summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorian.mcgreer%sun.com <devnull@localhost>2003-01-09 21:45:19 +0000
committerian.mcgreer%sun.com <devnull@localhost>2003-01-09 21:45:19 +0000
commitb324c57a2932ec201fbd63fd24892a63a984f6c6 (patch)
tree076875dd7d2b4ac38615d8c53f3da1195f557f15
parent7ccdb0f2f5f01ceaacea9ac60b5b8b2dd7ffa5f2 (diff)
downloadnss-hg-b324c57a2932ec201fbd63fd24892a63a984f6c6.tar.gz
s/Certificate/Cert/
s/SymmetricKey/SymKey/
Diffstat
-rw-r--r--security/nss/cmd/cipher/cipher.c4
-rw-r--r--security/nss/cmd/cipher/cipher.h4
-rw-r--r--security/nss/cmd/cipher/ciphertests.c34
-rw-r--r--security/nss/cmd/cipher/cipherutil.c8
-rw-r--r--security/nss/cmd/cmdlib/cmdutil.h2
-rw-r--r--security/nss/cmd/pkiutil/pkiobject.c174
-rw-r--r--security/nss/cmd/pkiutil/pkiutil.c2
-rw-r--r--security/nss/cmd/pkiutil/pkiutil.h2
-rw-r--r--security/nss/lib/dev/ckhelper.c48
-rw-r--r--security/nss/lib/dev/ckhelper.h2
-rw-r--r--security/nss/lib/dev/dev.h68
-rw-r--r--security/nss/lib/dev/devtoken.c38
-rw-r--r--security/nss/lib/dev/devutil.c2
-rw-r--r--security/nss/lib/dev/nssdevt.h26
-rw-r--r--security/nss/lib/nss/nss.def232
-rw-r--r--security/nss/lib/nss/nss.h8
-rw-r--r--security/nss/lib/nss/nsscert.c18
-rw-r--r--security/nss/lib/nss/nssrenam.h4
-rw-r--r--security/nss/lib/nss/nsst.h2
-rw-r--r--security/nss/lib/pki/asymmkey.c81
-rw-r--r--security/nss/lib/pki/certificate.c492
-rw-r--r--security/nss/lib/pki/cryptocontext.c60
-rw-r--r--security/nss/lib/pki/nsspki.h762
-rw-r--r--security/nss/lib/pki/nsspkit.h24
-rw-r--r--security/nss/lib/pki/pki.h148
-rw-r--r--security/nss/lib/pki/pkibase.c136
-rw-r--r--security/nss/lib/pki/pkim.h132
-rw-r--r--security/nss/lib/pki/pkistore.c200
-rw-r--r--security/nss/lib/pki/pkistore.h108
-rw-r--r--security/nss/lib/pki/pkit.h8
-rw-r--r--security/nss/lib/pki/pkitm.h8
-rw-r--r--security/nss/lib/pki/symmkey.c234
-rw-r--r--security/nss/lib/pki/trustdomain.c332
-rw-r--r--security/nss/lib/pki/volatiledomain.c342
-rw-r--r--security/nss/lib/pkix/src/pkiglue.c13
-rw-r--r--security/nss/lib/ssl/prelib.c36
-rw-r--r--security/nss/lib/ssl/ssl3con.c64
-rw-r--r--security/nss/lib/ssl/sslimpl.h6
38 files changed, 1932 insertions, 1932 deletions
diff --git a/security/nss/cmd/cipher/cipher.c b/security/nss/cmd/cipher/cipher.c
index dfce9f83f..a2b1d4942 100644
--- a/security/nss/cmd/cipher/cipher.c
+++ b/security/nss/cmd/cipher/cipher.c
@@ -350,7 +350,7 @@ cipher_command_dispatcher(cmdCommand *cipher, int cmdToRun)
char *inMode;
char *outMode;
unsigned int size;
-NSSSymmetricKey *symkey;
+NSSSymKey *symkey;
if (cipher->opt[opt_Ascii].on) {
inMode = outMode = "ascii";
@@ -426,7 +426,7 @@ NSSSymmetricKey *symkey;
if (cipher->opt[opt_Size].on) {
size = atoi(cipher->opt[opt_Size].arg);
} else size = 0;
- symkey = GenerateSymmetricKey(td, /*cc, */ token,
+ symkey = GenerateSymKey(td, /*cc, */ token,
cipher->opt[opt_Cipher].arg,
size, NULL);
break;
diff --git a/security/nss/cmd/cipher/cipher.h b/security/nss/cmd/cipher/cipher.h
index 69dd74670..1e253c2cb 100644
--- a/security/nss/cmd/cipher/cipher.h
+++ b/security/nss/cmd/cipher/cipher.h
@@ -72,8 +72,8 @@ Encrypt
CMDRunTimeData *rtData
);
-NSSSymmetricKey *
-GenerateSymmetricKey
+NSSSymKey *
+GenerateSymKey
(
NSSTrustDomain *td,
/*NSSCryptoContext *cc,*/
diff --git a/security/nss/cmd/cipher/ciphertests.c b/security/nss/cmd/cipher/ciphertests.c
index 54c4c0ce7..6a43c261b 100644
--- a/security/nss/cmd/cipher/ciphertests.c
+++ b/security/nss/cmd/cipher/ciphertests.c
@@ -42,7 +42,7 @@
#define SYMKEY_TEST_FILE "symtests.txt"
PRStatus
-EncryptionTest(NSSSymmetricKey *symKey,
+EncryptionTest(NSSSymKey *symKey,
NSSAlgNParam *cipher,
NSSItem *plaintext,
NSSItem *ciphertext)
@@ -51,7 +51,7 @@ EncryptionTest(NSSSymmetricKey *symKey,
NSSCryptoContext *cc;
/* Create a crypto context for encryption with the symkey */
- cc = NSSSymmetricKey_CreateCryptoContext(symKey, cipher, NULL);
+ cc = NSSSymKey_CreateCryptoContext(symKey, cipher, NULL);
if (!cc) {
CMD_PrintError("Failed to create crypto context");
return PR_FAILURE;
@@ -70,7 +70,7 @@ EncryptionTest(NSSSymmetricKey *symKey,
NSSItem_Destroy(encryptedData);
/* repeat using symkey directly */
- encryptedData = NSSSymmetricKey_Encrypt(symKey, cipher,
+ encryptedData = NSSSymKey_Encrypt(symKey, cipher,
plaintext,
NULL, NULL, NULL);
if (!encryptedData || !NSSItem_Equal(encryptedData, ciphertext, NULL))
@@ -95,7 +95,7 @@ EncryptionTest(NSSSymmetricKey *symKey,
NSSItem_Destroy(decryptedData);
/* repeat using symkey directly */
- decryptedData = NSSSymmetricKey_Decrypt(symKey, cipher,
+ decryptedData = NSSSymKey_Decrypt(symKey, cipher,
ciphertext,
NULL, NULL, NULL);
if (!decryptedData || !NSSItem_Equal(decryptedData, plaintext, NULL))
@@ -126,16 +126,16 @@ static const char *cipherArgs[] = {
static int numCipherArgs = sizeof(cipherArgs) / sizeof(cipherArgs[0]);
-static NSSSymmetricKey *
+static NSSSymKey *
unwrap_symkey(NSSVolatileDomain *vd, NSSPrivateKey *unwrapKey,
NSSAlgNParam *wrapAP,
const NSSOID *keyAlg, char *value)
{
- NSSSymmetricKey *symKey = NULL;
+ NSSSymKey *symKey = NULL;
NSSItem *wrappedKey;
wrappedKey = CMD_ConvertHex(value, strlen(value), NULL);
if (wrappedKey) {
- symKey = NSSVolatileDomain_UnwrapSymmetricKey(vd, wrapAP,
+ symKey = NSSVolatileDomain_UnwrapSymKey(vd, wrapAP,
unwrapKey,
wrappedKey,
keyAlg,
