN NSSCert * +NSSVolatileDomain_FindBestUserCertForSSLClientAuth ( NSSVolatileDomain *vd, NSSUTF8 *sslHostOpt, NSSDER *rootCAsOpt[], /* null pointer for none */ @@ -2235,30 +2235,30 @@ NSSVolatileDomain_FindBestUserCertificateForSSLClientAuth ( ); /* - * NSSVolatileDomain_FindUserCertificatesForSSLClientAuth + * NSSVolatileDomain_FindUserCertsForSSLClientAuth * */ -NSS_EXTERN NSSCertificate ** -NSSVolatileDomain_FindUserCertificatesForSSLClientAuth ( +NSS_EXTERN NSSCert ** +NSSVolatileDomain_FindUserCertsForSSLClientAuth ( NSSVolatileDomain *vd, NSSUTF8 *sslHostOpt, NSSDER *rootCAsOpt[], /* null pointer for none */ PRUint32 rootCAsMaxOpt, /* zero means list is null-terminated */ const NSSAlgNParam *apOpt, NSSPolicies *policiesOpt, - NSSCertificate **rvOpt, + NSSCert **rvOpt, PRUint32 rvLimit, /* zero for no limit */ NSSArena *arenaOpt ); /* - * NSSVolatileDomain_FindBestUserCertificateForEmailSigning + * NSSVolatileDomain_FindBestUserCertForEmailSigning * */ -NSS_EXTERN NSSCertificate * -NSSVolatileDomain_FindBestUserCertificateForEmailSigning ( +NSS_EXTERN NSSCert * +NSSVolatileDomain_FindBestUserCertForEmailSigning ( NSSVolatileDomain *vd, NSSASCII7 *signerOpt, NSSASCII7 *recipientOpt, @@ -2268,19 +2268,19 @@ NSSVolatileDomain_FindBestUserCertificateForEmailSigning ( ); /* - * NSSVolatileDomain_FindUserCertificatesForEmailSigning + * NSSVolatileDomain_FindUserCertsForEmailSigning * */ -NSS_EXTERN NSSCertificate * -NSSVolatileDomain_FindUserCertificatesForEmailSigning ( +NSS_EXTERN NSSCert * +NSSVolatileDomain_FindUserCertsForEmailSigning ( NSSVolatileDomain *vd, NSSASCII7 *signerOpt, /* fgmr or a more general name? */ NSSASCII7 *recipientOpt, /* anything more here? */ const NSSAlgNParam *apOpt, NSSPolicies *policiesOpt, - NSSCertificate **rvOpt, + NSSCert **rvOpt, PRUint32 rvLimit, /* zero for no limit */ NSSArena *arenaOpt ); @@ -2288,38 +2288,38 @@ NSSVolatileDomain_FindUserCertificatesForEmailSigning ( /* Importing things */ /* - * NSSVolatileDomain_ImportCertificate + * NSSVolatileDomain_ImportCert * */ NSS_EXTERN PRStatus -NSSVolatileDomain_ImportCertificate ( +NSSVolatileDomain_ImportCert ( NSSVolatileDomain *vd, - NSSCertificate *c + NSSCert *c ); /* - * NSSVolatileDomain_ImportEncodedCertificate + * NSSVolatileDomain_ImportEncodedCert * */ -NSS_EXTERN NSSCertificate * -NSSVolatileDomain_ImportEncodedCertificate ( +NSS_EXTERN NSSCert * +NSSVolatileDomain_ImportEncodedCert ( NSSVolatileDomain *vd, NSSBER *ber, NSSUTF8 *nicknameOpt ); /* - * NSSVolatileDomain_ImportEncodedCertificateChain + * NSSVolatileDomain_ImportEncodedCertChain * */ NSS_EXTERN PRStatus -NSSVolatileDomain_ImportEncodedCertificateChain ( +NSSVolatileDomain_ImportEncodedCertChain ( NSSVolatileDomain *vd, NSSBER *ber, - NSSCertificateType certType + NSSCertType certType ); /* @@ -2381,12 +2381,12 @@ NSSVolatileDomain_GenerateKeyPair ( /* Symmetric Keys */ /* - * NSSVolatileDomain_GenerateSymmetricKey + * NSSVolatileDomain_GenerateSymKey * */ -NSS_EXTERN NSSSymmetricKey * -NSSVolatileDomain_GenerateSymmetricKey ( +NSS_EXTERN NSSSymKey * +NSSVolatileDomain_GenerateSymKey ( NSSVolatileDomain *vd, const NSSAlgNParam *ap, PRUint32 keysize, @@ -2398,12 +2398,12 @@ NSSVolatileDomain_GenerateSymmetricKey ( ); /* - * NSSVolatileDomain_GenerateSymmetricKeyFromPassword + * NSSVolatileDomain_GenerateSymKeyFromPassword * */ -NSS_EXTERN NSSSymmetricKey * -NSSVolatileDomain_GenerateSymmetricKeyFromPassword ( +NSS_EXTERN NSSSymKey * +NSSVolatileDomain_GenerateSymKeyFromPassword ( NSSVolatileDomain *vd, const NSSAlgNParam *ap, NSSUTF8 *passwordOpt, /* if null, prompt */ @@ -2412,11 +2412,11 @@ NSSVolatileDomain_GenerateSymmetricKeyFromPassword ( ); /* - * NSSVolatileDomain_FindSymmetricKeyByAlgorithm + * NSSVolatileDomain_FindSymKeyByAlgorithm * * - * NSS_EXTERN NSSSymmetricKey * - * NSSVolatileDomain_FindSymmetricKeyByType + * NSS_EXTERN NSSSymKey * + * NSSVolatileDomain_FindSymKeyByType * ( * NSSVolatileDomain *vd, * NSSOID *type, @@ -2425,12 +2425,12 @@ NSSVolatileDomain_GenerateSymmetricKeyFromPassword ( */ /* - * NSSVolatileDomain_FindSymmetricKeyByAlgorithmAndKeyID + * NSSVolatileDomain_FindSymKeyByAlgorithmAndKeyID * */ -NSS_EXTERN NSSSymmetricKey * -NSSVolatileDomain_FindSymmetricKeyByAlgorithmAndKeyID ( +NSS_EXTERN NSSSymKey * +NSSVolatileDomain_FindSymKeyByAlgorithmAndKeyID ( NSSVolatileDomain *vd, NSSOID *algorithm, NSSItem *keyID, @@ -2438,12 +2438,12 @@ NSSVolatileDomain_FindSymmetricKeyByAlgorithmAndKeyID ( ); /* - * NSSVolatileDomain_UnwrapSymmetricKey + * NSSVolatileDomain_UnwrapSymKey * */ -NSS_EXTERN NSSSymmetricKey * -NSSVolatileDomain_UnwrapSymmetricKey ( +NSS_EXTERN NSSSymKey * +NSSVolatileDomain_UnwrapSymKey ( NSSVolatileDomain *vd, const NSSAlgNParam *ap, NSSPrivateKey *wrapKey, @@ -2455,25 +2455,25 @@ NSSVolatileDomain_UnwrapSymmetricKey ( ); /* - * NSSVolatileDomain_TraverseSymmetricKeys + * NSSVolatileDomain_TraverseSymKeys * * * NSS_EXTERN PRStatus * - * NSSVolatileDomain_TraverseSymmetricKeys + * NSSVolatileDomain_TraverseSymKeys * ( * NSSVolatileDomain *vd, - * PRStatus (*callback)(NSSSymmetricKey *mk, void *arg), + * PRStatus (*callback)(NSSSymKey *mk, void *arg), * void *arg * ); */ /* - * NSSVolatileDomain_DeriveSymmetricKey + * NSSVolatileDomain_DeriveSymKey * */ -NSS_EXTERN NSSSymmetricKey * -NSSVolatileDomain_DeriveSymmetricKey ( +NSS_EXTERN NSSSymKey * +NSSVolatileDomain_DeriveSymKey ( NSSVolatileDomain *vd, NSSPublicKey *bkOpt, const NSSAlgNParam *apOpt, @@ -2815,15 +2815,15 @@ NSSCryptoContext_VerifyRecover ( ); /* - * NSSCryptoContext_WrapSymmetricKey + * NSSCryptoContext_WrapSymKey * */ NSS_EXTERN NSSItem * -NSSCryptoContext_WrapSymmetricKey ( +NSSCryptoContext_WrapSymKey ( NSSCryptoContext *cc, const NSSAlgNParam *apOpt, - NSSSymmetricKey *keyToWrap, + NSSSymKey *keyToWrap, NSSCallback *uhhOpt, NSSItem *rvOpt, NSSArena *arenaOpt @@ -2871,7 +2871,7 @@ NSSCryptoContext_ContinueDigest ( NSS_EXTERN PRStatus NSSCryptoContext_DigestKey ( NSSCryptoContext *cc, - NSSSymmetricKey *mkOpt + NSSSymKey *mkOpt ); /* @@ -2918,14 +2918,14 @@ NSSCryptoContext_Release ( ); /* - * ..._SignTBSCertificate + * ..._SignTBSCert * * This requires feedback from the cert server team. */ /* - * PRBool NSSCertificate_GetIsTrustedFor{xxx}(NSSCertificate *c); - * PRStatus NSSCertificate_SetIsTrustedFor{xxx}(NSSCertificate *c, PRBool trusted); + * PRBool NSSCert_GetIsTrustedFor{xxx}(NSSCert *c); + * PRStatus NSSCert_SetIsTrustedFor{xxx}(NSSCert *c, PRBool trusted); * * These will be helper functions which get the trust object for a cert, * and then call the corresponding function(s) on it. @@ -2942,8 +2942,8 @@ NSSCryptoContext_Release ( * like "EmailSigning." * * - * NSSPKIXTrust *NSSCertificate_GetPKIXTrustObject(NSSCertificate *c); - * PRStatus NSSCertificate_SetPKIXTrustObject(NSSCertificate *c, NSPKIXTrust *t); + * NSSPKIXTrust *NSSCert_GetPKIXTrustObject(NSSCert *c); + * PRStatus NSSCert_SetPKIXTrustObject(NSSCert *c, NSPKIXTrust *t); * * I want to hold off on any general trust object until we've investigated * other models more thoroughly. diff --git a/security/nss/lib/pki/nsspkit.h b/security/nss/lib/pki/nsspkit.h index 9f65ec5e1..fb9bb3879 100644 --- a/security/nss/lib/pki/nsspkit.h +++ b/security/nss/lib/pki/nsspkit.h @@ -51,9 +51,9 @@ static const char NSSPKIT_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"; PR_BEGIN_EXTERN_C /* - * NSSCertificate + * NSSCert * - * This is the public representation of a Certificate. The certificate + * This is the public representation of a Cert. The certificate * may be one found on a smartcard or other token, one decoded from data * received as part of a protocol, one constructed from constituent * parts, etc. Usually it is associated with ("in") a trust domain; as @@ -65,11 +65,11 @@ PR_BEGIN_EXTERN_C * by implementing public-key crypto operations as methods on this type. */ -struct NSSCertificateStr; -typedef struct NSSCertificateStr NSSCertificate; +struct NSSCertStr; +typedef struct NSSCertStr NSSCert; /* - * NSSUserCertificate + * NSSUserCert * * A ``User'' certificate is one for which the private key is available. * People speak of "using my certificate to sign my email" and "using @@ -86,7 +86,7 @@ typedef struct NSSCertificateStr NSSCertificate; * Open design question: should these types be more firmly separated? */ -typedef NSSCertificate NSSUserCertificate; +typedef NSSCert NSSUserCert; /* * NSSPrivateKey @@ -108,12 +108,12 @@ struct NSSPublicKeyStr; typedef struct NSSPublicKeyStr NSSPublicKey; /* - * NSSSymmetricKey + * NSSSymKey * */ -struct NSSSymmetricKeyStr; -typedef struct NSSSymmetricKeyStr NSSSymmetricKey; +struct NSSSymKeyStr; +typedef struct NSSSymKeyStr NSSSymKey; /* * NSSTrustDomain @@ -140,8 +140,8 @@ typedef struct NSSTrustDomainStr NSSTrustDomain; typedef struct NSSVolatileDomainStr NSSVolatileDomain; /* special case of volatile domain */ -struct NSSCertificateChainStr; -typedef struct NSSCertificateChainStr NSSCertificateChain; +struct NSSCertChainStr; +typedef struct NSSCertChainStr NSSCertChain; /* * NSSCryptoContext @@ -245,7 +245,7 @@ typedef struct NSSUsagesStr NSSUsages; struct NSSPoliciesStr; typedef struct NSSPoliciesStr NSSPolicies; -struct NSSPKIXCertificateStr; +struct NSSPKIXCertStr; PR_END_EXTERN_C diff --git a/security/nss/lib/pki/pki.h b/security/nss/lib/pki/pki.h index 8c602d643..a06eaf572 100644 --- a/security/nss/lib/pki/pki.h +++ b/security/nss/lib/pki/pki.h @@ -70,163 +70,163 @@ nssTrustDomain_GetDefaultCallback ( PRStatus *statusOpt ); -NSS_EXTERN NSSCertificate ** -nssTrustDomain_FindCertificatesByNickname ( +NSS_EXTERN NSSCert ** +nssTrustDomain_FindCertsByNickname ( NSSTrustDomain *td, NSSUTF8 *name, - NSSCertificate *rvOpt[], + NSSCert *rvOpt[], PRUint32 maximumOpt, /* 0 for no max */ NSSArena *arenaOpt ); -NSS_EXTERN NSSCertificate ** -nssTrustDomain_FindCertificatesBySubject ( +NSS_EXTERN NSSCert ** +nssTrustDomain_FindCertsBySubject ( NSSTrustDomain *td, NSSDER *subject, - NSSCertificate *rvOpt[], + NSSCert *rvOpt[], PRUint32 maximumOpt, NSSArena *arenaOpt ); -NSS_EXTERN NSSCertificate * -nssTrustDomain_FindCertificateByIssuerAndSerialNumber ( +NSS_EXTERN NSSCert * +nssTrustDomain_FindCertByIssuerAndSerialNumber ( NSSTrustDomain *td, NSSDER *issuer, NSSDER *serialNumber ); -NSS_EXTERN NSSCertificate ** -nssTrustDomain_FindCertificatesByEmail ( +NSS_EXTERN NSSCert ** +nssTrustDomain_FindCertsByEmail ( NSSTrustDomain *td, NSSASCII7 *email, - NSSCertificate *rvOpt[], + NSSCert *rvOpt[], PRUint32 maximumOpt, /* 0 for no max */ NSSArena *arenaOpt ); -NSS_EXTERN NSSCertificate * -nssTrustDomain_FindCertificateByEncodedCertificate ( +NSS_EXTERN NSSCert * +nssTrustDomain_FindCertByEncodedCert ( NSSTrustDomain *td, - NSSBER *encodedCertificate + NSSBER *encodedCert ); NSS_EXTERN PRStatus * -nssTrustDomain_TraverseCertificates ( +nssTrustDomain_TraverseCerts ( NSSTrustDomain *td, - PRStatus (*callback)(NSSCertificate *c, void *arg), + PRStatus (*callback)(NSSCert *c, void *arg), void *arg ); NSS_EXTERN nssTrust * -nssTrustDomain_FindTrustForCertificate ( +nssTrustDomain_FindTrustForCert ( NSSTrustDomain *td, - NSSCertificate *c + NSSCert *c ); -NSS_EXTERN NSSCertificate * -nssCertificate_Decode ( +NSS_EXTERN NSSCert * +nssCert_Decode ( NSSBER *ber ); -NSS_EXTERN NSSCertificate * -nssCertificate_AddRef ( - NSSCertificate *c +NSS_EXTERN NSSCert * +nssCert_AddRef ( + NSSCert *c ); NSS_EXTERN PRStatus -nssCertificate_Destroy ( - NSSCertificate *c +nssCert_Destroy ( + NSSCert *c ); NSS_EXTERN NSSDER * -nssCertificate_GetEncoding ( - NSSCertificate *c +nssCert_GetEncoding ( + NSSCert *c ); NSS_EXTERN NSSDER * -nssCertificate_GetIssuer ( - NSSCertificate *c +nssCert_GetIssuer ( + NSSCert *c ); NSS_EXTERN NSSDER * -nssCertificate_GetSerialNumber ( - NSSCertificate *c +nssCert_GetSerialNumber ( + NSSCert *c ); NSS_EXTERN NSSDER * -nssCertificate_GetSubject ( - NSSCertificate *c +nssCert_GetSubject ( + NSSCert *c ); NSS_EXTERN PRStatus -nssCertificate_SetNickname ( - NSSCertificate *c, +nssCert_SetNickname ( + NSSCert *c, NSSToken *tokenOpt, NSSUTF8 *nickname ); NSS_EXTERN NSSUTF8 * -nssCertificate_GetNickname ( - NSSCertificate *c, +nssCert_GetNickname ( + NSSCert *c, NSSToken *tokenOpt ); NSS_EXTERN NSSASCII7 * -nssCertificate_GetEmailAddress ( - NSSCertificate *c +nssCert_GetEmailAddress ( + NSSCert *c ); NSS_EXTERN PRBool -nssCertificate_IssuerAndSerialEqual ( - NSSCertificate *c1, - NSSCertificate *c2 +nssCert_IssuerAndSerialEqual ( + NSSCert *c1, + NSSCert *c2 ); NSS_EXTERN NSSPublicKey * -nssCertificate_GetPublicKey ( - NSSCertificate *c +nssCert_GetPublicKey ( + NSSCert *c ); NSS_EXTERN NSSPrivateKey * -nssCertificate_FindPrivateKey ( - NSSCertificate *c, +nssCert_FindPrivateKey ( + NSSCert *c, NSSCallback *uhh ); NSS_EXTERN PRBool -nssCertificate_IsPrivateKeyAvailable ( - NSSCertificate *c, +nssCert_IsPrivateKeyAvailable ( + NSSCert *c, NSSCallback *uhh, PRStatus *statusOpt ); NSS_EXTERN NSSUsages * -nssCertificate_GetUsages ( - NSSCertificate *c, +nssCert_GetUsages ( + NSSCert *c, PRStatus *statusOpt ); NSS_EXTERN PRBool -nssCertificate_IsValidAtTime ( - NSSCertificate *c, +nssCert_IsValidAtTime ( + NSSCert *c, NSSTime time, PRStatus *statusOpt ); NSS_EXTERN PRBool -nssCertificate_IsNewer ( - NSSCertificate *c1, - NSSCertificate *c2, +nssCert_IsNewer ( + NSSCert *c1, + NSSCert *c2, PRStatus *statusOpt ); -NSS_EXTERN NSSCertificate ** -nssCertificate_BuildChain ( - NSSCertificate *c, +NSS_EXTERN NSSCert ** +nssCert_BuildChain ( + NSSCert *c, NSSTime time, NSSUsages *usagesOpt, NSSPolicies *policiesOpt, - NSSCertificate **rvOpt, + NSSCert **rvOpt, PRUint32 rvLimit, NSSArena *arenaOpt, PRStatus *statusOpt @@ -282,29 +282,29 @@ nssPublicKey_GetID ( ); NSS_EXTERN NSSItem * -nssPublicKey_WrapSymmetricKey ( +nssPublicKey_WrapSymKey ( NSSPublicKey *bk, const NSSAlgNParam *ap, - NSSSymmetricKey *keyToWrap, + NSSSymKey *keyToWrap, NSSCallback *uhh, NSSItem *rvOpt, NSSArena *arenaOpt ); -NSS_EXTERN NSSSymmetricKey * -nssSymmetricKey_AddRef ( - NSSSymmetricKey *mk +NSS_EXTERN NSSSymKey * +nssSymKey_AddRef ( + NSSSymKey *mk ); NSS_EXTERN PRStatus -nssSymmetricKey_DeriveSSLSessionKeys ( - NSSSymmetricKey *masterSecret, +nssSymKey_DeriveSSLSessionKeys ( + NSSSymKey *masterSecret, const NSSAlgNParam *ap, - NSSSymmetricKeyType bulkKeyType, + NSSSymKeyType bulkKeyType, NSSOperations operations, NSSProperties properties, PRUint32 keySize, - NSSSymmetricKey **sessionKeys + NSSSymKey **sessionKeys ); NSS_EXTERN NSSVolatileDomain * @@ -313,11 +313,11 @@ nssVolatileDomain_Create ( NSSCallback *uhhOpt ); -NSS_EXTERN NSSCertificate ** -nssVolatileDomain_FindCertificatesBySubject ( +NSS_EXTERN NSSCert ** +nssVolatileDomain_FindCertsBySubject ( NSSVolatileDomain *vd, NSSDER *subject, - NSSCertificate *rvOpt[], + NSSCert *rvOpt[], PRUint32 maximumOpt, /* 0 for no max */ NSSArena *arenaOpt ); @@ -333,8 +333,8 @@ nssPrivateKeyArray_Destroy ( ); NSS_EXTERN void -nssSymmetricKeyArray_Destroy ( - NSSSymmetricKey **mkeys +nssSymKeyArray_Destroy ( + NSSSymKey **mkeys ); NSS_EXTERN nssTrust * @@ -359,7 +359,7 @@ nssSMIMEProfile_Destroy ( NSS_EXTERN nssSMIMEProfile * nssSMIMEProfile_Create ( - NSSCertificate *cert, + NSSCert *cert, NSSItem *profileTime, NSSItem *profileData ); diff --git a/security/nss/lib/pki/pkibase.c b/security/nss/lib/pki/pkibase.c index e294a6096..2c8e4ceff 100644 --- a/security/nss/lib/pki/pkibase.c +++ b/security/nss/lib/pki/pkibase.c @@ -487,35 +487,35 @@ nssPKIObject_GetWriteToken ( } NSS_IMPLEMENT void -nssCertificateArray_Destroy ( - NSSCertificate **certs +nssCertArray_Destroy ( + NSSCert **certs ) { if (certs) { - NSSCertificate **certp; + NSSCert **certp; for (certp = certs; *certp; certp++) { - nssCertificate_Destroy(*certp); + nssCert_Destroy(*certp); } nss_ZFreeIf(certs); } } NSS_IMPLEMENT void -NSSCertificateArray_Destroy ( - NSSCertificate **certs +NSSCertArray_Destroy ( + NSSCert **certs ) { - nssCertificateArray_Destroy(certs); + nssCertArray_Destroy(certs); } -NSS_IMPLEMENT NSSCertificate ** -nssCertificateArray_Join ( - NSSCertificate **certs1, - NSSCertificate **certs2 +NSS_IMPLEMENT NSSCert ** +nssCertArray_Join ( + NSSCert **certs1, + NSSCert **certs2 ) { if (certs1 && certs2) { - NSSCertificate **certs, **cp; + NSSCert **certs, **cp; PRUint32 count = 0; PRUint32 count1 = 0; cp = certs1; @@ -523,11 +523,11 @@ nssCertificateArray_Join ( count = count1; cp = certs2; while (*cp++) count++; - certs = nss_ZREALLOCARRAY(certs1, NSSCertificate *, count + 1); + certs = nss_ZREALLOCARRAY(certs1, NSSCert *, count + 1); if (!certs) { nss_ZFreeIf(certs1); nss_ZFreeIf(certs2); - return (NSSCertificate **)NULL; + return (NSSCert **)NULL; } for (cp = certs2; *cp; cp++, count1++) { certs[count1] = *cp; @@ -541,29 +541,29 @@ nssCertificateArray_Join ( } } -NSS_IMPLEMENT NSSCertificate * -nssCertificateArray_FindBestCertificate ( - NSSCertificate **certs, +NSS_IMPLEMENT NSSCert * +nssCertArray_FindBestCert ( + NSSCert **certs, NSSTime time, NSSUsages *usagesOpt, NSSPolicies *policiesOpt ) { PRStatus status; - NSSCertificate *bestCert = NULL; + NSSCert *bestCert = NULL; if (!certs) { - return (NSSCertificate *)NULL; + return (NSSCert *)NULL; } for (; *certs; certs++) { - NSSCertificate *c = *certs; - NSSUsages *certUsages = nssCertificate_GetUsages(c, &status); + NSSCert *c = *certs; + NSSUsages *certUsages = nssCert_GetUsages(c, &status); if (status == PR_FAILURE) { - return (NSSCertificate *)NULL; + return (NSSCert *)NULL; } if (!bestCert) { /* take the first cert with matching usage (if provided) */ if (!usagesOpt || nssUsages_Match(usagesOpt, certUsages)) { - bestCert = nssCertificate_AddRef(c); + bestCert = nssCert_AddRef(c); } continue; } else { @@ -576,31 +576,31 @@ nssCertificateArray_FindBestCertificate ( } } /* time */ - if (nssCertificate_IsValidAtTime(bestCert, time, &status)) { + if (nssCert_IsValidAtTime(bestCert, time, &status)) { /* The current best cert is valid at time */ - if (!nssCertificate_IsValidAtTime(c, time, &status)) { + if (!nssCert_IsValidAtTime(c, time, &status)) { /* If the new cert isn't valid at time, it's not better */ continue; } } else { if (status == PR_FAILURE) { - return (NSSCertificate *)NULL; + return (NSSCert *)NULL; } /* The current best cert is not valid at time */ - if (nssCertificate_IsValidAtTime(c, time, NULL)) { + if (nssCert_IsValidAtTime(c, time, NULL)) { /* If the new cert is valid at time, it's better */ - nssCertificate_Destroy(bestCert); - bestCert = nssCertificate_AddRef(c); + nssCert_Destroy(bestCert); + bestCert = nssCert_AddRef(c); } } /* either they are both valid at time, or neither valid; * take the newer one */ - if (nssCertificate_IsNewer(c, bestCert, &status)) { - nssCertificate_Destroy(bestCert); - bestCert = nssCertificate_AddRef(c); + if (nssCert_IsNewer(c, bestCert, &status)) { + nssCert_Destroy(bestCert); + bestCert = nssCert_AddRef(c); } else if (status == PR_FAILURE) { - return (NSSCertificate *)NULL; + return (NSSCert *)NULL; } /* policies */ /* XXX later -- defer to policies */ @@ -609,15 +609,15 @@ nssCertificateArray_FindBestCertificate ( } NSS_IMPLEMENT PRStatus -nssCertificateArray_Traverse ( - NSSCertificate **certs, - PRStatus (* callback)(NSSCertificate *c, void *arg), +nssCertArray_Traverse ( + NSSCert **certs, + PRStatus (* callback)(NSSCert *c, void *arg), void *arg ) { PRStatus status = PR_SUCCESS; if (certs) { - NSSCertificate **certp; + NSSCert **certp; for (certp = certs; *certp; certp++) { status = (*callback)(*certp, arg); if (status != PR_SUCCESS) { @@ -659,7 +659,7 @@ nssUsages_Match ( typedef enum { - pkiObjectType_Certificate = 0, + pkiObjectType_Cert = 0, pkiObjectType_CRL = 1, pkiObjectType_PrivateKey = 2, pkiObjectType_PublicKey = 3 @@ -668,7 +668,7 @@ typedef enum /* Each object is defined by a set of items that uniquely identify it. * Here are the uid sets: * - * NSSCertificate ==> { issuer, serial } + * NSSCert ==> { issuer, serial } * NSSPrivateKey * (RSA) ==> { modulus, public exponent } * @@ -996,8 +996,8 @@ nssPKIObjectCollection_Traverse ( node->haveObject = PR_TRUE; } switch (collection->objectType) { - case pkiObjectType_Certificate: - status = (*callback->func.cert)((NSSCertificate *)node->object, + case pkiObjectType_Cert: + status = (*callback->func.cert)((NSSCert *)node->object, callback->arg); break; case pkiObjectType_CRL: @@ -1042,23 +1042,23 @@ nssPKIObjectCollection_AddInstanceAsObject ( } /* - * Certificate collections + * Cert collections */ static void cert_destroyObject(nssPKIObject *o) { - NSSCertificate *c = (NSSCertificate *)o; - nssCertificate_Destroy(c); + NSSCert *c = (NSSCert *)o; + nssCert_Destroy(c); } static PRStatus cert_getUIDFromObject(nssPKIObject *o, NSSItem *uid) { - NSSCertificate *c = (NSSCertificate *)o; + NSSCert *c = (NSSCert *)o; NSSDER *issuer, *serial; - issuer = nssCertificate_GetIssuer(c); - serial = nssCertificate_GetSerialNumber(c); + issuer = nssCert_GetIssuer(c); + serial = nssCert_GetSerialNumber(c); uid[0] = *issuer; uid[1] = *serial; return PR_SUCCESS; @@ -1068,7 +1068,7 @@ static PRStatus cert_getUIDFromInstance(nssCryptokiObject *instance, NSSItem *uid, NSSArena *arena) { - return nssCryptokiCertificate_GetAttributes(instance, + return nssCryptokiCert_GetAttributes(instance, arena, /* arena */ NULL, /* type */ NULL, /* id */ @@ -1082,21 +1082,21 @@ cert_getUIDFromInstance(nssCryptokiObject *instance, NSSItem *uid, static nssPKIObject * cert_createObject(nssPKIObject *o) { - NSSCertificate *cert; - cert = nssCertificate_Create(o); + NSSCert *cert; + cert = nssCert_Create(o); return (nssPKIObject *)cert; } NSS_IMPLEMENT nssPKIObjectCollection * -nssCertificateCollection_Create ( +nssCertCollection_Create ( NSSTrustDomain *td, - NSSCertificate **certsOpt + NSSCert **certsOpt ) { PRStatus status; nssPKIObjectCollection *collection; collection = nssPKIObjectCollection_Create(td); - collection->objectType = pkiObjectType_Certificate; + collection->objectType = pkiObjectType_Cert; collection->destroyObject = cert_destroyObject; collection->getUIDFromObject = cert_getUIDFromObject; collection->getUIDFromInstance = cert_getUIDFromInstance; @@ -1110,10 +1110,10 @@ nssCertificateCollection_Create ( return collection; } -NSS_IMPLEMENT NSSCertificate ** -nssPKIObjectCollection_GetCertificates ( +NSS_IMPLEMENT NSSCert ** +nssPKIObjectCollection_GetCerts ( nssPKIObjectCollection *collection, - NSSCertificate **rvOpt, + NSSCert **rvOpt, PRUint32 maximumOpt, NSSArena *arenaOpt ) @@ -1122,7 +1122,7 @@ nssPKIObjectCollection_GetCertificates ( PRUint32 rvSize; PRBool allocated = PR_FALSE; if (collection->size == 0) { - return (NSSCertificate **)NULL; + return (NSSCert **)NULL; } if (maximumOpt == 0) { rvSize = collection->size; @@ -1130,9 +1130,9 @@ nssPKIObjectCollection_GetCertificates ( rvSize = PR_MIN(collection->size, maximumOpt); } if (!rvOpt) { - rvOpt = nss_ZNEWARRAY(arenaOpt, NSSCertificate *, rvSize + 1); + rvOpt = nss_ZNEWARRAY(arenaOpt, NSSCert *, rvSize + 1); if (!rvOpt) { - return (NSSCertificate **)NULL; + return (NSSCert **)NULL; } allocated = PR_TRUE; } @@ -1143,7 +1143,7 @@ nssPKIObjectCollection_GetCertificates ( if (allocated) { nss_ZFreeIf(rvOpt); } - return (NSSCertificate **)NULL; + return (NSSCert **)NULL; } return rvOpt; } @@ -1562,8 +1562,8 @@ loser: return PR_FAILURE; } -NSS_IMPLEMENT NSSSymmetricKey * -nssPKIObjectCreator_GenerateSymmetricKey ( +NSS_IMPLEMENT NSSSymKey * +nssPKIObjectCreator_GenerateSymKey ( nssPKIObjectCreator *creator, PRUint32 keysize ) @@ -1573,7 +1573,7 @@ nssPKIObjectCreator_GenerateSymmetricKey ( NSSToken *source; nssSession *session = NULL; nssCryptokiObject *key = NULL; - NSSSymmetricKey *rvKey = NULL; + NSSSymKey *rvKey = NULL; NSSSlot *slot; /* search the trust domain for a usable token for the keygen */ @@ -1581,7 +1581,7 @@ nssPKIObjectCreator_GenerateSymmetricKey ( creator->ap, creator->destination); if (!source) { - return (NSSSymmetricKey *)NULL; + return (NSSSymKey *)NULL; } /* If we want a persistent object but the destination token can't * do the math, then create a temporary object on the source token @@ -1610,7 +1610,7 @@ nssPKIObjectCreator_GenerateSymmetricKey ( } /* XXX */ - key = nssToken_GenerateSymmetricKey(source, session, creator->ap, + key = nssToken_GenerateSymKey(source, session, creator->ap, keysize, NULL, !temporary, 0, 0); if (!key) { goto loser; @@ -1631,7 +1631,7 @@ nssPKIObjectCreator_GenerateSymmetricKey ( goto loser; } } - destKey = nssCryptokiSymmetricKey_Copy(key, session, + destKey = nssCryptokiSymKey_Copy(key, session, creator->destination, copySession, creator->persistent); @@ -1646,7 +1646,7 @@ nssPKIObjectCreator_GenerateSymmetricKey ( key = destKey; } - rvKey = nssSymmetricKey_CreateFromInstance(key, creator->td, creator->vd); + rvKey = nssSymKey_CreateFromInstance(key, creator->td, creator->vd); if (!rvKey) { goto loser; } @@ -1664,7 +1664,7 @@ loser: nssCryptokiObject_Destroy(key); } nssToken_Destroy(source); - return (NSSSymmetricKey *)NULL; + return (NSSSymKey *)NULL; } struct nssTokenSessionHashStr { diff --git a/security/nss/lib/pki/pkim.h b/security/nss/lib/pki/pkim.h index 72cf56dc8..329addff6 100644 --- a/security/nss/lib/pki/pkim.h +++ b/security/nss/lib/pki/pkim.h @@ -224,11 +224,11 @@ nssTrustDomain_FindSourceToken ( NSSToken *candidate ); -NSS_EXTERN NSSCertificate ** -nssTrustDomain_FindCertificatesByID ( +NSS_EXTERN NSSCert ** +nssTrustDomain_FindCertsByID ( NSSTrustDomain *td, NSSItem *id, - NSSCertificate **rvOpt, + NSSCert **rvOpt, PRUint32 maximumOpt, NSSArena *arenaOpt ); @@ -249,35 +249,35 @@ nssCryptoContext_Create ( ); NSS_EXTERN NSSCryptoContext * -nssCryptoContext_CreateForSymmetricKey ( - NSSSymmetricKey *mk, +nssCryptoContext_CreateForSymKey ( + NSSSymKey *mk, const NSSAlgNParam *apOpt, NSSCallback *uhh ); /* XXX for the collection */ -NSS_EXTERN NSSCertificate * -nssCertificate_Create ( +NSS_EXTERN NSSCert * +nssCert_Create ( nssPKIObject *object ); /* XXX XXX most of these belong in pki.h */ NSS_EXTERN nssCryptokiObject * -nssCertificate_FindInstanceForAlgorithm ( - NSSCertificate *c, +nssCert_FindInstanceForAlgorithm ( + NSSCert *c, NSSAlgNParam *ap ); NSS_EXTERN void -nssCertificate_SetVolatileDomain ( - NSSCertificate *c, +nssCert_SetVolatileDomain ( + NSSCert *c, NSSVolatileDomain *vd ); NSS_EXTERN PRStatus -nssCertificate_CopyToToken ( - NSSCertificate *c, +nssCert_CopyToToken ( + NSSCert *c, NSSToken *token, NSSUTF8 *nicknameOpt ); @@ -308,57 +308,57 @@ nssCRL_DeleteStoredObject ( NSSCallback *uhh ); -NSS_EXTERN NSSSymmetricKey * -nssSymmetricKey_Create ( +NSS_EXTERN NSSSymKey * +nssSymKey_Create ( nssPKIObject *object ); -NSS_EXTERN NSSSymmetricKey * -nssSymmetricKey_CreateFromInstance ( +NSS_EXTERN NSSSymKey * +nssSymKey_CreateFromInstance ( nssCryptokiObject *instance, NSSTrustDomain *td, NSSVolatileDomain *vdOpt ); NSS_EXTERN PRStatus -nssSymmetricKey_Destroy ( - NSSSymmetricKey *mk +nssSymKey_Destroy ( + NSSSymKey *mk ); NSS_IMPLEMENT nssCryptokiObject * -nssSymmetricKey_CopyToToken ( - NSSSymmetricKey *mk, +nssSymKey_CopyToToken ( + NSSSymKey *mk, NSSToken *destination, PRBool asPersistentObject ); NSS_EXTERN NSSToken ** -nssSymmetricKey_GetTokens ( - NSSSymmetricKey *mk, +nssSymKey_GetTokens ( + NSSSymKey *mk, PRStatus *statusOpt ); NSS_EXTERN NSSTrustDomain * -nssSymmetricKey_GetTrustDomain ( - NSSSymmetricKey *mk, +nssSymKey_GetTrustDomain ( + NSSSymKey *mk, PRStatus *statusOpt ); NSS_EXTERN PRBool -nssSymmetricKey_IsOnToken ( - NSSSymmetricKey *mk, +nssSymKey_IsOnToken ( + NSSSymKey *mk, NSSToken *token ); NSS_EXTERN nssCryptokiObject * -nssSymmetricKey_GetInstance ( - NSSSymmetricKey *mk, +nssSymKey_GetInstance ( + NSSSymKey *mk, NSSToken *token ); NSS_EXTERN nssCryptokiObject * -nssSymmetricKey_FindInstanceForAlgorithm ( - NSSSymmetricKey *mk, +nssSymKey_FindInstanceForAlgorithm ( + NSSSymKey *mk, const NSSAlgNParam *ap ); @@ -448,29 +448,29 @@ nssUsages_Match ( NSSUsages *testUsages ); -/* nssCertificateArray +/* nssCertArray * * These are being thrown around a lot, might as well group together some * functionality. * - * nssCertificateArray_Destroy - * nssCertificateArray_Join - * nssCertificateArray_FindBestCertificate - * nssCertificateArray_Traverse + * nssCertArray_Destroy + * nssCertArray_Join + * nssCertArray_FindBestCert + * nssCertArray_Traverse */ -/* nssCertificateArray_Destroy +/* nssCertArray_Destroy * * Will destroy the array and the certs within it. If the array was created * in an arena, will *not* (of course) destroy the arena. However, is safe * to call this method on an arena-allocated array. */ NSS_EXTERN void -nssCertificateArray_Destroy ( - NSSCertificate **certs +nssCertArray_Destroy ( + NSSCert **certs ); -/* nssCertificateArray_Join +/* nssCertArray_Join * * Join two arrays into one. The two arrays, certs1 and certs2, should * be considered invalid after a call to this function (they may be destroyed @@ -478,34 +478,34 @@ nssCertificateArray_Destroy ( * call with arrays allocated in an arena, the result will also be in the * arena. */ -NSS_EXTERN NSSCertificate ** -nssCertificateArray_Join ( - NSSCertificate **certs1, - NSSCertificate **certs2 +NSS_EXTERN NSSCert ** +nssCertArray_Join ( + NSSCert **certs1, + NSSCert **certs2 ); -/* nssCertificateArray_FindBestCertificate +/* nssCertArray_FindBestCert * * Use the usual { time, usage, policies } to find the best cert in the * array. */ -NSS_EXTERN NSSCertificate * -nssCertificateArray_FindBestCertificate ( - NSSCertificate **certs, +NSS_EXTERN NSSCert * +nssCertArray_FindBestCert ( + NSSCert **certs, NSSTime time, NSSUsages *usagesOpt, NSSPolicies *policiesOpt ); -/* nssCertificateArray_Traverse +/* nssCertArray_Traverse * * Do the callback for each cert, terminate the traversal if the callback * fails. */ NSS_EXTERN PRStatus -nssCertificateArray_Traverse ( - NSSCertificate **certs, - PRStatus (* callback)(NSSCertificate *c, void *arg), +nssCertArray_Traverse ( + NSSCert **certs, + PRStatus (* callback)(NSSCert *c, void *arg), void *arg ); @@ -521,7 +521,7 @@ nssCRLArray_Destroy ( * objects instances on tokens, where the actual object hasn't * been formed yet. * - * nssCertificateCollection_Create + * nssCertCollection_Create * nssPrivateKeyCollection_Create * nssPublicKeyCollection_Create * @@ -529,7 +529,7 @@ nssCRLArray_Destroy ( * inherit all of the following methods. Instead, there is only one * type (nssPKIObjectCollection), shared among all. This may cause * confusion; an alternative would be to define all of the methods - * for each subtype (nssCertificateCollection_Destroy, ...), but that doesn't + * for each subtype (nssCertCollection_Destroy, ...), but that doesn't * seem worth the code bloat.. It is left up to the caller to remember * what type of collection he/she is dealing with. * @@ -541,21 +541,21 @@ nssCRLArray_Destroy ( * * Back to type-specific methods. * - * nssPKIObjectCollection_GetCertificates + * nssPKIObjectCollection_GetCerts * nssPKIObjectCollection_GetCRLs * nssPKIObjectCollection_GetPrivateKeys * nssPKIObjectCollection_GetPublicKeys */ -/* nssCertificateCollection_Create +/* nssCertCollection_Create * * Create a collection of certificates in the specified trust domain. * Optionally provide a starting set of certs. */ NSS_EXTERN nssPKIObjectCollection * -nssCertificateCollection_Create ( +nssCertCollection_Create ( NSSTrustDomain *td, - NSSCertificate **certsOpt + NSSCert **certsOpt ); /* nssCRLCollection_Create @@ -638,7 +638,7 @@ nssPKIObjectCollection_Traverse ( ); /* This function is being added for NSS 3.5. It corresponds to the function - * nssToken_TraverseCertificates. The idea is to use the collection during + * nssToken_TraverseCerts. The idea is to use the collection during * a traversal, creating certs each time a new instance is added for which * a cert does not already exist. */ @@ -648,14 +648,14 @@ nssPKIObjectCollection_AddInstanceAsObject ( nssCryptokiObject *instance ); -/* nssPKIObjectCollection_GetCertificates +/* nssPKIObjectCollection_GetCerts * * Get all of the certificates in the collection. */ -NSS_EXTERN NSSCertificate ** -nssPKIObjectCollection_GetCertificates ( +NSS_EXTERN NSSCert ** +nssPKIObjectCollection_GetCerts ( nssPKIObjectCollection *collection, - NSSCertificate **rvOpt, + NSSCert **rvOpt, PRUint32 maximumOpt, NSSArena *arenaOpt ); @@ -691,14 +691,14 @@ nssPKIObjectCreator_GenerateKeyPair ( NSSPrivateKey **pvkOpt ); -NSS_EXTERN NSSSymmetricKey * -nssPKIObjectCreator_GenerateSymmetricKey ( +NSS_EXTERN NSSSymKey * +nssPKIObjectCreator_GenerateSymKey ( nssPKIObjectCreator *creator, PRUint32 keysize ); NSS_EXTERN nssHash * -nssHash_CreateCertificate ( +nssHash_CreateCert ( NSSArena *arenaOpt, PRUint32 numBuckets ); diff --git a/security/nss/lib/pki/pkistore.c b/security/nss/lib/pki/pkistore.c index 5d4022f45..d352aa978 