@@ -155,7 +155,7 @@ SymmetricCipherTests(CMDRunTimeData *rtData,
char *value;
PRStatus status;
NSSArena *arena = NULL;
- NSSSymmetricKey *symKey = NULL;
+ NSSSymKey *symKey = NULL;
NSSAlgNParam *ap = NULL;
NSSItem *plaintext = NULL;
NSSItem *ciphertext = NULL;
@@ -174,7 +174,7 @@ SymmetricCipherTests(CMDRunTimeData *rtData,
NSSAlgNParam_Destroy(ap); ap = NULL;
}
if (symKey) {
- NSSSymmetricKey_Destroy(symKey); symKey = NULL;
+ NSSSymKey_Destroy(symKey); symKey = NULL;
}
if (arena) {
NSSArena_Destroy(arena);
@@ -319,10 +319,10 @@ CreateASelfTest(char *cipher, int keysize, char *input)
CMDRunTimeData rtData;
NSSOID *alg;
NSSAlgNParam *ap, *wrapAP;
- NSSSymmetricKey *symKey;
+ NSSSymKey *symKey;
NSSItem *wrappedKey, *algID, plaintext, *ciphertext;
NSSToken *token = GetInternalCryptoToken();
- NSSCertificate *wrapCert;
+ NSSCert *wrapCert;
NSSItem *encodedCert;
plaintext.data = input; plaintext.size = strlen(input);
@@ -347,7 +347,7 @@ CreateASelfTest(char *cipher, int keysize, char *input)
}
/* import the cert into the volatile domain */
- wrapCert = NSSVolatileDomain_ImportEncodedCertificate(vd,
+ wrapCert = NSSVolatileDomain_ImportEncodedCert(vd,
encodedCert,
NULL);
NSSItem_Destroy(encodedCert);
@@ -360,14 +360,14 @@ CreateASelfTest(char *cipher, int keysize, char *input)
status = CMD_SetRunTimeData(NULL, NULL, "binary",
NULL, "binary", &rtData);
if (status == PR_FAILURE) {
- NSSCertificate_Destroy(wrapCert);
+ NSSCert_Destroy(wrapCert);
return PR_FAILURE;
}
alg = NSSOID_CreateFromTag(NSS_OID_PKCS1_RSA_ENCRYPTION);
wrapAP = NSSOID_CreateAlgNParam(alg, NULL, NULL);
if (!wrapAP) {
- NSSCertificate_Destroy(wrapCert);
+ NSSCert_Destroy(wrapCert);
CMD_PrintError("failed to create alg/param for unwrap");
return PR_FAILURE;
}
@@ -377,7 +377,7 @@ CreateASelfTest(char *cipher, int keysize, char *input)
return PR_FAILURE;
}
- symKey = NSSVolatileDomain_GenerateSymmetricKey(vd, ap, keysize, NULL,
+ symKey = NSSVolatileDomain_GenerateSymKey(vd, ap, keysize, NULL,
0, 0, token, NULL);
NSSAlgNParam_Destroy(ap);
if (!symKey) {
@@ -390,14 +390,14 @@ CreateASelfTest(char *cipher, int keysize, char *input)
return PR_FAILURE;
}
- ciphertext = NSSSymmetricKey_Encrypt(symKey, ap, &plaintext,
+ ciphertext = NSSSymKey_Encrypt(symKey, ap, &plaintext,
NULL, NULL, NULL);
if (!ciphertext) {
CMD_PrintError("encryption failed\n");
return PR_FAILURE;
}
- wrappedKey = NSSCertificate_WrapSymmetricKey(wrapCert, wrapAP,
+ wrappedKey = NSSCert_WrapSymKey(wrapCert, wrapAP,
symKey,
NSSTime_Now(), NULL, NULL,
NULL, NULL, NULL);
diff --git a/security/nss/cmd/cipher/cipherutil.c b/security/nss/cmd/cipher/cipherutil.c
index 6cdfbbff9..42fcc3273 100644
--- a/security/nss/cmd/cipher/cipherutil.c
+++ b/security/nss/cmd/cipher/cipherutil.c
@@ -127,8 +127,8 @@ GetSymKeyGenAP(char *cipher)
return ap;
}
-NSSSymmetricKey *
-GenerateSymmetricKey
+NSSSymKey *
+GenerateSymKey
(
NSSTrustDomain *td,
/*NSSCryptoContext *cc,*/
@@ -139,14 +139,14 @@ GenerateSymmetricKey
)
{
NSSAlgNParam *keygen;
- NSSSymmetricKey *skey;
+ NSSSymKey *skey;
keygen = GetSymKeyGenAP(cipher);
if (!keygen) {
return NULL;
}
- skey = NSSTrustDomain_GenerateSymmetricKey(td, keygen, length,
+ skey = NSSTrustDomain_GenerateSymKey(td, keygen, length,
token, NULL);
NSSAlgNParam_Destroy(keygen);
diff --git a/security/nss/cmd/cmdlib/cmdutil.h b/security/nss/cmd/cmdlib/cmdutil.h
index 5b7a376cd..a47b121e2 100644
--- a/security/nss/cmd/cmdlib/cmdutil.h
+++ b/security/nss/cmd/cmdlib/cmdutil.h
@@ -216,7 +216,7 @@ void
CMD_PrintHex(CMDPrinter *printer, NSSItem *item, char *message);
void
-CMD_PrintPKIXCertificate(CMDPrinter *printer, NSSPKIXCertificate *pkixCert,
+CMD_PrintPKIXCert(CMDPrinter *printer, NSSPKIXCertificate *pkixCert,
char *message);
void
diff --git a/security/nss/cmd/pkiutil/pkiobject.c b/security/nss/cmd/pkiutil/pkiobject.c
index a79dc4779..305da6f7e 100644
--- a/security/nss/cmd/pkiutil/pkiobject.c
+++ b/security/nss/cmd/pkiutil/pkiobject.c
@@ -52,7 +52,7 @@ get_object_class(char *type)
}
if (strcmp(type, "certificate") == 0 || strcmp(type, "cert") == 0 ||
strcmp(type, "Certificate") == 0 || strcmp(type, "Cert") == 0) {
- return PKICertificate;
+ return PKICert;
} else if (strcmp(type, "public-key") == 0 ||
strcmp(type, "PublicKey") == 0) {
return PKIPublicKey;
@@ -103,23 +103,23 @@ get_key_pair_alg(char *type)
/* XXX */
static NSSItem *
-get_cert_serial_number(NSSCertificate *c)
+get_cert_serial_number(NSSCert *c)
{
NSSPKIXCertificate *pkixCert;
NSSPKIXTBSCertificate *tbsCert;
- pkixCert = (NSSPKIXCertificate *)NSSCertificate_GetDecoding(c);
+ pkixCert = (NSSPKIXCertificate *)NSSCert_GetDecoding(c);
tbsCert = NSSPKIXCertificate_GetTBSCertificate(pkixCert);
return NSSPKIXTBSCertificate_GetSerialNumber(tbsCert);
}
/* XXX should have a filter function */
-static NSSCertificate *
+static NSSCert *
find_nick_cert_by_sn(NSSTrustDomain *td, char *nickname, char *serial)
{
int i = 0;
- NSSCertificate **certs;
- NSSCertificate *c = NULL;
- certs = NSSTrustDomain_FindCertificatesByNickname(td, nickname,
+ NSSCert **certs;
+ NSSCert *c = NULL;
+ certs = NSSTrustDomain_FindCertsByNickname(td, nickname,
NULL, 0, NULL);
if (certs) {
while (certs[i]) {
@@ -138,22 +138,22 @@ find_nick_cert_by_sn(NSSTrustDomain *td, char *nickname, char *serial)
}
i++;
}
- NSSCertificateArray_Destroy(certs);
+ NSSCertArray_Destroy(certs);
}
return c;
}
static PRStatus
-print_cert_callback(NSSCertificate *c, void *arg)
+print_cert_callback(NSSCert *c, void *arg)
{
CMDRunTimeData *rtData = (CMDRunTimeData *)arg;
CMDPrinter printer;
- NSSUTF8 *nickname = nssCertificate_GetNickname(c, NULL);
+ NSSUTF8 *nickname = nssCert_GetNickname(c, NULL);
NSSItem *serialNumber;
NSSUsages usages;
- PRBool isUserCert = NSSCertificate_IsPrivateKeyAvailable(c, NULL, NULL);
+ PRBool isUserCert = NSSCert_IsPrivateKeyAvailable(c, NULL, NULL);
serialNumber = get_cert_serial_number(c);
- if (NSSCertificate_GetTrustedUsages(c, &usages) == NULL) {
+ if (NSSCert_GetTrustedUsages(c, &usages) == NULL) {
CMD_PrintError("Failed to obtain trusted usages");
return PR_FAILURE;
}
@@ -168,18 +168,18 @@ print_cert_callback(NSSCertificate *c, void *arg)
}
static PRStatus
-print_decoded_cert(CMDRunTimeData *rtData, NSSCertificate *c)
+print_decoded_cert(CMDRunTimeData *rtData, NSSCert *c)
{
CMDPrinter printer;
CMD_InitPrinter(&printer, rtData->output.file,
DEFAULT_LEFT_MARGIN, DEFAULT_RIGHT_MARGIN);
- if (NSSCertificate_GetType(c) == NSSCertificateType_PKIX) {
+ if (NSSCert_GetType(c) == NSSCertType_PKIX) {
NSSPKIXCertificate *pkixCert;
- pkixCert = (NSSPKIXCertificate *)NSSCertificate_GetDecoding(c);
+ pkixCert = (NSSPKIXCertificate *)NSSCert_GetDecoding(c);
if (pkixCert) {
- CMD_PrintPKIXCertificate(&printer, pkixCert, "Certificate");
+ CMD_PrintPKIXCertificate(&printer, pkixCert, "Cert");
}
}
/* XXX */
@@ -188,7 +188,7 @@ print_decoded_cert(CMDRunTimeData *rtData, NSSCertificate *c)
}
static PRStatus
-dump_cert_callback(NSSCertificate *c, void *arg)
+dump_cert_callback(NSSCert *c, void *arg)
{
CMDRunTimeData *rtData = (CMDRunTimeData *)arg;
print_decoded_cert(rtData, c);
@@ -200,17 +200,17 @@ print_privkey_callback(NSSPrivateKey *vk, void *arg)
{
CMDRunTimeData *rtData = (CMDRunTimeData *)arg;
NSSUTF8 *nickname = nssPrivateKey_GetNickname(vk, NULL);
- NSSCertificate **certs, **cp;
+ NSSCert **certs, **cp;
NSSPublicKey *pubkey;
PR_fprintf(rtData->output.file, "Listing %s", nickname);
- certs = NSSPrivateKey_FindCertificates(vk, NULL, 0, NULL);
+ certs = NSSPrivateKey_FindCerts(vk, NULL, 0, NULL);
if (certs) {
PR_fprintf(rtData->output.file, " for certs ");
for (cp = certs; *cp; cp++) {
- nickname = nssCertificate_GetNickname(*cp, NULL);
+ nickname = nssCert_GetNickname(*cp, NULL);
PR_fprintf(rtData->output.file, "%s ", nickname);
}
- NSSCertificateArray_Destroy(certs);
+ NSSCertArray_Destroy(certs);
}
printf("\n");
return PR_SUCCESS;
@@ -256,15 +256,15 @@ list_nickname_certs
NSSTrustDomain *td,
char *nickname,
PRUint32 maximumOpt,
- PRStatus (* callback)(NSSCertificate *c, void *arg),
+ PRStatus (* callback)(NSSCert *c, void *arg),
void *arg
)
{
- NSSCertificate **certs = NULL;
- NSSCertificate **certp;
- NSSCertificate *cert[2];
+ NSSCert **certs = NULL;
+ NSSCert **certp;
+ NSSCert *cert[2];
if (maximumOpt == 1) {
- cert[0] = NSSTrustDomain_FindBestCertificateByNickname(td,
+ cert[0] = NSSTrustDomain_FindBestCertByNickname(td,
nickname,
NSSTime_Now(),
NULL,
@@ -272,7 +272,7 @@ list_nickname_certs
cert[1] = NULL;
certs = cert;
} else {
- certs = NSSTrustDomain_FindCertificatesByNickname(td,
+ certs = NSSTrustDomain_FindCertsByNickname(td,
nickname,
NULL,
maximumOpt,
@@ -284,16 +284,16 @@ list_nickname_certs
for (certp = certs; *certp; certp++) {
(*callback)(*certp, arg);
{
- NSSDER *encoding = nssCertificate_GetEncoding(*certp);
- NSSCertificate *c;
- c = NSSTrustDomain_FindCertificateByEncodedCertificate(td,
+ NSSDER *encoding = nssCert_GetEncoding(*certp);
+ NSSCert *c;
+ c = NSSTrustDomain_FindCertByEncodedCert(td,
encoding);
}
}
if (maximumOpt == 1) {
- NSSCertificate_Destroy(cert[0]);
+ NSSCert_Destroy(cert[0]);
} else {
- NSSCertificateArray_Destroy(certs);
+ NSSCertArray_Destroy(certs);
}
return PR_SUCCESS;
}
@@ -306,7 +306,7 @@ list_certs
CMDRunTimeData *rtData
)
{
- (void)NSSTrustDomain_TraverseCertificates(td,
+ (void)NSSTrustDomain_TraverseCerts(td,
print_cert_callback,
rtData);
return PR_SUCCESS;
@@ -344,7 +344,7 @@ ListObjects
PKIObjectType objectKind;
objectKind = get_object_class(objectTypeOpt);
switch (objectKind) {
- case PKICertificate:
+ case PKICert:
if (nicknameOpt) {
status = list_nickname_certs(td, nicknameOpt, 0,
print_cert_callback, rtData);
@@ -393,13 +393,13 @@ ListChain
{
int i;
PRStatus status;
- NSSCertificate *c;
- NSSCertificate **chain;
+ NSSCert *c;
+ NSSCert **chain;
if (serial) {
c = find_nick_cert_by_sn(td, nickname, serial);
} else {
- c = NSSTrustDomain_FindBestCertificateByNickname(td, nickname,
+ c = NSSTrustDomain_FindBestCertByNickname(td, nickname,
NSSTime_Now(),
NULL, NULL);
}
@@ -409,7 +409,7 @@ ListChain
return PR_FAILURE;
}
- chain = NSSCertificate_BuildChain(c, NSSTime_Now(),
+ chain = NSSCert_BuildChain(c, NSSTime_Now(),
NULL, /* usage */
NULL, /* policies */
NULL, /* certs[] */
@@ -422,7 +422,7 @@ ListChain
--i;
status = print_cert_callback(chain[i], rtData);
}
- NSSCertificateArray_Destroy(chain);
+ NSSCertArray_Destroy(chain);
return PR_SUCCESS;
}
@@ -430,7 +430,7 @@ static PRStatus
dump_cert_info
(
NSSTrustDomain *td,
- NSSCertificate *c,
+ NSSCert *c,
CMDRunTimeData *rtData
)
{
@@ -443,22 +443,22 @@ dump_cert_info
* different label will not match. Should the library do the
* this workaround?