100644 --- a/security/nss/lib/pki/pkistore.c +++ b/security/nss/lib/pki/pkistore.c @@ -49,18 +49,18 @@ static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"; /* taking from certificate implementation... move to pkim.h? */ NSS_EXTERN PRUint32 -nssCertificate_Hash ( - NSSCertificate *c +nssCert_Hash ( + NSSCert *c ); -NSS_EXTERN NSSCertificate * -nssCertificate_CreateIndexCert ( +NSS_EXTERN NSSCert * +nssCert_CreateIndexCert ( NSSDER *issuer, NSSDER *serial ); /* - * Certificate Store + * Cert Store * * This differs from the cache in that it is a true storage facility. Items * stay in until they are explicitly removed. It is only used by crypto @@ -68,7 +68,7 @@ nssCertificate_CreateIndexCert ( * */ -struct nssCertificateStoreStr +struct nssCertStoreStr { PRBool i_allocated_arena; NSSArena *arena; @@ -81,22 +81,22 @@ typedef struct certificate_hash_entry_str certificate_hash_entry; struct certificate_hash_entry_str { - NSSCertificate *cert; + NSSCert *cert; nssTrust *trust; nssSMIMEProfile *profile; }; #if 0 /* XXX This a common function that should be moved out, possibly an - * nssSubjectCertificateList should be created? + * nssSubjectCertList should be created? */ /* sort the subject list from newest to oldest */ static PRIntn subject_list_sort(void *v1, void *v2) { - NSSCertificate *c1 = (NSSCertificate *)v1; - NSSCertificate *c2 = (NSSCertificate *)v2; - nssDecodedCert *dc1 = nssCertificate_GetDecoding(c1); - nssDecodedCert *dc2 = nssCertificate_GetDecoding(c2); + NSSCert *c1 = (NSSCert *)v1; + NSSCert *c2 = (NSSCert *)v2; + nssDecodedCert *dc1 = nssCert_GetDecoding(c1); + nssDecodedCert *dc2 = nssCert_GetDecoding(c2); if (dc1->isNewerThan(dc1, dc2)) { return -1; } else { @@ -108,7 +108,7 @@ static PRIntn subject_list_sort(void *v1, void *v2) struct subject_list_node_str { PRCList link; - NSSCertificate *cert; + NSSCert *cert; }; struct subject_hash_entry_str @@ -146,7 +146,7 @@ subject_hash_entry_destroy ( static PRStatus subject_hash_entry_add ( subject_hash_entry *entry, - NSSCertificate *cert + NSSCert *cert ) { struct subject_list_node_str *node; @@ -154,7 +154,7 @@ subject_hash_entry_add ( /* XXX sort by validity */ while (link != &entry->head) { node = (struct subject_list_node_str *)link; - if (nssCertificate_IssuerAndSerialEqual(cert, node->cert)) { + if (nssCert_IssuerAndSerialEqual(cert, node->cert)) { /* cert already in */ return PR_FAILURE; } @@ -174,7 +174,7 @@ subject_hash_entry_add ( static void subject_hash_entry_remove ( subject_hash_entry *entry, - NSSCertificate *cert + NSSCert *cert ) { struct subject_list_node_str *node; @@ -194,7 +194,7 @@ subject_hash_entry_remove ( static void get_subject_entry_certs ( subject_hash_entry *entry, - NSSCertificate **array, + NSSCert **array, PRUint32 count ) { @@ -203,18 +203,18 @@ get_subject_entry_certs ( PRCList *link = PR_NEXT_LINK(&entry->head); while (link != &entry->head && i < count) { node = (struct subject_list_node_str *)link; - array[i++] = nssCertificate_AddRef(node->cert); + array[i++] = nssCert_AddRef(node->cert); link = PR_NEXT_LINK(link); } } -NSS_IMPLEMENT nssCertificateStore * -nssCertificateStore_Create ( +NSS_IMPLEMENT nssCertStore * +nssCertStore_Create ( NSSArena *arenaOpt ) { NSSArena *arena; - nssCertificateStore *store; + nssCertStore *store; PRBool i_allocated_arena; if (arenaOpt) { arena = arenaOpt; @@ -226,7 +226,7 @@ nssCertificateStore_Create ( } i_allocated_arena = PR_TRUE; } - store = nss_ZNEW(arena, nssCertificateStore); + store = nss_ZNEW(arena, nssCertStore); if (!store) { goto loser; } @@ -235,7 +235,7 @@ nssCertificateStore_Create ( goto loser; } /* Create the issuer/serial --> {cert, trust, S/MIME profile } hash */ - store->issuer_and_serial = nssHash_CreateCertificate(arena, 0); + store->issuer_and_serial = nssHash_CreateCert(arena, 0); if (!store->issuer_and_serial) { goto loser; } @@ -266,8 +266,8 @@ loser: } NSS_IMPLEMENT void -nssCertificateStore_Destroy ( - nssCertificateStore *store +nssCertStore_Destroy ( + nssCertStore *store ) { PZ_DestroyLock(store->lock); @@ -282,8 +282,8 @@ nssCertificateStore_Destroy ( static PRStatus add_certificate_entry ( - nssCertificateStore *store, - NSSCertificate *cert + nssCertStore *store, + NSSCert *cert ) { PRStatus status; @@ -302,13 +302,13 @@ add_certificate_entry ( static PRStatus add_subject_entry ( - nssCertificateStore *store, - NSSCertificate *cert + nssCertStore *store, + NSSCert *cert ) { PRStatus status; subject_hash_entry *entry; - NSSDER *subject = nssCertificate_GetSubject(cert); + NSSDER *subject = nssCert_GetSubject(cert); entry = (subject_hash_entry *)nssHash_Lookup(store->subject, subject); if (entry) { /* The subject is already in, add this cert to the list */ @@ -333,14 +333,14 @@ add_subject_entry ( /* declared below */ static void remove_certificate_entry ( - nssCertificateStore *store, - NSSCertificate *cert + nssCertStore *store, + NSSCert *cert ); NSS_IMPLEMENT PRStatus -nssCertificateStore_Add ( - nssCertificateStore *store, - NSSCertificate *cert +nssCertStore_Add ( + nssCertStore *store, + NSSCert *cert ) { PRStatus status; @@ -353,7 +353,7 @@ nssCertificateStore_Add ( if (status == PR_SUCCESS) { status = add_subject_entry(store, cert); if (status == PR_SUCCESS) { - nssCertificate_AddRef(cert); /* obtain a reference for the store */ + nssCert_AddRef(cert); /* obtain a reference for the store */ } else { remove_certificate_entry(store, cert); } @@ -364,8 +364,8 @@ nssCertificateStore_Add ( static void remove_certificate_entry ( - nssCertificateStore *store, - NSSCertificate *cert + nssCertStore *store, + NSSCert *cert ) { certificate_hash_entry *entry; @@ -385,12 +385,12 @@ remove_certificate_entry ( static void remove_subject_entry ( - nssCertificateStore *store, - NSSCertificate *cert + nssCertStore *store, + NSSCert *cert ) { subject_hash_entry *entry; - NSSDER *subject = nssCertificate_GetSubject(cert); + NSSDER *subject = nssCert_GetSubject(cert); /* Get the subject list for the cert's subject */ entry = (subject_hash_entry *)nssHash_Lookup(store->subject, subject); if (entry) { @@ -404,9 +404,9 @@ remove_subject_entry ( } NSS_IMPLEMENT void -nssCertificateStore_Remove ( - nssCertificateStore *store, - NSSCertificate *cert +nssCertStore_Remove ( + nssCertStore *store, + NSSCert *cert ) { certificate_hash_entry *entry; @@ -416,23 +416,23 @@ nssCertificateStore_Remove ( if (entry && entry->cert == cert) { remove_certificate_entry(store, cert); remove_subject_entry(store, cert); - NSSCertificate_Destroy(cert); /* release the store's reference */ + NSSCert_Destroy(cert); /* release the store's reference */ } PZ_Unlock(store->lock); } -static NSSCertificate ** +static NSSCert ** get_certs_from_entry ( subject_hash_entry *entry, - NSSCertificate *rvOpt[], + NSSCert *rvOpt[], PRUint32 maximumOpt, NSSArena *arenaOpt ) { PRUint32 count; - NSSCertificate **rvArray = NULL; + NSSCert **rvArray = NULL; if (entry->count == 0) { - return (NSSCertificate **)NULL; + return (NSSCert **)NULL; } if (maximumOpt > 0) { count = PR_MIN(maximumOpt, entry->count); @@ -440,7 +440,7 @@ get_certs_from_entry ( if (rvOpt) { rvArray = rvOpt; } else { - rvArray = nss_ZNEWARRAY(arenaOpt, NSSCertificate *, count + 1); + rvArray = nss_ZNEWARRAY(arenaOpt, NSSCert *, count + 1); } if (rvArray) { get_subject_entry_certs(entry, rvArray, count); @@ -448,16 +448,16 @@ get_certs_from_entry ( return rvArray; } -NSS_IMPLEMENT NSSCertificate ** -nssCertificateStore_FindCertificatesBySubject ( - nssCertificateStore *store, +NSS_IMPLEMENT NSSCert ** +nssCertStore_FindCertsBySubject ( + nssCertStore *store, NSSDER *subject, - NSSCertificate *rvOpt[], + NSSCert *rvOpt[], PRUint32 maximumOpt, NSSArena *arenaOpt ) { - NSSCertificate **rvArray = NULL; + NSSCert **rvArray = NULL; subject_hash_entry *entry; PZ_Lock(store->lock); entry = (subject_hash_entry *)nssHash_Lookup(store->subject, subject); @@ -493,7 +493,7 @@ static void match_nickname(const void *k, void *v, void *a) subject_hash_entry *entry = (subject_hash_entry *)v; struct subject_list_node_str *node; node = (struct subject_list_node_str *)PR_NEXT_LINK(&entry->head); - nickname = nssCertificate_GetNickname(node->cert, NULL); + nickname = nssCert_GetNickname(node->cert, NULL); if (status == PR_SUCCESS && nickname && nssUTF8_Equal(nickname, nt->nickname, &status)) { @@ -504,16 +504,16 @@ static void match_nickname(const void *k, void *v, void *a) /* * Find all cached certs with this label. */ -NSS_IMPLEMENT NSSCertificate ** -nssCertificateStore_FindCertificatesByNickname ( - nssCertificateStore *store, +NSS_IMPLEMENT NSSCert ** +nssCertStore_FindCertsByNickname ( + nssCertStore *store, NSSUTF8 *nickname, - NSSCertificate *rvOpt[], + NSSCert *rvOpt[], PRUint32 maximumOpt, NSSArena *arenaOpt ) { - NSSCertificate **rvArray = NULL; + NSSCert **rvArray = NULL; struct nickname_template_str nt; nt.nickname = nickname; nt.entry = NULL; @@ -531,7 +531,7 @@ struct email_template_str NSSASCII7 *email; NSSArena *arena; PRUint32 maximum; - NSSCertificate **certs; + NSSCert **certs; PRUint32 numCerts; }; @@ -543,18 +543,18 @@ static void match_email(const void *k, void *v, void *a) subject_hash_entry *entry = (subject_hash_entry *)v; struct subject_list_node_str *node; node = (struct subject_list_node_str *)PR_NEXT_LINK(&entry->head); - email = nssCertificate_GetEmailAddress(node->cert); + email = nssCert_GetEmailAddress(node->cert); if (nssUTF8_Equal(email, et->email, &status)) { PRUint32 i, count = entry->count; if (et->numCerts == 0 && !et->certs) { /* First encounter with matching certs, and need to allocate * an array for them */ - et->certs = nss_ZNEWARRAY(et->arena, NSSCertificate *, count + 1); + et->certs = nss_ZNEWARRAY(et->arena, NSSCert *, count + 1); } else if (et->maximum == 0 && et->certs) { /* Already have matching certs, need to realloc */ et->certs = nss_ZREALLOCARRAY(et->certs, - NSSCertificate *, + NSSCert *, et->numCerts + count + 1); } if (!et->certs) { @@ -566,7 +566,7 @@ static void match_email(const void *k, void *v, void *a) count = et->maximum - et->numCerts; } for (i=0; i<count; i++) { - et->certs[et->numCerts++] = nssCertificate_AddRef(node->cert); + et->certs[et->numCerts++] = nssCert_AddRef(node->cert); } } } @@ -574,11 +574,11 @@ static void match_email(const void *k, void *v, void *a) /* * Find all cached certs with this email address. */ -NSS_IMPLEMENT NSSCertificate ** -nssCertificateStore_FindCertificatesByEmail ( - nssCertificateStore *store, +NSS_IMPLEMENT NSSCert ** +nssCertStore_FindCertsByEmail ( + nssCertStore *store, NSSASCII7 *email, - NSSCertificate *rvOpt[], + NSSCert *rvOpt[], PRUint32 maximumOpt, NSSArena *arenaOpt ) @@ -595,22 +595,22 @@ nssCertificateStore_FindCertificatesByEmail ( return et.certs; } -NSS_IMPLEMENT NSSCertificate * -nssCertificateStore_FindCertificateByIssuerAndSerialNumber ( - nssCertificateStore *store, +NSS_IMPLEMENT NSSCert * +nssCertStore_FindCertByIssuerAndSerialNumber ( + nssCertStore *store, NSSDER *issuer, NSSDER *serial ) { certificate_hash_entry *entry; - NSSCertificate *index; - NSSCertificate *rvCert = NULL; - index = nssCertificate_CreateIndexCert(issuer, serial); + NSSCert *index; + NSSCert *rvCert = NULL; + index = nssCert_CreateIndexCert(issuer, serial); PZ_Lock(store->lock); entry = (certificate_hash_entry *) nssHash_Lookup(store->issuer_and_serial, &index); if (entry) { - rvCert = nssCertificate_AddRef(entry->cert); + rvCert = nssCert_AddRef(entry->cert); } PZ_Unlock(store->lock); nss_ZFreeIf(index); @@ -646,22 +646,22 @@ issuer_and_serial_from_encoding ( } #endif -NSS_IMPLEMENT NSSCertificate * -nssCertificateStore_FindCertificateByEncodedCertificate ( - nssCertificateStore *store, +NSS_IMPLEMENT NSSCert * +nssCertStore_FindCertByEncodedCert ( + nssCertStore *store, NSSDER *encoding ) { PRStatus status = PR_FAILURE; NSSDER issuer, serial; - NSSCertificate *rvCert = NULL; + NSSCert *rvCert = NULL; #ifdef NSS_3_4_CODE status = issuer_and_serial_from_encoding(encoding, &issuer, &serial); #endif if (status != PR_SUCCESS) { return NULL; } - rvCert = nssCertificateStore_FindCertificateByIssuerAndSerialNumber(store, + rvCert = nssCertStore_FindCertByIssuerAndSerialNumber(store, &issuer, &serial); #ifdef NSS_3_4_CODE @@ -672,13 +672,13 @@ nssCertificateStore_FindCertificateByEncodedCertificate ( } NSS_EXTERN PRStatus -nssCertificateStore_AddTrust ( - nssCertificateStore *store, +nssCertStore_AddTrust ( + nssCertStore *store, nssTrust *trust ) { #if 0 - NSSCertificate *cert; + NSSCert *cert; certificate_hash_entry *entry; cert = trust->certificate; PZ_Lock(store->lock); @@ -694,9 +694,9 @@ nssCertificateStore_AddTrust ( } NSS_IMPLEMENT nssTrust * -nssCertificateStore_FindTrustForCertificate ( - nssCertificateStore *store, - NSSCertificate *cert +nssCertStore_FindTrustForCert ( + nssCertStore *store, + NSSCert *cert ) { certificate_hash_entry *entry; @@ -712,13 +712,13 @@ nssCertificateStore_FindTrustForCertificate ( } NSS_EXTERN PRStatus -nssCertificateStore_AddSMIMEProfile ( - nssCertificateStore *store, +nssCertStore_AddSMIMEProfile ( + nssCertStore *store, nssSMIMEProfile *profile ) { #if 0 - NSSCertificate *cert; + NSSCert *cert; certificate_hash_entry *entry; cert = profile->certificate; PZ_Lock(store->lock); @@ -734,9 +734,9 @@ nssCertificateStore_AddSMIMEProfile ( } NSS_IMPLEMENT nssSMIMEProfile * -nssCertificateStore_FindSMIMEProfileForCertificate ( - nssCertificateStore *store, - NSSCertificate *cert +nssCertStore_FindSMIMEProfileForCert ( + nssCertStore *store, + NSSCert *cert ) { certificate_hash_entry *entry; @@ -754,18 +754,18 @@ nssCertificateStore_FindSMIMEProfileForCertificate ( static PLHashNumber nss_certificate_hash(const void *c) { - return (PLHashNumber)nssCertificate_Hash((NSSCertificate *)c); + return (PLHashNumber)nssCert_Hash((NSSCert *)c); } static int nss_compare_certs(const void *v1, const void *v2) { - return nssCertificate_IssuerAndSerialEqual((NSSCertificate *)v1, - (NSSCertificate *)v2); + return nssCert_IssuerAndSerialEqual((NSSCert *)v1, + (NSSCert *)v2); } NSS_IMPLEMENT nssHash * -nssHash_CreateCertificate ( +nssHash_CreateCert ( NSSArena *arenaOpt, PRUint32 numBuckets ) @@ -778,8 +778,8 @@ nssHash_CreateCertificate ( } NSS_IMPLEMENT void -nssCertificateStore_DumpStoreInfo ( - nssCertificateStore *store, +nssCertStore_DumpStoreInfo ( + nssCertStore *store, void (* cert_dump_iter)(const void *, void *, void *), void *arg ) diff --git a/security/nss/lib/pki/pkistore.h b/security/nss/lib/pki/pkistore.h index d252eb192..76a600830 100644 --- a/security/nss/lib/pki/pkistore.h +++ b/security/nss/lib/pki/pkistore.h @@ -58,117 +58,117 @@ PR_BEGIN_EXTERN_C */ /* - * nssCertificateStore + * nssCertStore * * Manages local store of certificate, trust, and S/MIME profile objects. * Within a crypto context, mappings of cert to trust and cert to S/MIME * profile are always 1-1. Therefore, it is reasonable to store all objects * in a single collection, indexed by the certificate. * - * nssCertificateStore_Create - * nssCertificateStore_Destroy - * nssCertificateStore_Add - * nssCertificateStore_Remove - * nssCertificateStore_FindCertificatesBySubject - * nssCertificateStore_FindCertificatesByNickname - * nssCertificateStore_FindCertificatesByEmail - * nssCertificateStore_FindCertificateByIssuerAndSerialNumber - * nssCertificateStore_FindCertificateByEncodedCertificate - * nssCertificateStore_AddTrust - * nssCertificateStore_FindTrustForCertificate - * nssCertificateStore_AddSMIMEProfile - * nssCertificateStore_FindSMIMEProfileForCertificate + * nssCertStore_Create + * nssCertStore_Destroy + * nssCertStore_Add + * nssCertStore_Remove + * nssCertStore_FindCertsBySubject + * nssCertStore_FindCertsByNickname + * nssCertStore_FindCertsByEmail + * nssCertStore_FindCertByIssuerAndSerialNumber + * nssCertStore_FindCertByEncodedCert + * nssCertStore_AddTrust + * nssCertStore_FindTrustForCert + * nssCertStore_AddSMIMEProfile + * nssCertStore_FindSMIMEProfileForCert */ -NSS_EXTERN nssCertificateStore * -nssCertificateStore_Create ( +NSS_EXTERN nssCertStore * +nssCertStore_Create ( NSSArena *arenaOpt ); NSS_EXTERN void -nssCertificateStore_Destroy ( - nssCertificateStore *store +nssCertStore_Destroy ( + nssCertStore *store ); NSS_EXTERN PRStatus -nssCertificateStore_Add ( - nssCertificateStore *store, - NSSCertificate *cert +nssCertStore_Add ( + nssCertStore *store, + NSSCert *cert ); NSS_EXTERN void -nssCertificateStore_Remove ( - nssCertificateStore *store, - NSSCertificate *cert +nssCertStore_Remove ( + nssCertStore *store, + NSSCert *cert ); -NSS_EXTERN NSSCertificate ** -nssCertificateStore_FindCertificatesBySubject ( - nssCertificateStore *store, +NSS_EXTERN NSSCert ** +nssCertStore_FindCertsBySubject ( + nssCertStore *store, NSSDER *subject, - NSSCertificate *rvOpt[], + NSSCert *rvOpt[], PRUint32 maximumOpt, NSSArena *arenaOpt ); -NSS_EXTERN NSSCertificate ** -nssCertificateStore_FindCertificatesByNickname ( - nssCertificateStore *store, +NSS_EXTERN NSSCert ** +nssCertStore_FindCertsByNickname ( + nssCertStore *store, NSSUTF8 *nickname, - NSSCertificate *rvOpt[], + NSSCert *rvOpt[], PRUint32 maximumOpt, NSSArena *arenaOpt ); -NSS_EXTERN NSSCertificate ** -nssCertificateStore_FindCertificatesByEmail ( - nssCertificateStore *store, +NSS_EXTERN NSSCert ** +nssCertStore_FindCertsByEmail ( + nssCertStore *store, NSSASCII7 *email, - NSSCertificate *rvOpt[], + NSSCert *rvOpt[], PRUint32 maximumOpt, NSSArena *arenaOpt ); -NSS_EXTERN NSSCertificate * -nssCertificateStore_FindCertificateByIssuerAndSerialNumber ( - nssCertificateStore *store, +NSS_EXTERN NSSCert * +nssCertStore_FindCertByIssuerAndSerialNumber ( + nssCertStore *store, NSSDER *issuer, NSSDER *serial ); -NSS_EXTERN NSSCertificate * -nssCertificateStore_FindCertificateByEncodedCertificate ( - nssCertificateStore *store, +NSS_EXTERN NSSCert * +nssCertStore_FindCertByEncodedCert ( + nssCertStore *store, NSSDER *encoding ); NSS_EXTERN PRStatus -nssCertificateStore_AddTrust ( - nssCertificateStore *store, +nssCertStore_AddTrust ( + nssCertStore *store, nssTrust *trust ); NSS_EXTERN nssTrust * -nssCertificateStore_FindTrustForCertificate ( - nssCertificateStore *store, - NSSCertificate *cert +nssCertStore_FindTrustForCert ( + nssCertStore *store, + NSSCert *cert ); NSS_EXTERN PRStatus -nssCertificateStore_AddSMIMEProfile ( - nssCertificateStore *store, +nssCertStore_AddSMIMEProfile ( + nssCertStore *store, nssSMIMEProfile *profile ); NSS_EXTERN nssSMIMEProfile * -nssCertificateStore_FindSMIMEProfileForCertificate ( - nssCertificateStore *store, - NSSCertificate *cert +nssCertStore_FindSMIMEProfileForCert ( + nssCertStore *store, + NSSCert *cert ); NSS_EXTERN void -nssCertificateStore_DumpStoreInfo ( - nssCertificateStore *store, +nssCertStore_DumpStoreInfo ( + nssCertStore *store, void (* cert_dump_iter)(const void *, void *, void *), void *arg ); diff --git a/security/nss/lib/pki/pkit.h b/security/nss/lib/pki/pkit.h index 70af31e69..d95ef3a67 100644 --- a/security/nss/lib/pki/pkit.h +++ b/security/nss/lib/pki/pkit.h @@ -55,22 +55,22 @@ static const char PKIT_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"; PR_BEGIN_EXTERN_C /* XXX */ -typedef struct nssCertificateCacheStr nssCertificateCache; +typedef struct nssCertCacheStr nssCertCache; typedef PRUint32 nssUpdateLevel; typedef struct nssDecodedCertStr nssDecodedCert; -typedef struct nssCertificateStoreStr nssCertificateStore; +typedef struct nssCertStoreStr nssCertStore; /* How wide is the scope of this? */ typedef struct nssSMIMEProfileStr nssSMIMEProfile; -struct NSSSymmetricKeyStr; +struct NSSSymKeyStr; struct NSSPoliciesStr; -struct NSSPKIXCertificateStr; +struct NSSPKIXCertStr; typedef struct nssTrustStr nssTrust; diff --git a/security/nss/lib/pki/pkitm.h b/security/nss/lib/pki/pkitm.h index c8d2da5bf..547424756 100644 --- a/security/nss/lib/pki/pkitm.h +++ b/security/nss/lib/pki/pkitm.h @@ -102,10 +102,10 @@ struct nssPKIObjectStr typedef struct nssPKIObjectStr nssPKIObject; -/* nssCertificateCollection +/* nssCertCollection * * You guessed it; a collection of certs. Each entry may be either an - * NSSCertificate or an nssProtoCertificate. + * NSSCert or an nssProtoCert. */ typedef struct nssPKIObjectCollectionStr nssPKIObjectCollection; @@ -113,7 +113,7 @@ typedef struct nssPKIObjectCollectionStr nssPKIObjectCollection; typedef struct { union { - PRStatus (* cert)(NSSCertificate *c, void *arg); + PRStatus (* cert)(NSSCert *c, void *arg); PRStatus (* crl)(NSSCRL *crl, void *arg); PRStatus (* pvkey)(NSSPrivateKey *vk, void *arg); PRStatus (* pbkey)(NSSPublicKey *bk, void *arg); @@ -125,7 +125,7 @@ typedef struct struct nssTrustStr { nssPKIObject object; - NSSCertificate *certificate; + NSSCert *certificate; nssTrustLevel serverAuth; nssTrustLevel clientAuth; nssTrustLevel emailProtection; diff --git a/security/nss/lib/pki/symmkey.c b/security/nss/lib/pki/symmkey.c index fd89bddb6..02e671c76 100644 --- a/security/nss/lib/pki/symmkey.c +++ b/security/nss/lib/pki/symmkey.c @@ -44,42 +44,42 @@ static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"; #endif /* PKIM_H */ -struct NSSSymmetricKeyStr +struct NSSSymKeyStr { nssPKIObject object; - NSSSymmetricKeyType kind; + NSSSymKeyType kind; PRUint32 length; /* XXX 64-bit... */ NSSOperations operations; }; -NSS_IMPLEMENT NSSSymmetricKey * -nssSymmetricKey_Create ( +NSS_IMPLEMENT NSSSymKey * +nssSymKey_Create ( nssPKIObject *object ) { PRStatus status; - NSSSymmetricKey *rvKey; + NSSSymKey *rvKey; NSSArena *arena = object->arena; PR_ASSERT(object->instances != NULL && object->numInstances > 0); - rvKey = nss_ZNEW(arena, NSSSymmetricKey); + rvKey = nss_ZNEW(arena, NSSSymKey); if (!rvKey) { - return (NSSSymmetricKey *)NULL; + return (NSSSymKey *)NULL; } rvKey->object = *object; /* XXX should choose instance based on some criteria */ - status = nssCryptokiSymmetricKey_GetAttributes(object->instances[0], + status = nssCryptokiSymKey_GetAttributes(object->instances[0], arena, &rvKey->kind, &rvKey->length, &rvKey->operations); if (status != PR_SUCCESS) { - return (NSSSymmetricKey *)NULL; + return (NSSSymKey *)NULL; } return rvKey; } -NSS_IMPLEMENT NSSSymmetricKey * -nssSymmetricKey_CreateFromInstance ( +NSS_IMPLEMENT NSSSymKey * +nssSymKey_CreateFromInstance ( nssCryptokiObject *instance, NSSTrustDomain *td, NSSVolatileDomain *vdOpt @@ -89,14 +89,14 @@ nssSymmetricKey_CreateFromInstance ( pkio = nssPKIObject_Create(NULL, instance, td, vdOpt); if (pkio) { - return nssSymmetricKey_Create(pkio); + return nssSymKey_Create(pkio); } - return (NSSSymmetricKey *)NULL; + return (NSSSymKey *)NULL; } -NSS_IMPLEMENT NSSSymmetricKey * -nssSymmetricKey_AddRef ( - NSSSymmetricKey *mk +NSS_IMPLEMENT NSSSymKey * +nssSymKey_AddRef ( + NSSSymKey *mk ) { if (mk) { @@ -106,25 +106,25 @@ nssSymmetricKey_AddRef ( } NSS_IMPLEMENT PRStatus -nssSymmetricKey_Destroy ( - NSSSymmetricKey *mk +nssSymKey_Destroy ( + NSSSymKey *mk ) { return nssPKIObject_Destroy(&mk->object); } NSS_IMPLEMENT PRStatus -NSSSymmetricKey_Destroy ( - NSSSymmetricKey *mk +NSSSymKey_Destroy ( + NSSSymKey *mk ) { - nssSymmetricKey_Destroy(mk); + nssSymKey_Destroy(mk); return PR_SUCCESS; } NSS_IMPLEMENT NSSToken ** -nssSymmetricKey_GetTokens ( - NSSSymmetricKey *mk, +nssSymKey_GetTokens ( + NSSSymKey *mk, PRStatus *statusOpt ) { @@ -132,8 +132,8 @@ nssSymmetricKey_GetTokens ( } NSS_IMPLEMENT nssCryptokiObject * -nssSymmetricKey_GetInstance ( - NSSSymmetricKey *mk, +nssSymKey_GetInstance ( + NSSSymKey *mk, NSSToken *token ) { @@ -141,8 +141,8 @@ nssSymmetricKey_GetInstance ( } NSS_IMPLEMENT nssCryptokiObject * -nssSymmetricKey_FindInstanceForAlgorithm ( - NSSSymmetricKey *mk, +nssSymKey_FindInstanceForAlgorithm ( + NSSSymKey *mk, const NSSAlgNParam *ap ) { @@ -150,8 +150,8 @@ nssSymmetricKey_FindInstanceForAlgorithm ( } NSS_IMPLEMENT PRBool -nssSymmetricKey_IsOnToken ( - NSSSymmetricKey *mk, +nssSymKey_IsOnToken ( + NSSSymKey *mk, NSSToken *token ) { @@ -159,8 +159,8 @@ nssSymmetricKey_IsOnToken ( } NSS_IMPLEMENT PRStatus -nssSymmetricKey_DeleteStoredObject ( - NSSSymmetricKey *mk, +nssSymKey_DeleteStoredObject ( + NSSSymKey *mk, NSSCallback *uhh ) { @@ -168,17 +168,17 @@ nssSymmetricKey_DeleteStoredObject ( } NSS_IMPLEMENT PRStatus -NSSSymmetricKey_DeleteStoredObject ( - NSSSymmetricKey *mk, +NSSSymKey_DeleteStoredObject ( + NSSSymKey *mk, NSSCallback *uhh ) { - return nssSymmetricKey_DeleteStoredObject(mk, uhh); + return nssSymKey_DeleteStoredObject(mk, uhh); } NSS_IMPLEMENT nssCryptokiObject * -nssSymmetricKey_CopyToToken ( - NSSSymmetricKey *mk, +nssSymKey_CopyToToken ( + NSSSymKey *mk, NSSToken *destination, PRBool asPersistentObject ) @@ -192,7 +192,7 @@ nssSymmetricKey_CopyToToken ( return (nssCryptokiObject *)NULL; } /* XXX kind of a hack to peek into first instance like this */ - mko = nssCryptokiSymmetricKey_Copy(mk->object.instances[0], + mko = nssCryptokiSymKey_Copy(mk->object.instances[0], mk->object.instances[0]->session, destination, session, asPersistentObject); @@ -210,19 +210,19 @@ nssSymmetricKey_CopyToToken ( } NSS_IMPLEMENT PRUint32 -nssSymmetricKey_GetKeyLength ( - NSSSymmetricKey *mk +nssSymKey_GetKeyLength ( + NSSSymKey *mk ) { return mk->length; } NSS_IMPLEMENT PRUint32 -NSSSymmetricKey_GetKeyLength ( - NSSSymmetricKey *mk +NSSSymKey_GetKeyLength ( + NSSSymKey *mk ) { - return nssSymmetricKey_GetKeyLength(mk); + return nssSymKey_GetKeyLength(mk); } #ifndef BPB @@ -230,24 +230,24 @@ NSSSymmetricKey_GetKeyLength ( #endif NSS_IMPLEMENT PRUint32 -NSSSymmetricKey_GetKeyStrength ( - NSSSymmetricKey *mk +NSSSymKey_GetKeyStrength ( + NSSSymKey *mk ) { /* XXX look these up */ switch (mk->kind) { - case NSSSymmetricKeyType_DES: return 56; - case NSSSymmetricKeyType_TripleDES: return 112; /* IIRC */ - case NSSSymmetricKeyType_RC2: return -1; /* need eff. len. */ - case NSSSymmetricKeyType_RC4: return mk->length * BPB; - case NSSSymmetricKeyType_AES: return mk->length * BPB; + case NSSSymKeyType_DES: return 56; + case NSSSymKeyType_TripleDES: return 112; /* IIRC */ + case NSSSymKeyType_RC2: return -1; /* need eff. len. */ + case NSSSymKeyType_RC4: return mk->length * BPB; + case NSSSymKeyType_AES: return mk->length * BPB; default: return -1; } } NSS_IMPLEMENT PRStatus -NSSSymmetricKey_IsStillPresent ( - NSSSymmetricKey *mk +NSSSymKey_IsStillPresent ( + NSSSymKey *mk ) { nss_SetError(NSS_ERROR_NOT_FOUND); @@ -255,8 +255,8 @@ NSSSymmetricKey_IsStillPresent ( } NSS_IMPLEMENT NSSTrustDomain * -nssSymmetricKey_GetTrustDomain ( - NSSSymmetricKey *mk, +nssSymKey_GetTrustDomain ( + NSSSymKey *mk, PRStatus *statusOpt ) { @@ -264,17 +264,17 @@ nssSymmetricKey_GetTrustDomain ( } NSS_IMPLEMENT NSSTrustDomain * -NSSSymmetricKey_GetTrustDomain ( - NSSSymmetricKey *mk, +NSSSymKey_GetTrustDomain ( + NSSSymKey *mk, PRStatus *statusOpt ) { - return nssSymmetricKey_GetTrustDomain(mk, statusOpt); + return nssSymKey_GetTrustDomain(mk, statusOpt); } NSS_IMPLEMENT NSSToken * -NSSSymmetricKey_GetToken ( - NSSSymmetricKey *mk, +NSSSymKey_GetToken ( + NSSSymKey *mk, PRStatus *statusOpt ) { @@ -283,8 +283,8 @@ NSSSymmetricKey_GetToken ( } NSS_IMPLEMENT NSSSlot * -NSSSymmetricKey_GetSlot ( - NSSSymmetricKey *mk, +NSSSymKey_GetSlot ( + NSSSymKey *mk, PRStatus *statusOpt ) { @@ -293,8 +293,8 @@ NSSSymmetricKey_GetSlot ( } NSS_IMPLEMENT NSSModule * -NSSSymmetricKey_GetModule ( - NSSSymmetricKey *mk, +NSSSymKey_GetModule ( + NSSSymKey *mk, PRStatus *statusOpt ) { @@ -303,8 +303,8 @@ NSSSymmetricKey_GetModule ( } NSS_IMPLEMENT NSSItem * -nssSymmetricKey_Encrypt ( - NSSSymmetricKey *mk, +nssSymKey_Encrypt ( + NSSSymKey *mk, const NSSAlgNParam *ap, NSSItem *data, NSSCallback *uhh, @@ -335,8 +335,8 @@ nssSymmetricKey_Encrypt ( } NSS_IMPLEMENT NSSItem * -NSSSymmetricKey_Encrypt ( - NSSSymmetricKey *mk, +NSSSymKey_Encrypt ( + NSSSymKey *mk, const NSSAlgNParam *ap, NSSItem *data, NSSCallback *uhh, @@ -344,12 +344,12 @@ NSSSymmetricKey_Encrypt ( NSSArena *arenaOpt ) { - return nssSymmetricKey_Encrypt(mk, ap, data, uhh, rvOpt, arenaOpt); + return nssSymKey_Encrypt(mk, ap, data, uhh, rvOpt, arenaOpt); } NSS_IMPLEMENT NSSItem * -nssSymmetricKey_Decrypt ( - NSSSymmetricKey *mk, +nssSymKey_Decrypt ( + NSSSymKey *mk, const NSSAlgNParam *ap, NSSItem *encryptedData, NSSCallback *uhh, @@ -380,8 +380,8 @@ nssSymmetricKey_Decrypt ( } NSS_IMPLEMENT NSSItem * -NSSSymmetricKey_Decrypt ( - NSSSymmetricKey *mk, +NSSSymKey_Decrypt ( + NSSSymKey *mk, const NSSAlgNParam *ap, NSSItem *encryptedData, NSSCallback *uhh, @@ -389,13 +389,13 @@ NSSSymmetricKey_Decrypt ( NSSArena *arenaOpt ) { - return nssSymmetricKey_Decrypt(mk, ap, encryptedData, + return nssSymKey_Decrypt(mk, ap, encryptedData, uhh, rvOpt, arenaOpt); } NSS_IMPLEMENT NSSItem * -nssSymmetricKey_Sign ( - NSSSymmetricKey *mk, +nssSymKey_Sign ( + NSSSymKey *mk, const NSSAlgNParam *ap, NSSItem *data, NSSCallback *uhh, @@ -426,8 +426,8 @@ nssSymmetricKey_Sign ( } NSS_IMPLEMENT NSSItem * -NSSSymmetricKey_Sign ( - NSSSymmetricKey *mk, +NSSSymKey_Sign ( + NSSSymKey *mk, const NSSAlgNParam *ap, NSSItem *data, NSSCallback *uhh, @@ -435,12 +435,12 @@ NSSSymmetricKey_Sign ( NSSArena *arenaOpt ) { - return nssSymmetricKey_Sign(mk, ap, data, uhh, rvOpt, arenaOpt); + return nssSymKey_Sign(mk, ap, data, uhh, rvOpt, arenaOpt); } NSS_IMPLEMENT PRStatus -nssSymmetricKey_Verify ( - NSSSymmetricKey *mk, +nssSymKey_Verify ( + NSSSymKey *mk, const NSSAlgNParam *ap, NSSItem *data, NSSItem *signature, @@ -478,22 +478,22 @@ nssSymmetricKey_Verify ( } NSS_IMPLEMENT PRStatus -NSSSymmetricKey_Verify ( - NSSSymmetricKey *mk, +NSSSymKey_Verify ( + NSSSymKey *mk, const NSSAlgNParam *ap, NSSItem *data, NSSItem *signature, NSSCallback *uhh ) { - return nssSymmetricKey_Verify(mk, ap, data, signature, uhh); + return nssSymKey_Verify(mk, ap, data, signature, uhh); } NSS_IMPLEMENT NSSItem * -NSSSymmetricKey_WrapSymmetricKey ( - NSSSymmetricKey *wrappingKey, +NSSSymKey_WrapSymKey ( + NSSSymKey *wrappingKey, const NSSAlgNParam *ap, - NSSSymmetricKey *keyToWrap, + NSSSymKey *keyToWrap, NSSCallback *uhh, NSSItem *rvOpt, NSSArena *arenaOpt @@ -504,8 +504,8 @@ NSSSymmetricKey_WrapSymmetricKey ( } NSS_IMPLEMENT NSSItem * -NSSSymmetricKey_WrapPrivateKey ( - NSSSymmetricKey *wrappingKey, +NSSSymKey_WrapPrivateKey ( + NSSSymKey *wrappingKey, const NSSAlgNParam *ap, NSSPrivateKey *keyToWrap, NSSCallback *uhh, @@ -517,9 +517,9 @@ NSSSymmetricKey_WrapPrivateKey ( return NULL; } -NSS_IMPLEMENT NSSSymmetricKey * -NSSSymmetricKey_UnwrapSymmetricKey ( - NSSSymmetricKey *wrappingKey, +NSS_IMPLEMENT NSSSymKey * +NSSSymKey_UnwrapSymKey ( + NSSSymKey *wrappingKey, const NSSAlgNParam *ap, NSSItem *wrappedKey, NSSOID *target, @@ -533,8 +533,8 @@ NSSSymmetricKey_UnwrapSymmetricKey ( } NSS_IMPLEMENT NSSPrivateKey * -NSSSymmetricKey_UnwrapPrivateKey ( - NSSSymmetricKey *wrappingKey, +NSSSymKey_UnwrapPrivateKey ( + NSSSymKey *wrappingKey, const NSSAlgNParam *ap, NSSItem *wrappedKey, NSSUTF8 *labelOpt, @@ -549,11 +549,11 @@ NSSSymmetricKey_UnwrapPrivateKey ( return NULL; } -NSS_IMPLEMENT NSSSymmetricKey * -nssSymmetricKey_DeriveSymmetricKey ( - NSSSymmetricKey *originalKey, +NSS_IMPLEMENT NSSSymKey * +nssSymKey_DeriveSymKey ( + NSSSymKey *originalKey, const NSSAlgNParam *ap, - NSSSymmetricKeyType target, + NSSSymKeyType target, PRUint32 keySizeOpt, NSSOperations operations, NSSCallback *uhh @@ -563,51 +563,51 @@ nssSymmetricKey_DeriveSymmetricKey ( return NULL; } -NSS_IMPLEMENT NSSSymmetricKey * -NSSSymmetricKey_DeriveSymmetricKey ( - NSSSymmetricKey *originalKey, +NSS_IMPLEMENT NSSSymKey * +NSSSymKey_DeriveSymKey ( + NSSSymKey *originalKey, const NSSAlgNParam *ap, - NSSSymmetricKeyType target, + NSSSymKeyType target, PRUint32 keySizeOpt, NSSOperations operations, NSSCallback *uhh ) { - return nssSymmetricKey_DeriveSymmetricKey(originalKey, ap, target, + return nssSymKey_DeriveSymKey(originalKey, ap, target, keySizeOpt, operations, uhh); } NSS_IMPLEMENT NSSCryptoContext * -nssSymmetricKey_CreateCryptoContext ( - NSSSymmetricKey *mk, +nssSymKey_CreateCryptoContext ( + NSSSymKey *mk, const NSSAlgNParam *apOpt, NSSCallback *uhh ) { NSSCryptoContext *cc; - cc = nssCryptoContext_CreateForSymmetricKey(mk, apOpt, uhh); + cc = nssCryptoContext_CreateForSymKey(mk, apOpt, uhh); return cc; } NSS_IMPLEMENT NSSCryptoContext * -NSSSymmetricKey_CreateCryptoContext ( - NSSSymmetricKey *mk, +NSSSymKey_CreateCryptoContext ( + NSSSymKey *mk, const NSSAlgNParam *apOpt, NSSCallback *uhh ) { - return nssSymmetricKey_CreateCryptoContext(mk, apOpt, uhh); + return nssSymKey_CreateCryptoContext(mk, apOpt, uhh); } NSS_IMPLEMENT PRStatus -nssSymmetricKey_DeriveSSLSessionKeys ( - NSSSymmetricKey *masterSecret, +nssSymKey_DeriveSSLSessionKeys ( + NSSSymKey *masterSecret, const NSSAlgNParam *ap, - NSSSymmetricKeyType bulkKeyType, + NSSSymKeyType bulkKeyType, NSSOperations