*/
- NSSDER *issuer = NSSCertificate_GetIssuer(c);
- NSSDER *serial = NSSCertificate_GetSerialNumber(c);
- NSSCertificate *cp = NSSTrustDomain_FindCertificateByIssuerAndSerialNumber(td, issuer, serial);
+ NSSDER *issuer = NSSCert_GetIssuer(c);
+ NSSDER *serial = NSSCert_GetSerialNumber(c);
+ NSSCert *cp = NSSTrustDomain_FindCertByIssuerAndSerialNumber(td, issuer, serial);
- tokens = NSSCertificate_GetTokens(cp, NULL);
+ tokens = NSSCert_GetTokens(cp, NULL);
if (tokens) {
for (tp = tokens; *tp; tp++) {
PR_fprintf(rtData->output.file,
"nickname \"%s\" on token \"%s\"\n",
- NSSCertificate_GetNickname(cp, *tp),
+ NSSCert_GetNickname(cp, *tp),
NSSToken_GetName(*tp));
}
NSSTokenArray_Destroy(tokens);
PR_fprintf(rtData->output.file, "\n");
}
- NSSCertificate_Destroy(cp);
+ NSSCert_Destroy(cp);
return PR_SUCCESS;
}
@@ -474,24 +474,24 @@ DumpObject
)
{
PRStatus status;
- NSSCertificate *c;
+ NSSCert *c;
NSSPrivateKey *vkey;
NSSPublicKey *bkey;
switch (get_object_class(objectType)) {
- case PKICertificate:
+ case PKICert:
case PKIAny: /* default to certificate */
if (serialOpt) {
c = find_nick_cert_by_sn(td, nickname, serialOpt);
status = dump_cert_info(td, c, rtData);
- NSSCertificate_Destroy(c);
+ NSSCert_Destroy(c);
} else if (info) {
- c = NSSTrustDomain_FindBestCertificateByNickname(td, nickname,
+ c = NSSTrustDomain_FindBestCertByNickname(td, nickname,
NSSTime_Now(),
NULL,
NULL);
status = dump_cert_info(td, c, rtData);
- NSSCertificate_Destroy(c);
+ NSSCert_Destroy(c);
} else {
status = list_nickname_certs(td, nickname, 1,
dump_cert_callback, rtData);
@@ -499,17 +499,17 @@ DumpObject
break;
case PKIPublicKey:
/* XXX this ain't the right way */
- c = NSSTrustDomain_FindBestCertificateByNickname(td, nickname,
+ c = NSSTrustDomain_FindBestCertByNickname(td, nickname,
NSSTime_Now(),
NULL,
NULL);
if (c) {
- bkey = NSSCertificate_GetPublicKey(c);
+ bkey = NSSCert_GetPublicKey(c);
if (bkey) {
print_public_key_info(bkey, rtData);
NSSPublicKey_Destroy(bkey);
}
- NSSCertificate_Destroy(c);
+ NSSCert_Destroy(c);
}
break;
case PKIPrivateKey:
@@ -558,7 +558,7 @@ ValidateCert
)
{
PRStatus status;
- NSSCertificate *c;
+ NSSCert *c;
NSSUsages usages;
if (usageStr) {
@@ -568,7 +568,7 @@ ValidateCert
if (serial) {
c = find_nick_cert_by_sn(td, nickname, serial);
} else {
- c = NSSTrustDomain_FindBestCertificateByNickname(td, nickname,
+ c = NSSTrustDomain_FindBestCertByNickname(td, nickname,
NSSTime_Now(),
NULL,
NULL);
@@ -578,9 +578,9 @@ ValidateCert
return PR_FAILURE;
}
- status = NSSCertificate_Validate(c, NSSTime_Now(), &usages, NULL);
+ status = NSSCert_Validate(c, NSSTime_Now(), &usages, NULL);
if (status == PR_SUCCESS) {
- PR_fprintf(PR_STDOUT, "Certificate validated.\n");
+ PR_fprintf(PR_STDOUT, "Cert validated.\n");
} else {
CMD_PrintError("Validation failed");
}
@@ -599,7 +599,7 @@ SetCertTrust
{
PRStatus status;
NSSUsages usages;
- NSSCertificate *c;
+ NSSCert *c;
get_usages_from_string(trustedUsages, &usages);
@@ -614,7 +614,7 @@ SetCertTrust
if (serial) {
c = find_nick_cert_by_sn(td, nickname, serial);
} else {
- c = NSSTrustDomain_FindBestCertificateByNickname(td, nickname,
+ c = NSSTrustDomain_FindBestCertByNickname(td, nickname,
NSSTime_Now(),
NULL,
NULL);
@@ -624,9 +624,9 @@ SetCertTrust
return PR_FAILURE;
}
- status = NSSCertificate_SetTrustedUsages(c, &usages);
+ status = NSSCert_SetTrustedUsages(c, &usages);
- NSSCertificate_Destroy(c);
+ NSSCert_Destroy(c);
return status;
}
@@ -641,17 +641,17 @@ import_certificate
{
PRStatus status;
NSSItem *encoding;
- NSSCertificate *cert;
+ NSSCert *cert;
/* get the encoded cert from the input source */
encoding = CMD_GetInput(rtData);
/* import into trust domain */
- cert = NSSTrustDomain_ImportEncodedCertificate(td, encoding,
+ cert = NSSTrustDomain_ImportEncodedCert(td, encoding,
token, nickname);
if (cert) {
PR_fprintf(PR_STDOUT, "Import successful.\n");
dump_cert_info(td, cert, rtData);
- NSSCertificate_Destroy(cert);
+ NSSCert_Destroy(cert);
status = PR_SUCCESS;
} else {
PR_fprintf(PR_STDERR, "Import failed!\n");
@@ -733,7 +733,7 @@ ImportObject
objectKind = get_object_class(objectTypeOpt);
switch (objectKind) {
case PKIAny: /* default to certificate */
- case PKICertificate:
+ case PKICert:
status = import_certificate(td, token, nickname, rtData);
break;
case PKIPublicKey:
@@ -793,13 +793,13 @@ private_key_chooser(NSSPrivateKey **vkeys)
static void
cert_choice(void *arg)
{
- NSSCertificate *c = (NSSCertificate *)arg;
- NSSUTF8 *nickname = nssCertificate_GetNickname(c, NULL);
+ NSSCert *c = (NSSCert *)arg;
+ NSSUTF8 *nickname = nssCert_GetNickname(c, NULL);
PR_fprintf(PR_STDOUT, "%s", nickname);
}
-static NSSCertificate *
-cert_chooser(NSSCertificate **certs)
+static NSSCert *
+cert_chooser(NSSCert **certs)
{
int choice = 0;
if (certs[1]) {
@@ -821,17 +821,17 @@ export_certificate (
)
{
PRStatus status = PR_FAILURE;
- NSSCertificate *cert, **certs;
- certs = NSSTrustDomain_FindCertificatesByNickname(td, nickname,
+ NSSCert *cert, **certs;
+ certs = NSSTrustDomain_FindCertsByNickname(td, nickname,
NULL, 0, NULL);
if (certs) {
cert = cert_chooser(certs);
if (cert) {
- NSSDER *enc = nssCertificate_GetEncoding(cert);
+ NSSDER *enc = nssCert_GetEncoding(cert);
CMD_DumpOutput(enc, rtData);
status = PR_SUCCESS;
}
- NSSCertificateArray_Destroy(certs);
+ NSSCertArray_Destroy(certs);
}
return status;
}
@@ -855,7 +855,7 @@ export_private_key (
{
PRStatus status = PR_FAILURE;
NSSPrivateKey *vkey, **vkeys;
- NSSCertificate *ucert, **ucerts;
+ NSSCert *ucert, **ucerts;
vkey = NULL;
#if 0
@@ -866,13 +866,13 @@ vkeys = NULL;
if (vkeys) {
vkey = private_key_chooser(vkeys);
} else {
- ucerts = NSSTrustDomain_FindUserCertificates(td, NULL, 0, NULL);
+ ucerts = NSSTrustDomain_FindUserCerts(td, NULL, 0, NULL);
if (ucerts) {
ucert = cert_chooser(ucerts);
if (ucert) {
- vkey = NSSCertificate_FindPrivateKey(ucert, NULL);
+ vkey = NSSCert_FindPrivateKey(ucert, NULL);
}
- NSSCertificateArray_Destroy(ucerts);
+ NSSCertArray_Destroy(ucerts);
}
}
if (vkey) {
@@ -922,7 +922,7 @@ ExportObject (
objectKind = get_object_class(objectTypeOpt);
switch (objectKind) {
case PKIAny: /* default to certificate */
- case PKICertificate:
+ case PKICert:
status = export_certificate(td, tokenOpt, nickname, rtData);
break;
case PKIPrivateKey:
@@ -1038,21 +1038,21 @@ delete_certificates
)
{
PRStatus status;
- NSSCertificate **certs, **cp;
- cp = certs = NSSTrustDomain_FindCertificatesByNickname(td,
+ NSSCert **certs, **cp;
+ cp = certs = NSSTrustDomain_FindCertsByNickname(td,
nickname,
NULL,
0,
NULL);
while (cp && *cp) {
- status = NSSCertificate_DeleteStoredObject(*cp, NULL);
+ status = NSSCert_DeleteStoredObject(*cp, NULL);
if (status != PR_SUCCESS) {
fprintf(stderr, "Failed to delete certificate %s\n", nickname);
break;
}
cp++;
}
- NSSCertificateArray_Destroy(certs);
+ NSSCertArray_Destroy(certs);
return status;
}
@@ -1070,7 +1070,7 @@ DeleteObject
objectKind = get_object_class(objectTypeOpt);
switch (objectKind) {
case PKIAny: /* default to certificate */
- case PKICertificate:
+ case PKICert:
status = delete_certificates(td, tokenOpt, nickname);
break;
case PKIPublicKey:
@@ -1090,12 +1090,12 @@ delete_orphan_callback(NSSPrivateKey *vk, void *arg)
PRStatus status;
CMDRunTimeData *rtData = (CMDRunTimeData *)arg;
NSSUTF8 *nickname = nssPrivateKey_GetNickname(vk, NULL);
- NSSCertificate **certs;
+ NSSCert **certs;
NSSPublicKey *pubkey;
PR_fprintf(rtData->output.file, "Deleting %s\n", nickname);
- certs = NSSPrivateKey_FindCertificates(vk, NULL, 0, NULL);
+ certs = NSSPrivateKey_FindCerts(vk, NULL, 0, NULL);
if (certs) {
- NSSCertificateArray_Destroy(certs);
+ NSSCertArray_Destroy(certs);
return PR_SUCCESS; /* not an orphan */
}
pubkey = NSSPrivateKey_FindPublicKey(vk);
diff --git a/security/nss/cmd/pkiutil/pkiutil.c b/security/nss/cmd/pkiutil/pkiutil.c
index 40bbc12b3..3985bb5f2 100644
--- a/security/nss/cmd/pkiutil/pkiutil.c
+++ b/security/nss/cmd/pkiutil/pkiutil.c
@@ -141,7 +141,7 @@ static cmdCommandLineArg pkiutil_commands[] =
},
"Export an object from the profile/token\n"
" private-key ==> PKCS#8 Encrypted Private Key Info\n"
- " certificate ==> DER-encoded Certificate"
+ " certificate ==> DER-encoded Cert"
},
{ /* cmd_GenerateKeyPair */
'G', "generate-key-pair",
diff --git a/security/nss/cmd/pkiutil/pkiutil.h b/security/nss/cmd/pkiutil/pkiutil.h
index df51605e8..6332824e7 100644
--- a/security/nss/cmd/pkiutil/pkiutil.h
+++ b/security/nss/cmd/pkiutil/pkiutil.h
@@ -8,7 +8,7 @@ extern char *progName;
typedef enum
{
PKIUnknown = -1,
- PKICertificate,
+ PKICert,
PKIPublicKey,
PKIPrivateKey,
PKIAny
diff --git a/security/nss/lib/dev/ckhelper.c b/security/nss/lib/dev/ckhelper.c
index 8241635ff..b9a098c0a 100644
--- a/security/nss/lib/dev/ckhelper.c
+++ b/security/nss/lib/dev/ckhelper.c
@@ -358,30 +358,30 @@ nssCKTemplate_SetPropertyAttributes (
return numSet;
}
-static NSSCertificateType
+static NSSCertType
nss_cert_type_from_ck_attrib(CK_ATTRIBUTE_PTR attrib)
{
CK_CERTIFICATE_TYPE ckCertType;
if (!attrib->pValue) {
/* default to PKIX */
- return NSSCertificateType_PKIX;
+ return NSSCertType_PKIX;
}
ckCertType = *((CK_ULONG *)attrib->pValue);
switch (ckCertType) {
case CKC_X_509:
- return NSSCertificateType_PKIX;
+ return NSSCertType_PKIX;
default:
break;
}
- return NSSCertificateType_Unknown;
+ return NSSCertType_Unknown;
}
/* incoming pointers must be valid */
NSS_IMPLEMENT PRStatus
-nssCryptokiCertificate_GetAttributes (
+nssCryptokiCert_GetAttributes (
nssCryptokiObject *certObject,
NSSArena *arenaOpt,
- NSSCertificateType *certTypeOpt,
+ NSSCertType *certTypeOpt,
NSSItem *idOpt,
NSSDER *encodingOpt,
NSSDER *issuerOpt,
@@ -751,7 +751,7 @@ nssCryptokiCRL_GetAttributes (
}
NSS_IMPLEMENT PRStatus
-nssCryptokiPrivateKey_SetCertificate (
+nssCryptokiPrivateKey_SetCert (
nssCryptokiObject *keyObject,
nssSession *session,
NSSUTF8 *nickname,
@@ -782,29 +782,29 @@ nssCryptokiPrivateKey_SetCertificate (
return (ckrv == CKR_OK) ? PR_SUCCESS : PR_FAILURE;
}
-static NSSSymmetricKeyType
+static NSSSymKeyType
nss_symm_key_type_from_ck_attrib(CK_ATTRIBUTE_PTR attrib)
{
CK_KEY_TYPE ckKeyType;
PR_ASSERT(attrib->pValue);