operations, NSSProperties properties, PRUint32 keySize, - NSSSymmetricKey **sessionKeys + NSSSymKey **sessionKeys ) { nssCryptokiObject *mso; /* only one instance of master secret */ @@ -624,7 +624,7 @@ nssSymmetricKey_DeriveSSLSessionKeys ( return PR_FAILURE; } for (i=0; i<4; i++) { - sessionKeys[i] = nssSymmetricKey_CreateFromInstance(skeys[i], + sessionKeys[i] = nssSymKey_CreateFromInstance(skeys[i], masterSecret->object.td, masterSecret->object.vd); if (!sessionKeys[i]) break; @@ -632,7 +632,7 @@ nssSymmetricKey_DeriveSSLSessionKeys ( if (i < 4) { nssCryptokiObject_Destroy(skeys[i]); for (--i; i>=0; --i) { - nssSymmetricKey_Destroy(sessionKeys[i]); + nssSymKey_Destroy(sessionKeys[i]); } status = PR_FAILURE; } @@ -640,14 +640,14 @@ nssSymmetricKey_DeriveSSLSessionKeys ( } NSS_IMPLEMENT void -nssSymmetricKeyArray_Destroy ( - NSSSymmetricKey **mkeys +nssSymKeyArray_Destroy ( + NSSSymKey **mkeys ) { - NSSSymmetricKey **mk = mkeys; + NSSSymKey **mk = mkeys; if (mkeys) { while (mk++) { - nssSymmetricKey_Destroy(*mk); + nssSymKey_Destroy(*mk); } } nss_ZFreeIf(mkeys); diff --git a/security/nss/lib/pki/trustdomain.c b/security/nss/lib/pki/trustdomain.c index bd1f451a3..5ab3929e0 100644 --- a/security/nss/lib/pki/trustdomain.c +++ b/security/nss/lib/pki/trustdomain.c @@ -63,7 +63,7 @@ struct NSSTrustDomainStr { nssSlotList *forTrust; } slots; #ifdef CERT_CACHE - nssCertificateCache *cache; + nssCertCache *cache; #endif /* CERT_CACHE */ }; @@ -99,7 +99,7 @@ NSSTrustDomain_Create ( goto loser; } #ifdef CERT_CACHE - rvTD->cache = nssCertificateCache_Create(); + rvTD->cache = nssCertCache_Create(); if (!rvTD->cache) { goto loser; } @@ -125,7 +125,7 @@ NSSTrustDomain_Destroy ( nssSlotList_Destroy(td->slots.forCiphers); nssSlotList_Destroy(td->slots.forTrust); #ifdef CERT_CACHE - nssCertificateCache_Destroy(td->cache); + nssCertCache_Destroy(td->cache); #endif /* CERT_CACHE */ /* Destroy the trust domain */ nssArena_Destroy(td->arena); @@ -405,10 +405,10 @@ NSSTrustDomain_Logout ( return PR_FAILURE; } -NSS_IMPLEMENT NSSCertificate * -NSSTrustDomain_ImportCertificate ( +NSS_IMPLEMENT NSSCert * +NSSTrustDomain_ImportCert ( NSSTrustDomain *td, - NSSCertificate *c, + NSSCert *c, NSSToken *destinationOpt ) { @@ -416,8 +416,8 @@ NSSTrustDomain_ImportCertificate ( return NULL; } -NSS_IMPLEMENT NSSCertificate * -nssTrustDomain_ImportEncodedCertificate ( +NSS_IMPLEMENT NSSCert * +nssTrustDomain_ImportEncodedCert ( NSSTrustDomain *td, NSSBER *ber, NSSToken *destinationOpt, @@ -425,42 +425,42 @@ nssTrustDomain_ImportEncodedCertificate ( ) { PRStatus status; - NSSCertificate *c = NULL; + NSSCert *c = NULL; NSSToken *destination = destinationOpt; /* XXX */ - c = nssCertificate_Decode(ber); + c = nssCert_Decode(ber); if (!c) { goto loser; } - status = nssCertificate_CopyToToken(c, destination, nicknameOpt); + status = nssCert_CopyToToken(c, destination, nicknameOpt); if (status == PR_FAILURE) { goto loser; } return c; loser: if (c) { - nssCertificate_Destroy(c); + nssCert_Destroy(c); } - return (NSSCertificate *)NULL; + return (NSSCert *)NULL; } -NSS_IMPLEMENT NSSCertificate * -NSSTrustDomain_ImportEncodedCertificate ( +NSS_IMPLEMENT NSSCert * +NSSTrustDomain_ImportEncodedCert ( NSSTrustDomain *td, NSSBER *ber, NSSToken *destinationOpt, NSSUTF8 *nicknameOpt ) { - return nssTrustDomain_ImportEncodedCertificate(td, ber, destinationOpt, + return nssTrustDomain_ImportEncodedCert(td, ber, destinationOpt, nicknameOpt); } -NSS_IMPLEMENT NSSCertificate ** -NSSTrustDomain_ImportEncodedCertificateChain ( +NSS_IMPLEMENT NSSCert ** +NSSTrustDomain_ImportEncodedCertChain ( NSSTrustDomain *td, NSSBER *ber, - NSSCertificate *rvOpt[], + NSSCert *rvOpt[], PRUint32 maximumOpt, /* 0 for no max */ NSSArena *arenaOpt, NSSToken *destinationOpt @@ -516,11 +516,11 @@ NSSTrustDomain_ImportEncodedPublicKey ( return NULL; } -NSS_IMPLEMENT NSSCertificate ** -nssTrustDomain_FindCertificatesByNickname ( +NSS_IMPLEMENT NSSCert ** +nssTrustDomain_FindCertsByNickname ( NSSTrustDomain *td, NSSUTF8 *name, - NSSCertificate *rvOpt[], + NSSCert *rvOpt[], PRUint32 maximumOpt, /* 0 for no max */ NSSArena *arenaOpt ) @@ -530,12 +530,12 @@ nssTrustDomain_FindCertificatesByNickname ( NSSToken *token = NULL; NSSSlot **slots = NULL; NSSSlot **slotp; - NSSCertificate **rvCerts = NULL; + NSSCert **rvCerts = NULL; nssPKIObjectCollection *collection = NULL; nssUpdateLevel updateLevel; #ifdef CERT_CACHE /* see if this search is already cached */ - rvCerts = nssCertificateCache_FindCertificatesByNickname(td->cache, + rvCerts = nssCertCache_FindCertsByNickname(td->cache, name, rvOpt, maximumOpt, @@ -552,11 +552,11 @@ nssTrustDomain_FindCertificatesByNickname ( /* initialize the collection of token certificates with the set of * cached certs (if any). */ - collection = nssCertificateCollection_Create(td, rvCerts); + collection = nssCertCollection_Create(td, rvCerts); if (!collection) { - return (NSSCertificate **)NULL; + return (NSSCert **)NULL; } - nssCertificateArray_Destroy(rvCerts); + nssCertArray_Destroy(rvCerts); /* obtain the current set of active slots in the trust domain */ slots = nssTrustDomain_GetActiveSlots(td, &updateLevel); if (!slots) { @@ -584,7 +584,7 @@ nssTrustDomain_FindCertificatesByNickname ( nssToken_Destroy(token); goto loser; } - instances = nssToken_FindCertificatesByNickname(token, + instances = nssToken_FindCertsByNickname(token, session, name, tokenOnly, @@ -612,14 +612,14 @@ nssTrustDomain_FindCertificatesByNickname ( } } /* Grab the certs collected in the search. */ - rvCerts = nssPKIObjectCollection_GetCertificates(collection, + rvCerts = nssPKIObjectCollection_GetCerts(collection, rvOpt, maximumOpt, arenaOpt); #ifdef CERT_CACHE /* Cache this search. It is up-to-date w.r.t. the time when it grabbed * the slots to search. */ - status = nssCertificateCache_AddCertificatesForNickname(td->cache, + status = nssCertCache_AddCertsForNickname(td->cache, name, rvCerts, updateLevel); @@ -634,27 +634,27 @@ loser: if (collection) { nssPKIObjectCollection_Destroy(collection); } - return (NSSCertificate **)NULL; + return (NSSCert **)NULL; } -NSS_IMPLEMENT NSSCertificate ** -NSSTrustDomain_FindCertificatesByNickname ( +NSS_IMPLEMENT NSSCert ** +NSSTrustDomain_FindCertsByNickname ( NSSTrustDomain *td, NSSUTF8 *name, - NSSCertificate *rvOpt[], + NSSCert *rvOpt[], PRUint32 maximumOpt, /* 0 for no max */ NSSArena *arenaOpt ) { - return nssTrustDomain_FindCertificatesByNickname(td, + return nssTrustDomain_FindCertsByNickname(td, name, rvOpt, maximumOpt, arenaOpt); } -NSS_IMPLEMENT NSSCertificate * -nssTrustDomain_FindBestCertificateByNickname ( +NSS_IMPLEMENT NSSCert * +nssTrustDomain_FindBestCertByNickname ( NSSTrustDomain *td, NSSUTF8 *name, NSSTime time, @@ -662,24 +662,24 @@ nssTrustDomain_FindBestCertificateByNickname ( NSSPolicies *policiesOpt ) { - NSSCertificate **nicknameCerts; - NSSCertificate *rvCert = NULL; - nicknameCerts = nssTrustDomain_FindCertificatesByNickname(td, name, + NSSCert **nicknameCerts; + NSSCert *rvCert = NULL; + nicknameCerts = nssTrustDomain_FindCertsByNickname(td, name, NULL, 0, NULL); if (nicknameCerts) { - rvCert = nssCertificateArray_FindBestCertificate(nicknameCerts, + rvCert = nssCertArray_FindBestCert(nicknameCerts, time, usagesOpt, policiesOpt); - nssCertificateArray_Destroy(nicknameCerts); + nssCertArray_Destroy(nicknameCerts); } return rvCert; } -NSS_IMPLEMENT NSSCertificate * -NSSTrustDomain_FindBestCertificateByNickname ( +NSS_IMPLEMENT NSSCert * +NSSTrustDomain_FindBestCertByNickname ( NSSTrustDomain *td, NSSUTF8 *name, NSSTime time, @@ -687,18 +687,18 @@ NSSTrustDomain_FindBestCertificateByNickname ( NSSPolicies *policiesOpt ) { - return nssTrustDomain_FindBestCertificateByNickname(td, + return nssTrustDomain_FindBestCertByNickname(td, name, time, usagesOpt, policiesOpt); } -NSS_IMPLEMENT NSSCertificate ** -nssTrustDomain_FindCertificatesBySubject ( +NSS_IMPLEMENT NSSCert ** +nssTrustDomain_FindCertsBySubject ( NSSTrustDomain *td, NSSDER *subject, - NSSCertificate *rvOpt[], + NSSCert *rvOpt[], PRUint32 maximumOpt, NSSArena *arenaOpt ) @@ -708,12 +708,12 @@ nssTrustDomain_FindCertificatesBySubject ( NSSToken *token = NULL; NSSSlot **slots = NULL; NSSSlot **slotp; - NSSCertificate **rvCerts = NULL; + NSSCert **rvCerts = NULL; nssPKIObjectCollection *collection = NULL; nssUpdateLevel updateLevel; #ifdef CERT_CACHE /* see if this search is already cached */ - rvCerts = nssCertificateCache_FindCertificatesBySubject(td->cache, + rvCerts = nssCertCache_FindCertsBySubject(td->cache, subject, rvOpt, maximumOpt, @@ -723,11 +723,11 @@ nssTrustDomain_FindCertificatesBySubject ( return rvCerts; } #endif /* CERT_CACHE */ - collection = nssCertificateCollection_Create(td, rvCerts); + collection = nssCertCollection_Create(td, rvCerts); if (!collection) { - return (NSSCertificate **)NULL; + return (NSSCert **)NULL; } - nssCertificateArray_Destroy(rvCerts); + nssCertArray_Destroy(rvCerts); slots = nssTrustDomain_GetActiveSlots(td, &updateLevel); if (!slots) { goto loser; @@ -744,7 +744,7 @@ nssTrustDomain_FindCertificatesBySubject ( nssToken_Destroy(token); goto loser; } - instances = nssToken_FindCertificatesBySubject(token, + instances = nssToken_FindCertsBySubject(token, session, subject, tokenOnly, @@ -770,11 +770,11 @@ nssTrustDomain_FindCertificatesBySubject ( } } } - rvCerts = nssPKIObjectCollection_GetCertificates(collection, + rvCerts = nssPKIObjectCollection_GetCerts(collection, rvOpt, maximumOpt, arenaOpt); #ifdef CERT_CACHE - status = nssCertificateCache_AddCertificatesForSubject(td->cache, + status = nssCertCache_AddCertsForSubject(td->cache, subject, rvCerts, updateLevel); @@ -789,27 +789,27 @@ loser: if (collection) { nssPKIObjectCollection_Destroy(collection); } - return (NSSCertificate **)NULL; + return (NSSCert **)NULL; } -NSS_IMPLEMENT NSSCertificate ** -NSSTrustDomain_FindCertificatesBySubject ( +NSS_IMPLEMENT NSSCert ** +NSSTrustDomain_FindCertsBySubject ( NSSTrustDomain *td, NSSDER *subject, - NSSCertificate *rvOpt[], + NSSCert *rvOpt[], PRUint32 maximumOpt, NSSArena *arenaOpt ) { - return nssTrustDomain_FindCertificatesBySubject(td, + return nssTrustDomain_FindCertsBySubject(td, subject, rvOpt, maximumOpt, arenaOpt); } -NSS_IMPLEMENT NSSCertificate * -nssTrustDomain_FindBestCertificateBySubject ( +NSS_IMPLEMENT NSSCert * +nssTrustDomain_FindBestCertBySubject ( NSSTrustDomain *td, NSSDER *subject, NSSTime time, @@ -817,24 +817,24 @@ nssTrustDomain_FindBestCertificateBySubject ( NSSPolicies *policiesOpt ) { - NSSCertificate **subjectCerts; - NSSCertificate *rvCert = NULL; - subjectCerts = nssTrustDomain_FindCertificatesBySubject(td, subject, + NSSCert **subjectCerts; + NSSCert *rvCert = NULL; + subjectCerts = nssTrustDomain_FindCertsBySubject(td, subject, NULL, 0, NULL); if (subjectCerts) { - rvCert = nssCertificateArray_FindBestCertificate(subjectCerts, + rvCert = nssCertArray_FindBestCert(subjectCerts, time, usagesOpt, policiesOpt); - nssCertificateArray_Destroy(subjectCerts); + nssCertArray_Destroy(subjectCerts); } return rvCert; } -NSS_IMPLEMENT NSSCertificate * -NSSTrustDomain_FindBestCertificateBySubject ( +NSS_IMPLEMENT NSSCert * +NSSTrustDomain_FindBestCertBySubject ( NSSTrustDomain *td, NSSDER *subject, NSSTime time, @@ -842,15 +842,15 @@ NSSTrustDomain_FindBestCertificateBySubject ( NSSPolicies *policiesOpt ) { - return nssTrustDomain_FindBestCertificateBySubject(td, + return nssTrustDomain_FindBestCertBySubject(td, subject, time, usagesOpt, policiesOpt); } -NSS_IMPLEMENT NSSCertificate * -NSSTrustDomain_FindBestCertificateByNameComponents ( +NSS_IMPLEMENT NSSCert * +NSSTrustDomain_FindBestCertByNameComponents ( NSSTrustDomain *td, NSSUTF8 *nameComponents, NSSTime time, @@ -862,11 +862,11 @@ NSSTrustDomain_FindBestCertificateByNameComponents ( return NULL; } -NSS_IMPLEMENT NSSCertificate ** -NSSTrustDomain_FindCertificatesByNameComponents ( +NSS_IMPLEMENT NSSCert ** +NSSTrustDomain_FindCertsByNameComponents ( NSSTrustDomain *td, NSSUTF8 *nameComponents, - NSSCertificate *rvOpt[], + NSSCert *rvOpt[], PRUint32 maximumOpt, /* 0 for no max */ NSSArena *arenaOpt ) @@ -875,8 +875,8 @@ NSSTrustDomain_FindCertificatesByNameComponents ( return NULL; } -NSS_IMPLEMENT NSSCertificate * -nssTrustDomain_FindCertificateByIssuerAndSerialNumber ( +NSS_IMPLEMENT NSSCert * +nssTrustDomain_FindCertByIssuerAndSerialNumber ( NSSTrustDomain *td, NSSDER *issuer, NSSDER *serial @@ -886,12 +886,12 @@ nssTrustDomain_FindCertificateByIssuerAndSerialNumber ( NSSToken *token = NULL; NSSSlot **slots = NULL; NSSSlot **slotp; - NSSCertificate *rvCert = NULL; + NSSCert *rvCert = NULL; nssPKIObjectCollection *collection = NULL; nssUpdateLevel updateLevel; #ifdef CERT_CACHE /* see if this search is already cached */ - rvCert = nssCertificateCache_FindCertificateByIssuerAndSerialNumber( + rvCert = nssCertCache_FindCertByIssuerAndSerialNumber( td->cache, issuer, serial, @@ -915,7 +915,7 @@ nssTrustDomain_FindCertificateByIssuerAndSerialNumber ( nssToken_Destroy(token); goto loser; } - instance = nssToken_FindCertificateByIssuerAndSerialNumber( + instance = nssToken_FindCertByIssuerAndSerialNumber( token, session, issuer, @@ -928,7 +928,7 @@ nssTrustDomain_FindCertificateByIssuerAndSerialNumber ( } if (instance) { if (!collection) { - collection = nssCertificateCollection_Create(td, NULL); + collection = nssCertCollection_Create(td, NULL); if (!collection) { goto loser; } @@ -939,7 +939,7 @@ nssTrustDomain_FindCertificateByIssuerAndSerialNumber ( } } if (collection) { - (void)nssPKIObjectCollection_GetCertificates(collection, + (void)nssPKIObjectCollection_GetCerts(collection, &rvCert, 1, NULL); nssPKIObjectCollection_Destroy(collection); if (!rvCert) { @@ -947,7 +947,7 @@ nssTrustDomain_FindCertificateByIssuerAndSerialNumber ( } } #ifdef CERT_CACHE - status = nssCertificateCache_AddCertificate(td->cache, rvCert, + status = nssCertCache_AddCert(td->cache, rvCert, issuer, serial, updateLevel); #endif /* CERT_CACHE */ nssSlotArray_Destroy(slots); @@ -956,42 +956,42 @@ loser: if (slots) { nssSlotArray_Destroy(slots); } - return (NSSCertificate *)NULL; + return (NSSCert *)NULL; } -NSS_IMPLEMENT NSSCertificate * -NSSTrustDomain_FindCertificateByIssuerAndSerialNumber ( +NSS_IMPLEMENT NSSCert * +NSSTrustDomain_FindCertByIssuerAndSerialNumber ( NSSTrustDomain *td, NSSDER *issuer, NSSDER *serial ) { - return nssTrustDomain_FindCertificateByIssuerAndSerialNumber(td, + return nssTrustDomain_FindCertByIssuerAndSerialNumber(td, issuer, serial); } -NSS_IMPLEMENT NSSCertificate * -nssTrustDomain_FindCertificateByEncodedCertificate ( +NSS_IMPLEMENT NSSCert * +nssTrustDomain_FindCertByEncodedCert ( NSSTrustDomain *td, NSSBER *ber ) { - NSSCertificate *rvCert = NULL; + NSSCert *rvCert = NULL; #if 0 PRStatus status; NSSDER issuer = { 0 }; NSSDER serial = { 0 }; NSSArena *arena = nssArena_Create(); if (!arena) { - return (NSSCertificate *)NULL; + return (NSSCert *)NULL; } /* XXX this is not generic... will any cert crack into issuer/serial? */ status = nssPKIX509_GetIssuerAndSerialFromDER(ber, arena, &issuer, &serial); if (status != PR_SUCCESS) { goto finish; } - rvCert = nssTrustDomain_FindCertificateByIssuerAndSerialNumber(td, + rvCert = nssTrustDomain_FindCertByIssuerAndSerialNumber(td, &issuer, &serial); finish: @@ -1000,20 +1000,20 @@ finish: return rvCert; } -NSS_IMPLEMENT NSSCertificate * -NSSTrustDomain_FindCertificateByEncodedCertificate ( +NSS_IMPLEMENT NSSCert * +NSSTrustDomain_FindCertByEncodedCert ( NSSTrustDomain *td, NSSBER *ber ) { - return nssTrustDomain_FindCertificateByEncodedCertificate(td, ber); + return nssTrustDomain_FindCertByEncodedCert(td, ber); } -NSS_IMPLEMENT NSSCertificate ** -nssTrustDomain_FindCertificatesByID ( +NSS_IMPLEMENT NSSCert ** +nssTrustDomain_FindCertsByID ( NSSTrustDomain *td, NSSItem *id, - NSSCertificate **rvOpt, + NSSCert **rvOpt, PRUint32 maximumOpt, NSSArena *arenaOpt ) @@ -1023,12 +1023,12 @@ nssTrustDomain_FindCertificatesByID ( NSSToken *token = NULL; NSSSlot **slots = NULL; NSSSlot **slotp; - NSSCertificate **rvCerts = NULL; + NSSCert **rvCerts = NULL; nssPKIObjectCollection *collection = NULL; nssUpdateLevel updateLevel; - collection = nssCertificateCollection_Create(td, rvCerts); + collection = nssCertCollection_Create(td, rvCerts); if (!collection) { - return (NSSCertificate **)NULL; + return (NSSCert **)NULL; } slots = nssTrustDomain_GetActiveSlots(td, &updateLevel); if (!slots) { @@ -1046,7 +1046,7 @@ nssTrustDomain_FindCertificatesByID ( nssToken_Destroy(token); goto loser; } - instances = nssToken_FindCertificatesByID(token, + instances = nssToken_FindCertsByID(token, session, id, tokenOnly, @@ -1072,7 +1072,7 @@ nssTrustDomain_FindCertificatesByID ( } } } - rvCerts = nssPKIObjectCollection_GetCertificates(collection, + rvCerts = nssPKIObjectCollection_GetCerts(collection, rvOpt, maximumOpt, arenaOpt); /* cache 'em? */ @@ -1086,11 +1086,11 @@ loser: if (collection) { nssPKIObjectCollection_Destroy(collection); } - return (NSSCertificate **)NULL; + return (NSSCert **)NULL; } -NSS_IMPLEMENT NSSCertificate * -NSSTrustDomain_FindBestCertificateByEmail ( +NSS_IMPLEMENT NSSCert * +NSSTrustDomain_FindBestCertByEmail ( NSSTrustDomain *td, NSSASCII7 *email, NSSTime time, @@ -1101,11 +1101,11 @@ NSSTrustDomain_FindBestCertificateByEmail ( return 0; } -NSS_IMPLEMENT NSSCertificate ** -nssTrustDomain_FindCertificatesByEmail ( +NSS_IMPLEMENT NSSCert ** +nssTrustDomain_FindCertsByEmail ( NSSTrustDomain *td, NSSASCII7 *email, - NSSCertificate *rvOpt[], + NSSCert *rvOpt[], PRUint32 maximumOpt, /* 0 for no max */ NSSArena *arenaOpt ) @@ -1114,21 +1114,21 @@ nssTrustDomain_FindCertificatesByEmail ( return NULL; } -NSS_IMPLEMENT NSSCertificate ** -NSSTrustDomain_FindCertificatesByEmail ( +NSS_IMPLEMENT NSSCert ** +NSSTrustDomain_FindCertsByEmail ( NSSTrustDomain *td, NSSASCII7 *email, - NSSCertificate *rvOpt[], + NSSCert *rvOpt[], PRUint32 maximumOpt, /* 0 for no max */ NSSArena *arenaOpt ) { - return nssTrustDomain_FindCertificatesByEmail(td, email, rvOpt, + return nssTrustDomain_FindCertsByEmail(td, email, rvOpt, maximumOpt, arenaOpt); } -NSS_IMPLEMENT NSSCertificate * -NSSTrustDomain_FindCertificateByOCSPHash ( +NSS_IMPLEMENT NSSCert * +NSSTrustDomain_FindCertByOCSPHash ( NSSTrustDomain *td, NSSItem *hash ) @@ -1137,8 +1137,8 @@ NSSTrustDomain_FindCertificateByOCSPHash ( return NULL; } -NSS_IMPLEMENT NSSCertificate * -NSSTrustDomain_FindBestUserCertificate ( +NSS_IMPLEMENT NSSCert * +NSSTrustDomain_FindBestUserCert ( NSSTrustDomain *td, NSSTime time, NSSUsages *usages, @@ -1151,7 +1151,7 @@ NSSTrustDomain_FindBestUserCertificate ( /* XXX don't keep this */ struct stuff_str { - NSSCertificate **rv; + NSSCert **rv; PRUint32 rvCount; PRUint32 rvSize; PRUint32 rvLimit; @@ -1159,32 +1159,32 @@ struct stuff_str { }; static PRStatus -get_user(NSSCertificate *c, void *arg) +get_user(NSSCert *c, void *arg) { struct stuff_str *stuff = (struct stuff_str *)arg; - if (nssCertificate_IsPrivateKeyAvailable(c, NULL, NULL)) { + if (nssCert_IsPrivateKeyAvailable(c, NULL, NULL)) { if (stuff->rvSize == 0) { stuff->rvSize = 2; - stuff->rv = nss_ZNEWARRAY(stuff->arenaOpt, NSSCertificate *, + stuff->rv = nss_ZNEWARRAY(stuff->arenaOpt, NSSCert *, stuff->rvSize + 1); if (!stuff->rv) return PR_FAILURE; } else if (stuff->rvCount == stuff->rvSize && stuff->rvLimit == 0) { stuff->rvSize *= 2; - stuff->rv = nss_ZREALLOCARRAY(stuff->rv, NSSCertificate *, + stuff->rv = nss_ZREALLOCARRAY(stuff->rv, NSSCert *, stuff->rvSize + 1); if (!stuff->rv) return PR_FAILURE; } else { return PR_SUCCESS; } - stuff->rv[stuff->rvCount++] = nssCertificate_AddRef(c); + stuff->rv[stuff->rvCount++] = nssCert_AddRef(c); } return PR_SUCCESS; } -NSS_IMPLEMENT NSSCertificate ** -nssTrustDomain_FindUserCertificates ( +NSS_IMPLEMENT NSSCert ** +nssTrustDomain_FindUserCerts ( NSSTrustDomain *td, - NSSCertificate **rvOpt, + NSSCert **rvOpt, PRUint32 rvLimit, NSSArena *arenaOpt ) @@ -1197,27 +1197,27 @@ nssTrustDomain_FindUserCertificates ( stuff.rvSize = rvOpt ? rvLimit : 0; stuff.rvLimit = rvLimit; stuff.arenaOpt = arenaOpt; - status = nssTrustDomain_TraverseCertificates(td, get_user, &stuff); + status = nssTrustDomain_TraverseCerts(td, get_user, &stuff); if (status && *status == PR_FAILURE) { - nssCertificateArray_Destroy(stuff.rv); + nssCertArray_Destroy(stuff.rv); stuff.rv = NULL; } return stuff.rv; } -NSS_IMPLEMENT NSSCertificate ** -NSSTrustDomain_FindUserCertificates ( +NSS_IMPLEMENT NSSCert ** +NSSTrustDomain_FindUserCerts ( NSSTrustDomain *td, - NSSCertificate **rvOpt, + NSSCert **rvOpt, PRUint32 rvLimit, NSSArena *arenaOpt ) { - return nssTrustDomain_FindUserCertificates(td, rvOpt, rvLimit, arenaOpt); + return nssTrustDomain_FindUserCerts(td, rvOpt, rvLimit, arenaOpt); } -NSS_IMPLEMENT NSSCertificate * -NSSTrustDomain_FindBestUserCertificateForSSLClientAuth ( +NSS_IMPLEMENT NSSCert * +NSSTrustDomain_FindBestUserCertForSSLClientAuth ( NSSTrustDomain *td, NSSUTF8 *sslHostOpt, NSSDER *rootCAsOpt[], /* null pointer for none */ @@ -1230,15 +1230,15 @@ NSSTrustDomain_FindBestUserCertificateForSSLClientAuth ( return NULL; } -NSS_IMPLEMENT NSSCertificate ** -NSSTrustDomain_FindUserCertificatesForSSLClientAuth ( +NSS_IMPLEMENT NSSCert ** +NSSTrustDomain_FindUserCertsForSSLClientAuth ( NSSTrustDomain *td, NSSUTF8 *sslHostOpt, NSSDER *rootCAsOpt[], /* null pointer for none */ PRUint32 rootCAsMaxOpt, /* zero means list is null-terminated */ const NSSAlgNParam *apOpt, NSSPolicies *policiesOpt, - NSSCertificate **rvOpt, + NSSCert **rvOpt, PRUint32 rvLimit, /* zero for no limit */ NSSArena *arenaOpt ) @@ -1247,8 +1247,8 @@ NSSTrustDomain_FindUserCertificatesForSSLClientAuth ( return NULL; } -NSS_IMPLEMENT NSSCertificate * -NSSTrustDomain_FindBestUserCertificateForEmailSigning ( +NSS_IMPLEMENT NSSCert * +NSSTrustDomain_FindBestUserCertForEmailSigning ( NSSTrustDomain *td, NSSASCII7 *signerOpt, NSSASCII7 *recipientOpt, @@ -1261,15 +1261,15 @@ NSSTrustDomain_FindBestUserCertificateForEmailSigning ( return NULL; } -NSS_IMPLEMENT NSSCertificate ** -NSSTrustDomain_FindUserCertificatesForEmailSigning ( +NSS_IMPLEMENT NSSCert ** +NSSTrustDomain_FindUserCertsForEmailSigning ( NSSTrustDomain *td, NSSASCII7 *signerOpt, NSSASCII7 *recipientOpt, /* anything more here? */ const NSSAlgNParam *apOpt, NSSPolicies *policiesOpt, - NSSCertificate **rvOpt, + NSSCert **rvOpt, PRUint32 rvLimit, /* zero for no limit */ NSSArena *arenaOpt ) @@ -1286,9 +1286,9 @@ collector(nssCryptokiObject *instance, void *arg) } NSS_IMPLEMENT PRStatus * -nssTrustDomain_TraverseCertificates ( +nssTrustDomain_TraverseCerts ( NSSTrustDomain *td, - PRStatus (*callback)(NSSCertificate *c, void *arg), + PRStatus (*callback)(NSSCert *c, void *arg), void *arg ) { @@ -1300,7 +1300,7 @@ nssTrustDomain_TraverseCertificates ( nssPKIObjectCallback pkiCallback; nssUpdateLevel updateLevel; /* XXX cache ??? probably use query callback below */ - collection = nssCertificateCollection_Create(td, NULL); + collection = nssCertCollection_Create(td, NULL); if (!collection) { return (PRStatus *)NULL; } @@ -1323,7 +1323,7 @@ nssTrustDomain_TraverseCertificates ( goto loser; } /* perform the traversal */ - status = nssToken_TraverseCertificates(token, + status = nssToken_TraverseCerts(token, session, tokenOnly, collector, @@ -1355,28 +1355,28 @@ loser: } NSS_IMPLEMENT PRStatus * -NSSTrustDomain_TraverseCertificates ( +NSSTrustDomain_TraverseCerts ( NSSTrustDomain *td, - PRStatus (*callback)(NSSCertificate *c, void *arg), + PRStatus (*callback)(NSSCert *c, void *arg), void *arg ) { - return nssTrustDomain_TraverseCertificates(td, callback, arg); + return nssTrustDomain_TraverseCerts(td, callback, arg); } NSS_IMPLEMENT nssTrust * -nssTrustDomain_FindTrustForCertificate ( +nssTrustDomain_FindTrustForCert ( NSSTrustDomain *td, - NSSCertificate *c + NSSCert *c ) { PRStatus status; NSSSlot **slots; NSSSlot **slotp; NSSToken *token; - NSSDER *encoding = nssCertificate_GetEncoding(c); - NSSDER *issuer = nssCertificate_GetIssuer(c); - NSSDER *serial = nssCertificate_GetSerialNumber(c); + NSSDER *encoding = nssCert_GetEncoding(c); + NSSDER *issuer = nssCert_GetIssuer(c); + NSSDER *serial = nssCert_GetSerialNumber(c); nssTokenSearchType tokenOnly = nssTokenSearchType_TokenOnly; nssCryptokiObject *to = NULL; nssPKIObject *pkio = NULL; @@ -1394,7 +1394,7 @@ nssTrustDomain_FindTrustForCertificate ( if (!session) { continue; } - to = nssToken_FindTrustForCertificate(token, session, + to = nssToken_FindTrustForCert(token, session, encoding, issuer, serial, @@ -1562,8 +1562,8 @@ nssTrustDomain_FindSourceToken ( return source; } -NSS_IMPLEMENT NSSSymmetricKey * -nssTrustDomain_GenerateSymmetricKey ( +NSS_IMPLEMENT NSSSymKey * +nssTrustDomain_GenerateSymKey ( NSSTrustDomain *td, const NSSAlgNParam *ap, PRUint32 keysize, @@ -1583,11 +1583,11 @@ nssTrustDomain_GenerateSymmetricKey ( creator.nickname = NULL /*nicknameOpt*/; creator.properties = 0 /*properties*/; creator.operations = 0 /*operations*/; - return nssPKIObjectCreator_GenerateSymmetricKey(&creator, keysize); + return nssPKIObjectCreator_GenerateSymKey(&creator, keysize); } -NSS_IMPLEMENT NSSSymmetricKey * -NSSTrustDomain_GenerateSymmetricKey ( +NSS_IMPLEMENT NSSSymKey * +NSSTrustDomain_GenerateSymKey ( NSSTrustDomain *td, const NSSAlgNParam *ap, PRUint32 keysize, @@ -1595,12 +1595,12 @@ NSSTrustDomain_GenerateSymmetricKey ( NSSCallback *uhhOpt ) { - return nssTrustDomain_GenerateSymmetricKey(td, ap, keysize, + return nssTrustDomain_GenerateSymKey(td, ap, keysize, destination, uhhOpt); } -NSS_IMPLEMENT NSSSymmetricKey * -NSSTrustDomain_GenerateSymmetricKeyFromPassword ( +NSS_IMPLEMENT NSSSymKey * +NSSTrustDomain_GenerateSymKeyFromPassword ( NSSTrustDomain *td, const NSSAlgNParam *ap, NSSUTF8 *passwordOpt, /* if null, prompt */ @@ -1612,8 +1612,8 @@ NSSTrustDomain_GenerateSymmetricKeyFromPassword ( return NULL; } -NSS_IMPLEMENT NSSSymmetricKey * -NSSTrustDomain_FindSymmetricKeyByAlgorithmAndKeyID ( +NSS_IMPLEMENT NSSSymKey * +NSSTrustDomain_FindSymKeyByAlgorithmAndKeyID ( NSSTrustDomain *td, NSSOID *algorithm, NSSItem *keyID, diff --git a/security/nss/lib/pki/volatiledomain.c b/security/nss/lib/pki/volatiledomain.c index 1e674ec2f..7dd8ea35d 100644 --- a/security/nss/lib/pki/volatiledomain.c +++ b/security/nss/lib/pki/volatiledomain.c @@ -117,10 +117,10 @@ nssVolatileDomain_Destroy ( PRStatus status = PR_SUCCESS; PZ_DestroyLock(vd->objectLock); nssTokenSessionHash_Destroy(vd->tokenSessionHash); - nssCertificateArray_Destroy((NSSCertificate **)vd->certs.array); + nssCertArray_Destroy((NSSCert **)vd->certs.array); nssPublicKeyArray_Destroy((NSSPublicKey **)vd->bkeys.array); nssPrivateKeyArray_Destroy((NSSPrivateKey **)vd->vkeys.array); - nssSymmetricKeyArray_Destroy((NSSSymmetricKey **)vd->mkeys.array); + nssSymKeyArray_Destroy((NSSSymKey **)vd->mkeys.array); status |= nssArena_Destroy(vd->arena); return status; } @@ -200,9 +200,9 @@ NSSVolatileDomain_GetTrustDomain ( } NSS_IMPLEMENT PRStatus -nssVolatileDomain_ImportCertificate ( +nssVolatileDomain_ImportCert ( NSSVolatileDomain *vd, - NSSCertificate *c + NSSCert *c ) { PZ_Lock(vd->objectLock); @@ -210,13 +210,13 @@ nssVolatileDomain_ImportCertificate ( if (vd->certs.size == 0) { /* need to alloc new array */ vd->certs.array = (void **)nss_ZNEWARRAY(vd->arena, - NSSCertificate *, + NSSCert *, DEFAULT_ARRAY_SIZE); } else { /* array is full, realloc */ vd->certs.size *= 2; vd->certs.array = (void **)nss_ZREALLOCARRAY(vd->certs.array, - NSSCertificate *, + NSSCert *, vd->certs.size); } if (!vd->certs.array) { @@ -224,59 +224,59 @@ nssVolatileDomain_ImportCertificate ( return PR_FAILURE; } } - vd->certs.array[vd->certs.count++] = (void *)nssCertificate_AddRef(c); + vd->certs.array[vd->certs.count++] = (void *)nssCert_AddRef(c); PZ_Unlock(vd->objectLock); - nssCertificate_SetVolatileDomain(c, vd); + nssCert_SetVolatileDomain(c, vd); return PR_SUCCESS; } NSS_IMPLEMENT PRStatus -NSSVolatileDomain_ImportCertificate ( +NSSVolatileDomain_ImportCert ( NSSVolatileDomain *vd, - NSSCertificate *c + NSSCert *c ) { - return nssVolatileDomain_ImportCertificate(vd, c); + return nssVolatileDomain_ImportCert(vd, c); } -NSS_IMPLEMENT NSSCertificate * -nssVolatileDomain_ImportEncodedCertificate ( +NSS_IMPLEMENT NSSCert * +nssVolatileDomain_ImportEncodedCert ( NSSVolatileDomain *vd, NSSBER *ber, NSSUTF8 *nickOpt ) { - NSSCertificate *c; + NSSCert *c; - c = nssCertificate_Decode(ber); + c = nssCert_Decode(ber); if (!c) { - return (NSSCertificate *)NULL; + return (NSSCert *)NULL; } if (nickOpt) { - nssCertificate_SetNickname(c, NULL, nickOpt); + nssCert_SetNickname(c, NULL, nickOpt); } - if (nssVolatileDomain_ImportCertificate(vd, c) == PR_FAILURE) { - nssCertificate_Destroy(c); - return (NSSCertificate *)NULL; + if (nssVolatileDomain_ImportCert(vd, c) == PR_FAILURE) { + nssCert_Destroy(c); + return (NSSCert *)NULL; } return c; } -NSS_IMPLEMENT NSSCertificate * -NSSVolatileDomain_ImportEncodedCertificate ( +NSS_IMPLEMENT NSSCert * +NSSVolatileDomain_ImportEncodedCert ( NSSVolatileDomain *vd, NSSBER *ber, NSSUTF8 *nickOpt ) { - return nssVolatileDomain_ImportEncodedCertificate(vd, ber, nickOpt); + return nssVolatileDomain_ImportEncodedCert(vd, ber, nickOpt); } NSS_IMPLEMENT PRStatus -NSSVolatileDomain_ImportEncodedCertificateChain ( +NSSVolatileDomain_ImportEncodedCertChain ( NSSVolatileDomain *vd, NSSBER *ber, - NSSCertificateType certType + NSSCertType certType ) { nss_SetError(NSS_ERROR_NOT_FOUND); @@ -329,12 +329,12 @@ nssVolatileDomain_ImportSMIMEProfile ( { PRStatus nssrv; if (!vd->certStore) { - vd->certStore = nssCertificateStore_Create(vd->arena); + vd->certStore = nssCertStore_Create(vd->arena); if (!vd->certStore) { return PR_FAILURE; } } - nssrv = nssCertificateStore_AddSMIMEProfile(vd->certStore, profile); + nssrv = nssCertStore_AddSMIMEProfile(vd->certStore, profile); #if 0 if (nssrv == PR_SUCCESS) { profile->object.cryptoContext = vd; @@ -345,7 +345,7 @@ nssVolatileDomain_ImportSMIMEProfile ( #endif struct cert_array_str { - NSSCertificate **array; + NSSCert **array; PRUint32 count; PRUint32 size; PRBool grow; @@ -362,7 +362,7 @@ struct cert_array_str { (cert_array)->mark = NULL; static PRStatus -add_to_cert_array(struct cert_array_str *car, NSSCertificate *c) +add_to_cert_array(struct cert_array_str *car, NSSCert *c) { if (!car->array) { if (car->arenaOpt) { @@ -374,26 +374,26 @@ add_to_cert_array(struct cert_array_str *car, NSSCertificate *c) if (!car->size) { car->size = DEFAULT_RETURN_ARRAY; } - car->array = nss_ZNEWARRAY(car->arenaOpt, NSSCertificate *, + car->array = nss_ZNEWARRAY(car->arenaOpt, NSSCert *, car->size + 1); } else if (car->count == car->size) { if (!car->grow) { return PR_FAILURE; /* this will terminate the loop */ } car->size *= 2; - car->array = nss_ZREALLOCARRAY(car->array, NSSCertificate *, + car->array = nss_ZREALLOCARRAY(car->array, NSSCert *, car->size + 1); } if (!car->array) { return PR_FAILURE; } - car->array[car->count++] = nssCertificate_AddRef(c); + car->array[car->count++] = nssCert_AddRef(c); return PR_SUCCESS; } -static NSSCertificate ** +static NSSCert ** finish_cert_array(struct cert_array_str *car, PRStatus status, - NSSCertificate **tdCerts) + NSSCert **tdCerts) { if (status == PR_FAILURE) { if (!car->grow) { @@ -409,7 +409,7 @@ finish_cert_array(struct cert_array_str *car, PRStatus status, car->array = NULL; } else if (car->mark) { if (tdCerts) { - car->array = nssCertificateArray_Join(car->array, tdCerts); + car->array = nssCertArray_Join(car->array, tdCerts); } nssArena_Unmark(car->arenaOpt, car->mark); } @@ -417,27 +417,27 @@ finish_cert_array(struct cert_array_str *car, PRStatus status, return car->array; } -NSS_IMPLEMENT NSSCertificate ** -nssVolatileDomain_FindCertificatesByNickname ( +NSS_IMPLEMENT NSSCert ** +nssVolatileDomain_FindCertsByNickname ( NSSVolatileDomain *vd, NSSUTF8 *name, - NSSCertificate **rvOpt, + NSSCert **rvOpt, PRUint32 maximumOpt, NSSArena *arenaOpt ) { PRStatus status; PRUint32 i; - NSSCertificate **certs, **tdCerts; + NSSCert **certs, **tdCerts; NSSUTF8 *cNick; struct cert_array_str cert_array; INIT_CERT_ARRAY(&cert_array, rvOpt, maximumOpt, arenaOpt); PZ_Lock(vd->objectLock); - certs = (NSSCertificate **)vd->certs.array; + certs = (NSSCert **)vd->certs.array; for (i=0; i<vd->certs.count; i++) { - cNick = nssCertificate_GetNickname(certs[i], NULL); + cNick = nssCert_GetNickname(certs[i], NULL); if (nssUTF8_Equal(name, cNick, NULL)) { status = add_to_cert_array(&cert_array, certs[i]); if (status == PR_FAILURE) { @@ -447,28 +447,28 @@ nssVolatileDomain_FindCertificatesByNickname ( } PZ_Unlock(vd->objectLock); - tdCerts = nssTrustDomain_FindCertificatesByNickname(vd->td, name, + tdCerts = nssTrustDomain_FindCertsByNickname(vd->td, name, rvOpt ? rvOpt + cert_array.count : NULL, maximumOpt - cert_array.count, arenaOpt); return finish_cert_array(&cert_array, status, tdCerts); } -NSS_IMPLEMENT NSSCertificate ** -NSSVolatileDomain_FindCertificatesByNickname ( +NSS_IMPLEMENT NSSCert ** +NSSVolatileDomain_FindCertsByNickname ( NSSVolatileDomain *vd, NSSUTF8 *name, - NSSCertificate *rvOpt[], + NSSCert *rvOpt[], PRUint32 maximumOpt, /* 0 for no max */ NSSArena *arenaOpt ) { - return nssVolatileDomain_FindCertificatesByNickname(vd, name, rvOpt, + return nssVolatileDomain_FindCertsByNickname(vd, name, rvOpt, maximumOpt, arenaOpt); } -NSS_IMPLEMENT NSSCertificate * -nssVolatileDomain_FindBestCertificateByNickname ( +NSS_IMPLEMENT NSSCert * +nssVolatileDomain_FindBestCertByNickname ( NSSVolatileDomain *vd, NSSUTF8 *name, NSSTime time, /* NULL for "now" */ @@ -476,23 +476,23 @@ nssVolatileDomain_FindBestCertificateByNickname ( NSSPolicies *policiesOpt /* NULL for none */ ) { - NSSCertificate **certs; - NSSCertificate *rvCert = NULL; + NSSCert **certs; + NSSCert *rvCert = NULL; /* search the volatile (and trust) domain by nickname */ - certs = nssVolatileDomain_FindCertificatesByNickname(vd, name, + certs = nssVolatileDomain_FindCertsByNickname(vd, name, NULL, 0, NULL); if (certs) { /* find the best one */ - rvCert = nssCertificateArray_FindBestCertificate(certs, time, + rvCert = nssCertArray_FindBestCert(certs, time, usages, policiesOpt); - nssCertificateArray_Destroy(certs); + nssCertArray_Destroy(certs); } return rvCert; } -NSS_IMPLEMENT NSSCertificate * -NSSVolatileDomain_FindBestCertificateByNickname ( +NSS_IMPLEMENT NSSCert * +NSSVolatileDomain_FindBestCertByNickname ( NSSVolatileDomain *vd, NSSUTF8 *name, NSSTime time, /* NULL for "now" */ @@ -500,76 +500,76 @@ NSSVolatileDomain_FindBestCertificateByNickname ( NSSPolicies *policiesOpt /* NULL for none */ ) { - return nssVolatileDomain_FindBestCertificateByNickname(vd, name, + return nssVolatileDomain_FindBestCertByNickname(vd, name, time, usages, policiesOpt); } -NSS_IMPLEMENT NSSCertificate * -nssVolatileDomain_FindCertificateByIssuerAndSerialNumber ( +NSS_IMPLEMENT NSSCert * +nssVolatileDomain_FindCertByIssuerAndSerialNumber ( NSSVolatileDomain *vd, NSSDER *issuer, NSSDER *serial ) { PRUint32 i; - NSSCertificate **certs; + NSSCert **certs; NSSDER *cIssuer, *cSerial; - NSSCertificate *rvCert = NULL; + NSSCert *rvCert = NULL; PZ_Lock(vd->objectLock); - certs = (NSSCertificate **)vd->certs.array; + certs = (NSSCert **)vd->certs.array; for (i=0; i<vd->certs.count; i++) { - cIssuer = nssCertificate_GetIssuer(certs[i]); - cSerial = nssCertificate_GetSerialNumber(certs[i]); + cIssuer = nssCert_GetIssuer(certs[i]); + cSerial = nssCert_GetSerialNumber(certs[i]); if (nssItem_Equal(cIssuer, issuer, NULL) && nssItem_Equal(cSerial, serial, NULL)) { - rvCert = nssCertificate_AddRef(certs[i]); + rvCert = nssCert_AddRef(certs[i]); break; } } PZ_Unlock(vd->objectLock); if (!rvCert) { - rvCert = nssTrustDomain_FindCertificateByIssuerAndSerialNumber(vd->td, + rvCert = nssTrustDomain_FindCertByIssuerAndSerialNumber(vd->td, issuer, serial); } return rvCert; } -NSS_IMPLEMENT NSSCertificate * -NSSVolatileDomain_FindCertificateByIssuerAndSerialNumber ( +NSS_IMPLEMENT NSSCert * +NSSVolatileDomain_FindCertByIssuerAndSerialNumber ( NSSVolatileDomain *vd, NSSDER *issuer, NSSDER *serial ) { - return nssVolatileDomain_FindCertificateByIssuerAndSerialNumber(vd, + return nssVolatileDomain_FindCertByIssuerAndSerialNumber(vd, issuer, serial); } -NSS_IMPLEMENT NSSCertificate ** -nssVolatileDomain_FindCertificatesBySubject ( +NSS_IMPLEMENT NSSCert ** +nssVolatileDomain_FindCertsBySubject ( NSSVolatileDomain *vd, NSSDER *subject, - NSSCertificate *rvOpt[], + NSSCert *rvOpt[], PRUint32 maximumOpt, /* 0 for no max */ NSSArena *arenaOpt ) { PRStatus status; PRUint32 i; - NSSCertificate **certs, **tdCerts; + NSSCert **certs, **tdCerts; NSSDER *certSubject; struct cert_array_str cert_array; INIT_CERT_ARRAY(&cert_array, rvOpt, maximumOpt, arenaOpt); PZ_Lock(vd->objectLock); - certs = (NSSCertificate **)vd->certs.array; + certs = (NSSCert **)vd->certs.array; for (i=0; i<vd->certs.count; i++) { - certSubject = nssCertificate_GetSubject(certs[i]); + certSubject = nssCert_GetSubject(certs[i]); if (nssItem_Equal(certSubject, subject, NULL)) { status = add_to_cert_array(&cert_array, certs[i]); if (status == PR_FAILURE) { @@ -579,29 +579,29 @@ nssVolatileDomain_FindCertificatesBySubject ( } PZ_Unlock(vd->objectLock); - tdCerts = nssTrustDomain_FindCertificatesBySubject(vd->td, subject, + tdCerts = nssTrustDomain_FindCertsBySubject(vd->td, subject, rvOpt ? rvOpt + cert_array.count : NULL, maximumOpt - cert_array.count, arenaOpt); return finish_cert_array(&cert_array, status, tdCerts); } -NSS_IMPLEMENT NSSCertificate ** -NSSVolatileDomain_FindCertificatesBySubject ( +NSS_IMPLEMENT NSSCert ** +NSSVolatileDomain_FindCertsBySubject ( NSSVolatileDomain *vd, NSSDER *subject, - NSSCertificate *rvOpt[], + NSSCert *rvOpt[], PRUint32 maximumOpt, /* 0 for no max */ NSSArena *arenaOpt ) { - return nssVolatileDomain_FindCertificatesBySubject(vd, subject, + return nssVolatileDomain_FindCertsBySubject(vd, subject, rvOpt, maximumOpt, arenaOpt); } -NSS_IMPLEMENT NSSCertificate * -nssVolatileDomain_FindBestCertificateBySubject ( +NSS_IMPLEMENT NSSCert * +nssVolatileDomain_FindBestCertBySubject ( NSSVolatileDomain *vd, NSSDER *subject, NSSTime time, @@ -609,23 +609,23 @@ nssVolatileDomain_FindBestCertificateBySubject ( NSSPolicies *policiesOpt ) { - NSSCertificate **certs; - NSSCertificate *rvCert = NULL; + NSSCert **certs; + NSSCert *rvCert = NULL; /* search the volatile (and trust) domain by subject */ - certs = nssVolatileDomain_FindCertificatesBySubject(vd, subject, + certs = nssVolatileDomain_FindCertsBySubject(vd, subject, NULL, 0, NULL); if (certs) { /* find the best one */ - rvCert = nssCertificateArray_FindBestCertificate(certs, time, + rvCert = nssCertArray_FindBestCert(certs, time, usages, policiesOpt); - nssCertificateArray_Destroy(certs); + nssCertArray_Destroy(certs); } return rvCert; } -NSS_IMPLEMENT NSSCertificate * -NSSVolatileDomain_FindBestCertificateBySubject ( +NSS_IMPLEMENT NSSCert * +NSSVolatileDomain_FindBestCertBySubject ( NSSVolatileDomain *vd, NSSDER *subject, NSSTime time, @@ -633,69 +633,69 @@ NSSVolatileDomain_FindBestCertificateBySubject ( NSSPolicies *policiesOpt ) { - return nssVolatileDomain_FindBestCertificateBySubject(vd, subject, + return nssVolatileDomain_FindBestCertBySubject(vd, subject, time, usages, policiesOpt); } -NSS_IMPLEMENT NSSCertificate * -nssVolatileDomain_FindCertificateByEncodedCertificate ( +NSS_IMPLEMENT NSSCert * +nssVolatileDomain_FindCertByEncodedCert ( NSSVolatileDomain *vd, NSSBER *encodedCert ) { PRUint32 i; NSSBER *certEnc; - NSSCertificate **certs; - NSSCertificate *rvCert = NULL; + NSSCert **certs; + NSSCert *rvCert = NULL; PZ_Lock(vd->objectLock); - certs = (NSSCertificate **)vd->certs.array; + certs = (NSSCert **)vd->certs.array; for (i=0; i<vd->certs.count; i++) { - certEnc = nssCertificate_GetEncoding(certs[i]); + certEnc = nssCert_GetEncoding(certs[i]); if (nssItem_Equal(certEnc, encodedCert, NULL)) { - rvCert = nssCertificate_AddRef(certs[i]); + rvCert = nssCert_AddRef(certs[i]); break; } } PZ_Unlock(vd->objectLock); if (!rvCert) { - rvCert = nssTrustDomain_FindCertificateByEncodedCertificate(vd->td, + rvCert = nssTrustDomain_FindCertByEncodedCert(vd->td, encodedCert); } return rvCert; } -NSS_IMPLEMENT NSSCertificate * -NSSVolatileDomain_FindCertificateByEncodedCertificate ( +NSS_IMPLEMENT NSSCert * +NSSVolatileDomain_FindCertByEncodedCert ( NSSVolatileDomain *vd, NSSBER *encodedCert ) { - return nssVolatileDomain_FindCertificateByEncodedCertificate(vd, + return nssVolatileDomain_FindCertByEncodedCert(vd, encodedCert); } -NSS_IMPLEMENT NSSCertificate ** -nssVolatileDomain_FindCertificatesByEmail ( +NSS_IMPLEMENT NSSCert ** +nssVolatileDomain_FindCertsByEmail ( NSSVolatileDomain *vd, NSSASCII7 *email, - NSSCertificate *rvOpt[], + NSSCert *rvOpt[], PRUint32 maximumOpt, /* 0 for no max */ NSSArena *arenaOpt ) { PRStatus status; PRUint32 i; - NSSCertificate **certs, **tdCerts; + NSSCert **certs, **tdCerts; NSSASCII7 *cEmail; struct cert_array_str cert_array; INIT_CERT_ARRAY(&cert_array, rvOpt, maximumOpt, arenaOpt); PZ_Lock(vd->objectLock); - certs = (NSSCertificate **)vd->certs.array; + certs = (NSSCert **)vd->certs.array; for (i=0; i<vd->certs.count; i++) { - cEmail = nssCertificate_GetEmailAddress(certs[i]); + cEmail = nssCert_GetEmailAddress(certs[i]); if (nssUTF8_Equal(cEmail, email, NULL)) { status = add_to_cert_array(&cert_array, certs[i]); if (status == PR_FAILURE) { @@ -705,28 +705,28 @@ nssVolatileDomain_FindCertificatesByEmail ( } PZ_Unlock(vd->objectLock); - tdCerts = nssTrustDomain_FindCertificatesByEmail(vd->td, email, + tdCerts = nssTrustDomain_FindCertsByEmail(vd->td, email, rvOpt ? rvOpt + cert_array.count : NULL, maximumOpt - cert_array.count, arenaOpt); return finish_cert_array(&cert_array, status, tdCerts); } -NSS_IMPLEMENT NSSCertificate ** -NSSVolatileDomain_FindCertificatesByEmail ( +NSS_IMPLEMENT NSSCert ** +NSSVolatileDomain_FindCertsByEmail ( NSSVolatileDomain *vd, NSSASCII7 *email, - NSSCertificate *rvOpt[], + NSSCert *rvOpt[], PRUint32 maximumOpt, /* 0 for no max */ NSSArena *arenaOpt ) { - return nssVolatileDomain_FindCertificatesByEmail(vd, email, rvOpt, + return nssVolatileDomain_FindCertsByEmail(vd, email, rvOpt, maximumOpt, arenaOpt); } -NSS_IMPLEMENT NSSCertificate * -nssVolatileDomain_FindBestCertificateByEmail ( +NSS_IMPLEMENT NSSCert * +nssVolatileDomain_FindBestCertByEmail ( NSSVolatileDomain *vd, NSSASCII7 *email, NSSTime time, @@ -734,23 +734,23 @@ nssVolatileDomain_FindBestCertificateByEmail ( NSSPolicies *policiesOpt ) { - NSSCertificate **certs; - NSSCertificate *rvCert = NULL; + NSSCert **certs; + NSSCert *rvCert = NULL; /* search the volatile domain by email */ - certs = nssVolatileDomain_FindCertificatesByEmail(vd, email, + certs = nssVolatileDomain_FindCertsByEmail(vd, email, NULL, 0, NULL); if (certs) { /* find the best one */ - rvCert = nssCertificateArray_FindBestCertificate(certs, time, + rvCert = nssCertArray_FindBestCert(certs, time, usages, policiesOpt); - nssCertificateArray_Destroy(certs); + nssCertArray_Destroy(certs); } return rvCert; } -NSS_IMPLEMENT NSSCertificate * -NSSVolatileDomain_FindBestCertificateByEmail ( +NSS_IMPLEMENT NSSCert * +NSSVolatileDomain_FindBestCertByEmail ( NSSVolatileDomain *vd, NSSASCII7 *email, NSSTime time, @@ -758,12 +758,12 @@ NSSVolatileDomain_FindBestCertificateByEmail ( NSSPolicies *policiesOpt ) { - return nssVolatileDomain_FindBestCertificateByEmail(vd, email, + return nssVolatileDomain_FindBestCertByEmail(vd, email, time, usages, policiesOpt); } -NSS_IMPLEMENT NSSCertificate * -NSSVolatileDomain_FindBestUserCertificate ( +NSS_IMPLEMENT NSSCert * +NSSVolatileDomain_FindBestUserCert ( NSSVolatileDomain *vd, NSSTime time, NSSUsages *usages, @@ -774,13 +774,13 @@ NSSVolatileDomain_FindBestUserCertificate ( return NULL; } -NSS_IMPLEMENT NSSCertificate ** -NSSVolatileDomain_FindUserCertificates ( +NSS_IMPLEMENT NSSCert ** +NSSVolatileDomain_FindUserCerts ( NSSVolatileDomain *vd, NSSTime time, NSSUsages *usagesOpt, NSSPolicies *policiesOpt, - NSSCertificate **rvOpt, + NSSCert **rvOpt, PRUint32 rvLimit, /* zero for no limit */ NSSArena *arenaOpt ) @@ -789,8 +789,8 @@ NSSVolatileDomain_FindUserCertificates ( return NULL; } -NSS_IMPLEMENT NSSCertificate * -NSSVolatileDomain_FindBestUserCertificateForSSLClientAuth ( +NSS_IMPLEMENT NSSCert * +NSSVolatileDomain_FindBestUserCertForSSLClientAuth ( NSSVolatileDomain *vd, NSSUTF8 *sslHostOpt, NSSDER *rootCAsOpt[], /* null pointer for none */ @@ -803,15 +803,15 @@ NSSVolatileDomain_FindBestUserCertificateForSSLClientAuth ( return NULL; } -NSS_IMPLEMENT NSSCertificate ** -NSSVolatileDomain_FindUserCertificatesForSSLClientAuth ( +NSS_IMPLEMENT NSSCert ** +NSSVolatileDomain_FindUserCertsForSSLClientAuth ( NSSVolatileDomain *vd, NSSUTF8 *sslHostOpt, NSSDER *rootCAsOpt[], /* null pointer for none */ PRUint32 rootCAsMaxOpt, /* zero means list is null-terminated */ const NSSAlgNParam *apOpt, NSSPolicies *policiesOpt, - NSSCertificate **rvOpt, + NSSCert **rvOpt, PRUint32 rvLimit, /* zero for no limit */ NSSArena *arenaOpt ) @@ -820,8 +820,8 @@ NSSVolatileDomain_FindUserCertificatesForSSLClientAuth ( return NULL; } -NSS_IMPLEMENT NSSCertificate * -NSSVolatileDomain_FindBestUserCertificateForEmailSigning ( +NSS_IMPLEMENT NSSCert * +NSSVolatileDomain_FindBestUserCertForEmailSigning ( NSSVolatileDomain *vd, NSSASCII7 *signerOpt, NSSASCII7 *recipientOpt, @@ -834,15 +834,15 @@ NSSVolatileDomain_FindBestUserCertificateForEmailSigning ( return NULL; } -NSS_IMPLEMENT NSSCertificate * -NSSVolatileDomain_FindUserCertificatesForEmailSigning ( +NSS_IMPLEMENT NSSCert * +NSSVolatileDomain_FindUserCertsForEmailSigning ( NSSVolatileDomain *vd, NSSASCII7 *signerOpt, /* fgmr or a more general name? */ NSSASCII7 *recipientOpt, /* anything more here? */ const NSSAlgNParam *apOpt, NSSPolicies *policiesOpt, - NSSCertificate **rvOpt, + NSSCert **rvOpt, PRUint32 rvLimit, /* zero for no limit */ NSSArena *arenaOpt ) @@ -897,8 +897,8 @@ NSSVolatileDomain_GenerateKeyPair ( destination, uhhOpt); } -NSS_IMPLEMENT NSSSymmetricKey * -nssVolatileDomain_GenerateSymmetricKey ( +NSS_IMPLEMENT NSSSymKey * +nssVolatileDomain_GenerateSymKey ( NSSVolatileDomain *vd, const NSSAlgNParam *ap, PRUint32 keysize, @@ -917,7 +917,7 @@ nssVolatileDomain_GenerateSymmetricKey ( creator.session = nssTokenSessionHash_GetSession(vd->tokenSessionHash, destination, PR_FALSE); if (!creator.session) { - return (NSSSymmetricKey *)NULL; + return (NSSSymKey *)NULL; } creator.persistent = PR_FALSE; creator.ap = ap; @@ -925,11 +925,11 @@ nssVolatileDomain_GenerateSymmetricKey ( creator.nickname = nicknameOpt; creator.properties = properties; creator.operations = operations; - return nssPKIObjectCreator_GenerateSymmetricKey(&creator, keysize); + return nssPKIObjectCreator_GenerateSymKey(&creator, keysize); } -NSS_IMPLEMENT NSSSymmetricKey * -NSSVolatileDomain_GenerateSymmetricKey ( +NSS_IMPLEMENT NSSSymKey * +NSSVolatileDomain_GenerateSymKey ( NSSVolatileDomain *vd, const NSSAlgNParam *ap, PRUint32 keysize, @@ -940,14 +940,14 @@ NSSVolatileDomain_GenerateSymmetricKey ( NSSCallback *uhhOpt ) { - return nssVolatileDomain_GenerateSymmetricKey(vd, ap, keysize, + return nssVolatileDomain_GenerateSymKey(vd, ap, keysize, labelOpt, operations, properties, destination, uhhOpt); } -NSS_IMPLEMENT NSSSymmetricKey * -NSSVolatileDomain_GenerateSymmetricKeyFromPassword ( +NSS_IMPLEMENT NSSSymKey * +NSSVolatileDomain_GenerateSymKeyFromPassword ( NSSVolatileDomain *vd, const NSSAlgNParam *ap, NSSUTF8 *passwordOpt, /* if null, prompt */ @@ -959,8 +959,8 @@ NSSVolatileDomain_GenerateSymmetricKeyFromPassword ( return NULL; } -NSS_IMPLEMENT NSSSymmetricKey * -NSSVolatileDomain_FindSymmetricKeyByAlgorithmAndKeyID ( +NSS_IMPLEMENT NSSSymKey * +NSSVolatileDomain_FindSymKeyByAlgorithmAndKeyID ( NSSVolatileDomain *vd, NSSOID *algorithm, NSSItem *keyID, @@ -972,27 +972,27 @@ NSSVolatileDomain_FindSymmetricKeyByAlgorithmAndKeyID ( } /* XXX at a lower layer, or with OID? */ -static NSSSymmetricKeyType +static NSSSymKeyType get_sym_key_type(const NSSOID *symKeyAlg) { switch (nssOID_GetTag(symKeyAlg)) { case NSS_OID_DES_ECB: case NSS_OID_DES_CBC: case NSS_OID_DES_MAC: - return NSSSymmetricKeyType_DES; + return NSSSymKeyType_DES; case NSS_OID_DES_EDE3_CBC: - return NSSSymmetricKeyType_TripleDES; + return NSSSymKeyType_TripleDES; case NSS_OID_RC2_CBC: - return NSSSymmetricKeyType_RC2; + return NSSSymKeyType_RC2; case NSS_OID_RC4: - return NSSSymmetricKeyType_RC4; + return NSSSymKeyType_RC4; default: - return NSSSymmetricKeyType_Unknown; + return NSSSymKeyType_Unknown; } } -NSS_IMPLEMENT NSSSymmetricKey * -nssVolatileDomain_UnwrapSymmetricKey ( +NSS_IMPLEMENT NSSSymKey * +nssVolatileDomain_UnwrapSymKey ( NSSVolatileDomain *vd, const NSSAlgNParam *ap, NSSPrivateKey *wrapKey, @@ -1004,23 +1004,23 @@ nssVolatileDomain_UnwrapSymmetricKey ( ) { nssCryptokiObject *vko, *mko; - NSSSymmetricKey *mkey = NULL; - NSSSymmetricKeyType keyType = get_sym_key_type(targetKeyAlg); + NSSSymKey *mkey = NULL; + NSSSymKeyType keyType = get_sym_key_type(targetKeyAlg); /* find a token to do it on */ vko = nssPrivateKey_FindInstanceForAlgorithm(wrapKey, ap); if (!vko) { - return (NSSSymmetricKey *)NULL; + return (NSSSymKey *)NULL; } /* do the unwrap for a session object */ - mko = nssToken_UnwrapSymmetricKey(vko->token, vko->session, ap, vko, + mko = nssToken_UnwrapSymKey(vko->token, vko->session, ap, vko, wrappedKey, PR_FALSE, operations, properties, keyType); /* done with the private key */ nssCryptokiObject_Destroy(vko); /* create a new symkey in the volatile domain */ if (mko) { - mkey = nssSymmetricKey_CreateFromInstance(mko, vd->td, vd); + mkey = nssSymKey_CreateFromInstance(mko, vd->td, vd); if (!mkey) { nssCryptokiObject_Destroy(mko); } @@ -1028,8 +1028,8 @@ nssVolatileDomain_UnwrapSymmetricKey ( return mkey; } -NSS_IMPLEMENT NSSSymmetricKey * -NSSVolatileDomain_UnwrapSymmetricKey ( +NSS_IMPLEMENT NSSSymKey * +NSSVolatileDomain_UnwrapSymKey ( NSSVolatileDomain *vd, const NSSAlgNParam *ap, NSSPrivateKey *wrapKey, @@ -1040,14 +1040,14 @@ NSSVolatileDomain_UnwrapSymmetricKey ( NSSProperties properties ) { - return nssVolatileDomain_UnwrapSymmetricKey(vd, ap, wrapKey, + return nssVolatileDomain_UnwrapSymKey(vd, ap, wrapKey, wrappedKey, targetKeyAlg, uhhOpt, operations, properties); } -NSS_IMPLEMENT NSSSymmetricKey * -NSSVolatileDomain_DeriveSymmetricKey ( +NSS_IMPLEMENT NSSSymKey * +NSSVolatileDomain_DeriveSymKey ( NSSVolatileDomain *vd, NSSPublicKey *bk, const NSSAlgNParam *apOpt, @@ -1063,10 +1063,10 @@ NSSVolatileDomain_DeriveSymmetricKey ( #if 0 NSS_IMPLEMENT NSSItem * -nssVolatileDomain_WrapSymmetricKey ( +nssVolatileDomain_WrapSymKey ( NSSVolatileDomain *vd, const NSSAlgNParam *apOpt, - NSSSymmetricKey *keyToWrap, + NSSSymKey *keyToWrap, NSSCallback *uhhOpt, NSSItem *rvOpt, NSSArena *arenaOpt @@ -1078,7 +1078,7 @@ nssVolatileDomain_WrapSymmetricKey ( return (NSSItem *)NULL; } /* set the context's symkey to the key to wrap */ - vd->mk = nssSymmetricKey_AddRef(keyToWrap); + vd->mk = nssSymKey_AddRef(keyToWrap); /* initialize the context with the symkey first */ if (prepare_context_symmetric_key(vd, ap) == PR_FAILURE) { /* didn't find a token that could do the operation */ @@ -1095,10 +1095,10 @@ nssVolatileDomain_WrapSymmetricKey ( } NSS_IMPLEMENT NSSItem * -NSSVolatileDomain_WrapSymmetricKey ( +NSSVolatileDomain_WrapSymKey ( NSSVolatileDomain *vd, const NSSAlgNParam *apOpt, - NSSSymmetricKey *keyToWrap, + NSSSymKey *keyToWrap, NSSCallback *uhhOpt, NSSItem *rvOpt, NSSArena *arenaOpt @@ -1108,7 +1108,7 @@ NSSVolatileDomain_WrapSymmetricKey ( nss_SetError(NSS_ERROR_INVALID_CRYPTO_CONTEXT); return (NSSItem *)NULL; } - return nssVolatileDomain_WrapSymmetricKey(vd, apOpt, keyToWrap, + return nssVolatileDomain_WrapSymKey(vd, apOpt, keyToWrap, uhhOpt, rvOpt, arenaOpt); } #endif diff --git a/security/nss/lib/pkix/src/pkiglue.c b/security/nss/lib/pkix/src/pkiglue.c index 4f358a067..b8a1161de 100644 --- a/security/nss/lib/pkix/src/pkiglue.c +++ b/security/nss/lib/pkix/src/pkiglue.c @@ -706,7 +706,7 @@ static PRStatus verify_signature ( NSSPKIXCertificate *cert, NSSPKIXCertificate *issuerCert, - NSSCertificate *issuer + NSSCert *issuer ) { PRStatus status; @@ -750,7 +750,7 @@ verify_signature ( return PR_FAILURE; } - verifyKey = NSSCertificate_GetPublicKey(issuer); + verifyKey = NSSCert_GetPublicKey(issuer); if (!verifyKey) { return PR_FAILURE; } @@ -774,7 +774,7 @@ verify_signature ( static PRStatus pkix_ValidateChainLink ( void *cert, - NSSCertificate *issuer, + NSSCert *issuer, void *vData ) { @@ -786,7 +786,7 @@ pkix_ValidateChainLink ( nss_HoldErrorStack(); - pkixIssuer = (NSSPKIXCertificate *)NSSCertificate_GetDecoding(issuer); + pkixIssuer = (NSSPKIXCertificate *)NSSCert_GetDecoding(issuer); if (!pkixIssuer) { goto loser; } @@ -836,7 +836,7 @@ pkix_Destroy ( nss_ResumeErrorStack(); } -NSSCertificateMethods g_pkix_methods; +NSSCertMethods g_pkix_methods; NSS_IMPLEMENT PRStatus NSS_EnablePKIXCertificates ( @@ -860,6 +860,5 @@ NSS_EnablePKIXCertificates ( g_pkix_methods.freeChainValidationData = pkix_FreeChainValidationData; g_pkix_methods.destroy = pkix_Destroy; - return NSS_SetDefaultCertificateHandler(NSSCertificateType_PKIX, - &g_pkix_methods); + return NSS_SetDefaultCertHandler(NSSCertType_PKIX, &g_pkix_methods); } diff --git a/security/nss/lib/ssl/prelib.c b/security/nss/lib/ssl/prelib.c index 5a3005c78..d510c8dbe 100644 --- a/security/nss/lib/ssl/prelib.c +++ b/security/nss/lib/ssl/prelib.c @@ -59,7 +59,7 @@ static unsigned char fromHex(char x) { PEHeader *SSL_PreencryptedStreamToFile(PRFileDesc *fd, PEHeader *inHeader, int *headerSize) { - NSSSymmetricKey *key, *tek, *Ks; + NSSSymKey *key, *tek, *Ks; sslSocket *ss; NSSToken **tokens; NSSToken *token; @@ -125,7 +125,7 @@ PEHeader *SSL_PreencryptedStreamToFile(PRFileDesc *fd, PEHeader *inHeader, } /* get the token and the serial number */ - tokens = NSSSymmetricKey_GetTokens(tek, NULL); + tokens = NSSSymKey_GetTokens(tek, NULL); if (tokens == NULL) { PORT_Free(header); return NULL; @@ -150,21 +150,21 @@ PEHeader *SSL_PreencryptedStreamToFile(PRFileDesc *fd, PEHeader *inHeader, skipjack = NSSOID_CreateFromTag(NSS_OID_FORTEZZA_SKIPJACK); if (!skipjack) { PORT_Free(header); - NSSSymmetricKey_Destroy(Ks); + NSSSymKey_Destroy(Ks); return NULL; } skipjackWrap = NSSAlgNParam_CreateWrap(NULL, NSSAlgorithmType_Skipjack, NULL); if (!skipjackWrap) { PORT_Free(header); - NSSSymmetricKey_Destroy(Ks); + NSSSymKey_Destroy(Ks); return NULL; } /* unwrap the key with the TEK */ item.data = inHeader->u.fortezza.key; item.size = sizeof(inHeader->u.fortezza.key); - key = NSSSymmetricKey_UnwrapSymmetricKey(tek, + key = NSSSymKey_UnwrapSymKey(tek, skipjackWrap, &item, skipjack, @@ -175,7 +175,7 @@ PEHeader *SSL_PreencryptedStreamToFile(PRFileDesc *fd, PEHeader *inHeader, #endif if (key == NULL) { PORT_Free(header); - NSSSymmetricKey_Destroy(Ks); + NSSSymKey_Destroy(Ks); NSSAlgNParam_Destroy(skipjackWrap); return NULL; } @@ -183,13 +183,13 @@ PEHeader *SSL_PreencryptedStreamToFile(PRFileDesc *fd, PEHeader *inHeader, /* rewrap with the local Ks */ item.data = header->u.fortezza.key; item.size = sizeof(header->u.fortezza.key); - rv = NSSSymmetricKey_Wrap(Ks, skipjackWrap, key, + rv = NSSSymKey_Wrap(Ks, skipjackWrap, key, ss->pinCallback, &item, NULL); #if 0 rv = PK11_WrapSymKey(CKM_SKIPJACK_WRAP, NULL, Ks, key, &item); #endif - NSSSymmetricKey_Destroy(Ks); - NSSSymmetricKey_Destroy(key); + NSSSymKey_Destroy(Ks); + NSSSymKey_Destroy(key); NSSAlgNParam_Destroy(skipjackWrap); if (rv != SECSuccess) { PORT_Free(header); @@ -218,7 +218,7 @@ PEHeader *SSL_PreencryptedStreamToFile(PRFileDesc *fd, PEHeader *inHeader, PEHeader *SSL_PreencryptedFileToStream(PRFileDesc *fd, PEHeader *header, int *headerSize) { - NSSSymmetricKey *key, *tek, *Ks; + NSSSymKey *key, *tek, *Ks; sslSocket *ss; NSSToken **tokens; NSSToken *token; @@ -252,7 +252,7 @@ PEHeader *SSL_PreencryptedFileToStream(PRFileDesc *fd, PEHeader *header, slot = PK11_GetSlotFromKey(tek); /* get the token and the serial number */ - tokens = NSSSymmetricKey_GetTokens(tek, NULL); + tokens = NSSSymKey_GetTokens(tek, NULL); if (tokens == NULL) { return NULL; } @@ -267,13 +267,13 @@ PEHeader *SSL_PreencryptedFileToStream(PRFileDesc *fd, PEHeader *header, /* set up the algorithms */ skipjack = NSSOID_CreateFromTag(NSS_OID_FORTEZZA_SKIPJACK); if (!skipjack) { - NSSSymmetricKey_Destroy(Ks); + NSSSymKey_Destroy(Ks); return NULL; } skipjackWrap = NSSAlgNParam_CreateWrap(NULL, NSSAlgorithmType_Skipjack, NULL); if (!skipjackWrap) { - NSSSymmetricKey_Destroy(Ks); + NSSSymKey_Destroy(Ks); return NULL; } @@ -281,7 +281,7 @@ PEHeader *SSL_PreencryptedFileToStream(PRFileDesc *fd, PEHeader *header, item.data = header->u.fortezza.key; item.size = sizeof(header->u.fortezza.key); /* rewrap the key with the TEK */ - key = NSSSymmetricKey_UnwrapSymmetricKey(Ks, skipjackWrap, + key = NSSSymKey_UnwrapSymKey(Ks, skipjackWrap, &item, skipjack, NSSOperations_DECRYPT, 0); #if 0 @@ -289,17 +289,17 @@ PEHeader *SSL_PreencryptedFileToStream(PRFileDesc *fd, PEHeader *header, NULL, &item, CKM_SKIPJACK_CBC64, CKA_DECRYPT, 0); #endif if (key == NULL) { - NSSSymmetricKey_Destroy(Ks); + NSSSymKey_Destroy(Ks); return NULL; } - rv = NSSSymmetricKey_Wrap(tek, skipjackWrap, key, + rv = NSSSymKey_Wrap(tek, skipjackWrap, key, ss->pinCallback, &item, NULL); #if 0 rv = PK11_WrapSymKey(CKM_SKIPJACK_WRAP, NULL, tek, key, &item); #endif - NSSSymmetricKey_Destroy(Ks); - NSSSymmetricKey_Destroy(key); + NSSSymKey_Destroy(Ks); + NSSSymKey_Destroy(key); if (rv != SECSuccess) { return NULL; } diff --git a/security/nss/lib/ssl/ssl3con.c b/security/nss/lib/ssl/ssl3con.c index 14ddcf132..c89df8dce 100644 --- a/security/nss/lib/ssl/ssl3con.c +++ b/security/nss/lib/ssl/ssl3con.c @@ -296,7 +296,7 @@ static const ssl3BulkCipherDef bulk_cipher_defs[] = { AES, s_aes_ap, 16, 16, type_block, 16,16, kg_strong}, { cipher_aes_256, - NSSSymmetricKeyType_AES, + NSSSymKeyType_AES, s_aes_ap, 32, 32, type_block, 16,16, kg_strong}, #endif { cipher_missing, @@ -1043,7 +1043,7 @@ static void ssl3_CleanupKeyMaterial(ssl3KeyMaterial *mat) { if (mat->write_key != NULL) { - NSSSymmetricKey_Destroy(mat->write_key); + NSSSymKey_Destroy(mat->write_key); mat->write_key = NULL; } #if 0 @@ -1074,7 +1074,7 @@ ssl3_DestroyCipherSpec(ssl3CipherSpec *spec) spec->decodeContext = NULL; } if (spec->master_secret != NULL) { - NSSSymmetricKey_Destroy(spec->master_secret); + NSSSymKey_Destroy(spec->master_secret); spec->master_secret = NULL; } ssl3_CleanupKeyMaterial(&spec->client); @@ -1968,14 +1968,14 @@ ssl3_HandleChangeCipherSpecs(sslSocket *ss, sslBuffer *buf) (it)->size = sizeof(buf); static PRStatus -ssl3_DeriveMasterSecret(sslSocket *ss, NSSSymmetricKey *pmsOpt); +ssl3_DeriveMasterSecret(sslSocket *ss, NSSSymKey *pmsOpt); { PRBool isTLS = (PRBool)(kea_def->tls_keygen || (pwSpec->version > SSL_LIBRARY_VERSION_3_0)); PRBool isDH = (PRBool) (ss->ssl3->hs.kea_def->exchKeyType == ssl_kea_dh); NSSAlgNParam *msDerive = NULL; - NSSSymmetricKey *ms = ssl->ssl3->pwSpec->master_secret; - NSSSymmetricKey *fpms = NULL; + NSSSymKey *ms = ssl->ssl3->pwSpec->master_secret; + NSSSymKey *fpms = NULL; NSSSSLMSParameters msParams; PRStatus status; @@ -1997,31 +1997,31 @@ ssl3_DeriveMasterSecret(sslSocket *ss, NSSSymmetricKey *pmsOpt); if (pmsOpt) { /* generating master secret from existing pre-master secret */ - ms = NSSSymmetricKey_DeriveSymmetricKey(pmsOpt, msDerive, - NSSSymmetricKeyType_SSLMS, + ms = NSSSymKey_DeriveSymKey(pmsOpt, msDerive, + NSSSymKeyType_SSLMS, 0, keyOps, NULL); if (ms && !isDH && ss->detectRollBack) { SSL3ProtocolVersion client_version; client_version = pms_version.major << 8 | pms_version.minor; if (client_version != ss->clientHelloVersion) { /* Destroy it. Version roll-back detected. */ - NSSSymmetricKey_Destroy(ms); + NSSSymKey_Destroy(ms); ms = NULL; } } if (!ms) { /* Generate a faux master secret in the same slot as the old one. */ NSSToken *pmsToken; - (void)NSSSymmetricKey_GetTokens(pmsOpt, &pmsToken, 1, &status); + (void)NSSSymKey_GetTokens(pmsOpt, &pmsToken, 1, &status); if (status == PR_FAILURE) { goto loser; } fpms = ssl3_GenerateRSAPMS(ss, pwSpec, pmsToken); if (fpms) { - ms = NSSSymmetricKey_DeriveSymmetricKey(fpms, msDerive, - NSSSymmetricKeyType_SSLMS, + ms = NSSSymKey_DeriveSymKey(fpms, msDerive, + NSSSymKeyType_SSLMS, 0, keyOps, NULL); - NSSSymmetricKey_Destroy(fpms); + NSSSymKey_Destroy(fpms); } NSSToken_Destroy(pmsToken); } @@ -2033,11 +2033,11 @@ ssl3_DeriveMasterSecret(sslSocket *ss, NSSSymmetricKey *pmsOpt); /* generate a faux master secret in the internal slot */ fpms = ssl3_GenerateRSAPMS(ss, pwSpec, internal); if (fpms) { - ms = NSSSymmetricKey_DeriveSymmetricKey(fpms, msDerive, - NSSSymmetricKeyType_SSLMS, + ms = NSSSymKey_DeriveSymKey(fpms, msDerive, + NSSSymKeyType_SSLMS, 0, keyOps, NULL); if (ms) { - NSSSymmetricKey_Destroy(fpms); + NSSSymKey_Destroy(fpms); } else { ms = fpms; } @@ -2068,7 +2068,7 @@ loser: * ssl3_InitPendingCipherSpec does that. */ static PRStatus -ssl3_GenerateSessionKeys(sslSocket *ss, NSSSymmetricKey *pmsOpt) +ssl3_GenerateSessionKeys(sslSocket *ss, NSSSymKey *pmsOpt) { ssl3CipherSpec * pwSpec = ss->ssl3->pwSpec; const ssl3BulkCipherDef *cipher_def = pwSpec->cipher_def; @@ -2077,11 +2077,11 @@ ssl3_GenerateSessionKeys(sslSocket *ss, NSSSymmetricKey *pmsOpt) PRBool skipKeysAndIVs = (PRBool)((cipher_def->calg == calg_fortezza) || (cipher_def->calg == calg_null)); SSLCipherAlgorithm calg; - NSSSymmetricKeyType bulkKeyType; + NSSSymKeyType bulkKeyType; NSSSSLSessionKeyParameters skParams = { 0 }; NSSAlgNParam *skDerive = NULL; NSSOperations keyOps; - NSSSymmetricKey *sessionKeys[4]; + NSSSymKey *sessionKeys[4]; PORT_Assert( ssl_HaveSSL3HandshakeLock(ss)); PORT_Assert( ssl_HaveSpecWriteLock(ss)); @@ -2121,7 +2121,7 @@ ssl3_GenerateSessionKeys(sslSocket *ss, NSSSymmetricKey *pmsOpt) goto loser; } - status = nssSymmetricKey_DeriveSSLSessionKeys(pwSpec->masterSecret, + status = nssSymKey_DeriveSSLSessionKeys(pwSpec->masterSecret, skDerive, bulkKeyType, NSSOperations_ENCRYPT, 0, keySize, sessionKeys); @@ -2131,16 +2131,16 @@ ssl3_GenerateSessionKeys(sslSocket *ss, NSSSymmetricKey *pmsOpt) } pwSpec->client.write_mac_cx = - NSSSymmetricKey_CreateCryptoContext(sessionKeys[0], , ); + NSSSymKey_CreateCryptoContext(sessionKeys[0], , ); pwSpec->server.write_mac_cx = - NSSSymmetricKey_CreateCryptoContext(sessionKeys[1], , ); + NSSSymKey_CreateCryptoContext(sessionKeys[1], , ); pwSpec->client.write_cx = - NSSSymmetricKey_CreateCryptoContext(sessionKeys[2], , ); + NSSSymKey_CreateCryptoContext(sessionKeys[2], , ); pwSpec->server.write_cx = - NSSSymmetricKey_CreateCryptoContext(sessionKeys[3], , ); + NSSSymKey_CreateCryptoContext(sessionKeys[3], , ); NSSAlgNParam_Destroy(skDerive); @@ -6122,11 +6122,11 @@ fortezza_loser: * ssl3_HandleRSAClientKeyExchange() (below) * Caller must hold the SpecWriteLock, the SSL3HandshakeLock */ -static NSSSymmetricKey * +static NSSSymKey * ssl3_GenerateRSAPMS(sslSocket *ss, ssl3CipherSpec *spec, NSSToken *serverKeyToken) { - NSSSymmetricKey * pms = NULL; + NSSSymKey * pms = NULL; NSSToken * token = serverKeyToken; const NSSAlgNParam *pmsAlg = ssl3_GetPMSAlg(ss->clientHelloVersion); @@ -6153,14 +6153,14 @@ ssl3_GenerateRSAPMS(sslSocket *ss, ssl3CipherSpec *spec, return (NSSCryptoContext *)NULL; } - pms = NSSCryptoContext_GenerateSymmetricKey(pmsCx, NULL, 0, token, NULL); + pms = NSSCryptoContext_GenerateSymKey(pmsCx, NULL, 0, token, NULL); if (!pms) { ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE); NSSCryptoContext_Destroy(pmsCx); return (NSSCryptoContext *)NULL; } - NSSSymmetricKey_Destroy(pms); /* part of context */ + NSSSymKey_Destroy(pms); /* part of context */ if (!serverKeyToken) { NSSToken_Destroy(token); } @@ -6185,7 +6185,7 @@ ssl3_HandleRSAClientKeyExchange(sslSocket *ss, PRUint32 length, NSSPrivateKey *serverKey) { - NSSSymmetricKey *pms; + NSSSymKey *pms; NSSCryptoContext *pmsCx; SECStatus rv; NSSItem enc_pms; @@ -6210,7 +6210,7 @@ ssl3_HandleRSAClientKeyExchange(sslSocket *ss, /* * decrypt pms out of the incoming buffer */ - pms = NSSPrivateKey_UnwrapSymmetricKey(serverKey, rsaUnwrap, + pms = NSSPrivateKey_UnwrapSymKey(serverKey, rsaUnwrap, &emc_pms, NULL); if (pms) { /* XXX @@ -6218,12 +6218,12 @@ ssl3_HandleRSAClientKeyExchange(sslSocket *ss, PK11_GetKeyData(pms)->data, PK11_GetKeyData(pms)->size)); */ - pmsCx = NSSSymmetricKey_CreateCryptoContext(pms, NULL, NULL); + pmsCx = NSSSymKey_CreateCryptoContext(pms, NULL, NULL); if (!pmsCx) { ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE); return SECFailure; } - NSSSymmetricKey_Destroy(pms); /* context has it */ + NSSSymKey_Destroy(pms); /* context has it */ } else { /* unwrap failed. Generate a bogus pre-master secret and carry on. */ NSSToken *token = NSSPrivateKey_GetAToken(serverKey); diff --git a/security/nss/lib/ssl/sslimpl.h b/security/nss/lib/ssl/sslimpl.h index 2f5164ec8..d4d4443f7 100644 --- a/security/nss/lib/ssl/sslimpl.h +++ b/security/nss/lib/ssl/sslimpl.h @@ -389,8 +389,8 @@ typedef struct { typedef struct { SSL3Opaque write_iv[MAX_IV_LENGTH]; - NSSSymmetricKey *write_key; - /* NSSSymmetricKey *write_mac_key; */ + NSSSymKey *write_key; + /* NSSSymKey *write_mac_key; */ NSSCryptoContext *write_mac_context; } ssl3KeyMaterial; @@ -417,7 +417,7 @@ typedef struct { SSLCipher decode; void * decodeContext; SSLDestroy destroy; - NSSSymmetricKey * master_secret; + NSSSymKey * master_secret; ssl3KeyMaterial client; ssl3KeyMaterial server; SSL3SequenceNumber write_seq_num; |