ckKeyType = *((CK_ULONG *)attrib->pValue);
switch (ckKeyType) {
- case CKK_DES: return NSSSymmetricKeyType_DES;
- case CKK_DES3: return NSSSymmetricKeyType_TripleDES;
- case CKK_RC2: return NSSSymmetricKeyType_RC2;
- case CKK_RC4: return NSSSymmetricKeyType_RC4;
- case CKK_RC5: return NSSSymmetricKeyType_RC5;
- case CKK_AES: return NSSSymmetricKeyType_AES;
+ case CKK_DES: return NSSSymKeyType_DES;
+ case CKK_DES3: return NSSSymKeyType_TripleDES;
+ case CKK_RC2: return NSSSymKeyType_RC2;
+ case CKK_RC4: return NSSSymKeyType_RC4;
+ case CKK_RC5: return NSSSymKeyType_RC5;
+ case CKK_AES: return NSSSymKeyType_AES;
default: break;
}
return NSSKeyPairType_Unknown;
}
NSS_IMPLEMENT PRStatus
-nssCryptokiSymmetricKey_GetAttributes (
+nssCryptokiSymKey_GetAttributes (
nssCryptokiObject *keyObject,
NSSArena *arenaOpt,
- NSSSymmetricKeyType *keyTypeOpt,
+ NSSSymKeyType *keyTypeOpt,
PRUint32 *keyLengthOpt,
NSSOperations *opsOpt
)
@@ -892,7 +892,7 @@ nssCryptokiSymmetricKey_GetAttributes (
}
NSS_IMPLEMENT nssCryptokiObject *
-nssCryptokiSymmetricKey_Copy (
+nssCryptokiSymKey_Copy (
nssCryptokiObject *sourceKey,
nssSession *sourceSession,
NSSToken *destination,
@@ -960,16 +960,16 @@ loser:
NSS_IMPLEMENT CK_KEY_TYPE
nssCK_GetSymKeyType (
- NSSSymmetricKeyType keyType
+ NSSSymKeyType keyType
)
{
switch (keyType) {
- case NSSSymmetricKeyType_DES: return CKK_DES;
- case NSSSymmetricKeyType_TripleDES: return CKK_DES3;
- case NSSSymmetricKeyType_AES: return CKK_AES;
- case NSSSymmetricKeyType_RC2: return CKK_RC2;
- case NSSSymmetricKeyType_RC4: return CKK_RC4;
- case NSSSymmetricKeyType_RC5: return CKK_RC5;
+ case NSSSymKeyType_DES: return CKK_DES;
+ case NSSSymKeyType_TripleDES: return CKK_DES3;
+ case NSSSymKeyType_AES: return CKK_AES;
+ case NSSSymKeyType_RC2: return CKK_RC2;
+ case NSSSymKeyType_RC4: return CKK_RC4;
+ case NSSSymKeyType_RC5: return CKK_RC5;
default: return CKK_GENERIC_SECRET;
}
}
diff --git a/security/nss/lib/dev/ckhelper.h b/security/nss/lib/dev/ckhelper.h
index 9cbe59356..27e164e89 100644
--- a/security/nss/lib/dev/ckhelper.h
+++ b/security/nss/lib/dev/ckhelper.h
@@ -202,7 +202,7 @@ nssCKObject_IsTokenObjectTemplate (
NSS_EXTERN CK_KEY_TYPE
nssCK_GetSymKeyType (
- NSSSymmetricKeyType keyType
+ NSSSymKeyType keyType
);
NSS_EXTERN CK_KEY_TYPE
diff --git a/security/nss/lib/dev/dev.h b/security/nss/lib/dev/dev.h
index 20b2a7e09..7dd288e2a 100644
--- a/security/nss/lib/dev/dev.h
+++ b/security/nss/lib/dev/dev.h
@@ -298,18 +298,18 @@ nssSlot_CreateSession (
* nssToken_NeedsPINInitialization
*
* ------ certificate objects --------
- * nssToken_ImportCertificate
- * nssToken_FindCertificates
- * nssToken_FindCertificatesBySubject
- * nssToken_FindCertificatesByNickname
- * nssToken_FindCertificatesByEmail
- * nssToken_FindCertificateByIssuerAndSerialNumber
- * nssToken_FindCertificateByEncodedCertificate
+ * nssToken_ImportCert
+ * nssToken_FindCerts
+ * nssToken_FindCertsBySubject
+ * nssToken_FindCertsByNickname
+ * nssToken_FindCertsByEmail
+ * nssToken_FindCertByIssuerAndSerialNumber
+ * nssToken_FindCertByEncodedCert
*
* ------ trust objects --------
* nssToken_ImportTrust
* nssToken_FindTrustObjects
- * nssToken_FindTrustForCertificate
+ * nssToken_FindTrustForCert
*
* ------ CRL objects --------
* nssToken_ImportCRL
@@ -323,11 +323,11 @@ nssSlot_CreateSession (
* nssToken_FindPublicKeyByID
*
* ------ secret key objects --------
- * nssToken_GenerateSymmetricKey
+ * nssToken_GenerateSymKey
*
* ------ generic key stuff -------
* nssToken_UnwrapPrivateKey
- * nssToken_UnwrapSymmetricKey
+ * nssToken_UnwrapSymKey
* nssToken_WrapKey
* nssToken_DeriveKey
*
@@ -404,10 +404,10 @@ nssToken_NeedsPINInitialization (
);
NSS_EXTERN nssCryptokiObject *
-nssToken_ImportCertificate (
+nssToken_ImportCert (
NSSToken *tok,
nssSession *session,
- NSSCertificateType certType,
+ NSSCertType certType,
NSSItem *id,
NSSUTF8 *nickname,
NSSDER *encoding,
@@ -419,7 +419,7 @@ nssToken_ImportCertificate (
);
NSS_EXTERN nssCryptokiObject **
-nssToken_FindCertificates (
+nssToken_FindCerts (
NSSToken *token,
nssSession *session,
nssTokenSearchType searchType,
@@ -428,7 +428,7 @@ nssToken_FindCertificates (
);
NSS_EXTERN nssCryptokiObject **
-nssToken_FindCertificatesBySubject (
+nssToken_FindCertsBySubject (
NSSToken *token,
nssSession *session,
NSSDER *subject,
@@ -438,7 +438,7 @@ nssToken_FindCertificatesBySubject (
);
NSS_EXTERN nssCryptokiObject **
-nssToken_FindCertificatesByNickname (
+nssToken_FindCertsByNickname (
NSSToken *token,
nssSession *session,
NSSUTF8 *name,
@@ -448,7 +448,7 @@ nssToken_FindCertificatesByNickname (
);
NSS_EXTERN nssCryptokiObject **
-nssToken_FindCertificatesByEmail (
+nssToken_FindCertsByEmail (
NSSToken *token,
nssSession *session,
NSSASCII7 *email,
@@ -458,7 +458,7 @@ nssToken_FindCertificatesByEmail (
);
NSS_EXTERN nssCryptokiObject **
-nssToken_FindCertificatesByID (
+nssToken_FindCertsByID (
NSSToken *token,
nssSession *session,
NSSItem *id,
@@ -468,7 +468,7 @@ nssToken_FindCertificatesByID (
);
NSS_EXTERN nssCryptokiObject *
-nssToken_FindCertificateByIssuerAndSerialNumber (
+nssToken_FindCertByIssuerAndSerialNumber (
NSSToken *token,
nssSession *session,
NSSDER *issuer,
@@ -478,10 +478,10 @@ nssToken_FindCertificateByIssuerAndSerialNumber (
);
NSS_EXTERN nssCryptokiObject *
-nssToken_FindCertificateByEncodedCertificate (
+nssToken_FindCertByEncodedCert (
NSSToken *token,
nssSession *session,
- NSSBER *encodedCertificate,
+ NSSBER *encodedCert,
nssTokenSearchType searchType,
PRStatus *statusOpt
);
@@ -510,7 +510,7 @@ nssToken_FindTrustObjects (
);
NSS_EXTERN nssCryptokiObject *
-nssToken_FindTrustForCertificate (
+nssToken_FindTrustForCert (
NSSToken *token,
nssSession *session,
NSSDER *certEncoding,
@@ -594,7 +594,7 @@ nssToken_FindPublicKeyByID (
);
NSS_EXTERN nssCryptokiObject *
-nssToken_GenerateSymmetricKey (
+nssToken_GenerateSymKey (
NSSToken *token,
nssSession *session,
const NSSAlgNParam *ap,
@@ -619,7 +619,7 @@ nssToken_UnwrapPrivateKey (
);
NSS_IMPLEMENT nssCryptokiObject *
-nssToken_UnwrapSymmetricKey (
+nssToken_UnwrapSymKey (
NSSToken *token,
nssSession *session,
const NSSAlgNParam *ap,
@@ -628,7 +628,7 @@ nssToken_UnwrapSymmetricKey (
PRBool asTokenObject,
NSSOperations operations,
NSSProperties properties,
- NSSSymmetricKeyType symKeyType
+ NSSSymKeyType symKeyType
);
NSS_EXTERN NSSItem *
@@ -666,7 +666,7 @@ nssToken_DeriveSSLSessionKeys (
nssSession *session,
const NSSAlgNParam *ap,
nssCryptokiObject *masterSecret,
- NSSSymmetricKeyType bulkKeyType,
+ NSSSymKeyType bulkKeyType,
NSSOperations operations,
NSSProperties properties,
PRUint32 keySizeOpt,
@@ -988,12 +988,12 @@ nssSession_IsReadWrite (
* nssCryptokiObject_DeleteStoredObject
* nssCryptokiObject_Equal
* nssCryptokiObject_Clone
- * nssCryptokiCertificate_GetAttributes
+ * nssCryptokiCert_GetAttributes
* nssCryptokiPrivateKey_GetAttributes
* nssCryptokiPublicKey_GetAttributes
* nssCryptokiTrust_GetAttributes
* nssCryptokiCRL_GetAttributes
- * nssCryptokiSymmetricKey_GetAttributes
+ * nssCryptokiSymKey_GetAttributes
*/
NSS_EXTERN void
@@ -1038,10 +1038,10 @@ nssCryptokiObject_WeakClone (
);
NSS_EXTERN PRStatus
-nssCryptokiCertificate_GetAttributes (
+nssCryptokiCert_GetAttributes (
nssCryptokiObject *object,
NSSArena *arenaOpt,
- NSSCertificateType *certTypeOpt,
+ NSSCertType *certTypeOpt,
NSSItem *idOpt,
NSSDER *encodingOpt,
NSSDER *issuerOpt,
@@ -1085,16 +1085,16 @@ nssCryptokiCRL_GetAttributes (
);
NSS_EXTERN PRStatus
-nssCryptokiSymmetricKey_GetAttributes (
+nssCryptokiSymKey_GetAttributes (
nssCryptokiObject *keyObject,
NSSArena *arenaOpt,
- NSSSymmetricKeyType *keyTypeOpt,
+ NSSSymKeyType *keyTypeOpt,
PRUint32 *keyLengthOpt,
NSSOperations *opsOpt
);
NSS_EXTERN nssCryptokiObject *
-nssCryptokiSymmetricKey_Copy (
+nssCryptokiSymKey_Copy (
nssCryptokiObject *sourceKey,
nssSession *sourceSession,
NSSToken *destination,
@@ -1107,7 +1107,7 @@ nssCryptokiSymmetricKey_Copy (
* associate it with a cert. Does it stay like this for 4.0?
*/
NSS_EXTERN PRStatus
-nssCryptokiPrivateKey_SetCertificate (
+nssCryptokiPrivateKey_SetCert (
nssCryptokiObject *keyObject,
nssSession *session,
NSSUTF8 *nickname,
@@ -1268,7 +1268,7 @@ nssSlotList_GetBestTokenForAlgorithm (
);
NSS_EXTERN PRStatus
-nssToken_TraverseCertificates (
+nssToken_TraverseCerts (
NSSToken *token,
nssSession *session,
nssTokenSearchType searchType,
diff --git a/security/nss/lib/dev/devtoken.c b/security/nss/lib/dev/devtoken.c
index c687668f4..dcfd21074 100644
--- a/security/nss/lib/dev/devtoken.c
+++ b/security/nss/lib/dev/devtoken.c
@@ -573,10 +573,10 @@ find_objects_by_template (
}
NSS_IMPLEMENT nssCryptokiObject *
-nssToken_ImportCertificate (
+nssToken_ImportCert (
NSSToken *tok,
nssSession *session,
- NSSCertificateType certType,
+ NSSCertType certType,
NSSItem *id,
NSSUTF8 *nickname,
NSSDER *encoding,
@@ -594,7 +594,7 @@ nssToken_ImportCertificate (
nssTokenSearchType searchType;
nssCryptokiObject *rvObject = NULL;
- if (certType == NSSCertificateType_PKIX) {
+ if (certType == NSSCertType_PKIX) {
cert_type = CKC_X_509;
} else {
return (nssCryptokiObject *)NULL;
@@ -626,7 +626,7 @@ nssToken_ImportCertificate (
}
NSS_CK_TEMPLATE_FINISH(cert_tmpl, attr, ctsize);
/* see if the cert is already there */
- rvObject = nssToken_FindCertificateByIssuerAndSerialNumber(tok,
+ rvObject = nssToken_FindCertByIssuerAndSerialNumber(tok,
session,
issuer,
serial,
@@ -672,7 +672,7 @@ nssToken_ImportCertificate (
* has been marked as "traversable"
*/
NSS_IMPLEMENT nssCryptokiObject **
-nssToken_FindCertificates (
+nssToken_FindCerts (
NSSToken *token,
nssSession *session,
nssTokenSearchType searchType,
@@ -708,7 +708,7 @@ nssToken_FindCertificates (
}
NSS_IMPLEMENT nssCryptokiObject **
-nssToken_FindCertificatesBySubject (
+nssToken_FindCertsBySubject (
NSSToken *token,
nssSession *session,
NSSDER *subject,
@@ -739,7 +739,7 @@ nssToken_FindCertificatesBySubject (
}
NSS_IMPLEMENT nssCryptokiObject **
-nssToken_FindCertificatesByNickname (
+nssToken_FindCertsByNickname (
NSSToken *token,
nssSession *session,
NSSUTF8 *name,
@@ -788,7 +788,7 @@ nssToken_FindCertificatesByNickname (
* it just won't return a value for it.
*/
NSS_IMPLEMENT nssCryptokiObject **
-nssToken_FindCertificatesByEmail (
+nssToken_FindCertsByEmail (
NSSToken *token,
nssSession *session,
NSSASCII7 *email,
@@ -831,7 +831,7 @@ nssToken_FindCertificatesByEmail (
}
NSS_IMPLEMENT nssCryptokiObject **
-nssToken_FindCertificatesByID (
+nssToken_FindCertsByID (
NSSToken *token,
nssSession *session,
NSSItem *id,
@@ -904,7 +904,7 @@ nssToken_decodeSerialItem(NSSItem *serial, NSSItem *serialDecode)
}
NSS_IMPLEMENT nssCryptokiObject *
-nssToken_FindCertificateByIssuerAndSerialNumber (
+nssToken_FindCertByIssuerAndSerialNumber (
NSSToken *token,
nssSession *session,
NSSDER *issuer,
@@ -979,10 +979,10 @@ nssToken_FindCertificateByIssuerAndSerialNumber (
}
NSS_IMPLEMENT nssCryptokiObject *
-nssToken_FindCertificateByEncodedCertificate (
+nssToken_FindCertByEncodedCert (
NSSToken *token,
nssSession *session,
- NSSBER *encodedCertificate,
+ NSSBER *encodedCert,
nssTokenSearchType searchType,
PRStatus *statusOpt
)
@@ -1000,7 +1000,7 @@ nssToken_FindCertificateByEncodedCertificate (
NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
}
NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CLASS, &g_ck_class_cert);
- NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_VALUE, encodedCertificate);
+ NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_VALUE, encodedCert);
NSS_CK_TEMPLATE_FINISH(cert_template, attr, ctsize);
/* get the object handle */
objects = find_objects_by_template(token, session,
@@ -1273,7 +1273,7 @@ nssToken_FindTrustObjects (
}
NSS_IMPLEMENT nssCryptokiObject *
-nssToken_FindTrustForCertificate (
+nssToken_FindTrustForCert (
NSSToken *token,
nssSession *session,
NSSDER *certEncoding,
@@ -1610,7 +1610,7 @@ nssToken_GenerateKeyPair (
}
NSS_IMPLEMENT nssCryptokiObject *
-nssToken_GenerateSymmetricKey (
+nssToken_GenerateSymKey (
NSSToken *token,
nssSession *session,
const NSSAlgNParam *ap,
@@ -1775,7 +1775,7 @@ nssToken_UnwrapPrivateKey (
}
NSS_IMPLEMENT nssCryptokiObject *
-nssToken_UnwrapSymmetricKey (
+nssToken_UnwrapSymKey (
NSSToken *token,
nssSession *session,
const NSSAlgNParam *ap,
@@ -1784,7 +1784,7 @@ nssToken_UnwrapSymmetricKey (
PRBool asTokenObject,
NSSOperations operations,
NSSProperties properties,
- NSSSymmetricKeyType symKeyType
+ NSSSymKeyType symKeyType
)
{
CK_KEY_TYPE keyType = nssCK_GetSymKeyType(symKeyType);
@@ -1924,7 +1924,7 @@ nssToken_DeriveSSLSessionKeys (
nssSession *session,
const NSSAlgNParam *ap,
nssCryptokiObject *masterSecret,
- NSSSymmetricKeyType bulkKeyType,
+ NSSSymKeyType bulkKeyType,
NSSOperations operations,
NSSProperties properties,
PRUint32 keySizeOpt,
@@ -2903,7 +2903,7 @@ nssToken_FinishDigest (
* increasing the likelihood that the cache takes care of it.
*/
NSS_IMPLEMENT PRStatus
-nssToken_TraverseCertificates (
+nssToken_TraverseCerts (
NSSToken *token,
nssSession *session,
nssTokenSearchType searchType,
diff --git a/security/nss/lib/dev/devutil.c b/security/nss/lib/dev/devutil.c
index bd23eee9d..8ab96e48e 100644
--- a/security/nss/lib/dev/devutil.c
+++ b/security/nss/lib/dev/devutil.c
@@ -896,7 +896,7 @@ get_token_certs_for_cache (
return PR_SUCCESS;
}
session = nssToken_GetDefaultSession(cache->token); /* XXX */
- objects = nssToken_FindCertificates(cache->token, session,
+ objects = nssToken_FindCerts(cache->token, session,
nssTokenSearchType_TokenForced,
MAX_LOCAL_CACHE_OBJECTS, &status);
if (status != PR_SUCCESS) {
diff --git a/security/nss/lib/dev/nssdevt.h b/security/nss/lib/dev/nssdevt.h
index a70a5f594..1c2352d41 100644
--- a/security/nss/lib/dev/nssdevt.h
+++ b/security/nss/lib/dev/nssdevt.h
@@ -85,9 +85,9 @@ struct NSSCallbackStr {
};
typedef enum {
- NSSCertificateType_Unknown = 0,
- NSSCertificateType_PKIX = 1
-} NSSCertificateType;
+ NSSCertType_Unknown = 0,
+ NSSCertType_PKIX = 1
+} NSSCertType;
typedef enum
{
@@ -134,16 +134,16 @@ NSSPublicKeyInfo;
typedef enum
{
- NSSSymmetricKeyType_Unknown = 0,
- NSSSymmetricKeyType_DES = 1,
- NSSSymmetricKeyType_TripleDES = 2,
- NSSSymmetricKeyType_RC2 = 3,
- NSSSymmetricKeyType_RC4 = 4,
- NSSSymmetricKeyType_RC5 = 5,
- NSSSymmetricKeyType_AES = 6,
- NSSSymmetricKeyType_SSLPMS = 7,
- NSSSymmetricKeyType_SSLMS = 8
-} NSSSymmetricKeyType;
+ NSSSymKeyType_Unknown = 0,
+ NSSSymKeyType_DES = 1,
+ NSSSymKeyType_TripleDES = 2,
+ NSSSymKeyType_RC2 = 3,
+ NSSSymKeyType_RC4 = 4,
+ NSSSymKeyType_RC5 = 5,
+ NSSSymKeyType_AES = 6,
+ NSSSymKeyType_SSLPMS = 7,
+ NSSSymKeyType_SSLMS = 8
+} NSSSymKeyType;
/*
* RSA
diff --git a/security/nss/lib/nss/nss.def b/security/nss/lib/nss/nss.def
index 2f1197dc8..92ac88562 100644
--- a/security/nss/lib/nss/nss.def
+++ b/security/nss/lib/nss/nss.def
@@ -53,7 +53,7 @@ NSS_Initialize;
NSS_InitReadWrite;
NSS_GenerateRandom;
NSS_NoDB_Init;
-NSS_SetDefaultCertificateHandler;
+NSS_SetDefaultCertHandler;
NSS_Shutdown;
NSS_VersionCheck;
NSS_GetError;
@@ -100,38 +100,38 @@ NSSAlgNParam_Encode;
NSSAlgNParam_Decode;
NSSAlgNParam_Destroy;
NSSAlgNParam_GetAlgorithm;
-NSSCertificate_Destroy;
-NSSCertificate_DeleteStoredObject;
-NSSCertificate_Validate;
-;+#NSSCertificate_ValidateCompletely;
-;+#NSSCertificate_ValidateAndDiscoverUsagesAndPolicies;
-;+#NSSCertificate_Encode;
-NSSCertificate_BuildChain;
-;+#NSSCertificate_GetTrustDomain;
-NSSCertificate_GetTokens;
-;+#NSSCertificate_GetSlot;
-;+#NSSCertificate_GetModule;
-NSSCertificate_GetIssuer;
-NSSCertificate_GetNickname;
-NSSCertificate_GetDecoding;
-NSSCertificate_GetSerialNumber;
-NSSCertificate_GetType;
-NSSCertificate_GetTrustedUsages;
-NSSCertificate_SetTrustedUsages;
-;+#NSSCertificate_Encrypt;
-;+#NSSCertificate_Verify;
-;+#NSSCertificate_VerifyRecover;
-NSSCertificate_WrapSymmetricKey;
-;+#NSSCertificate_CreateCryptoContext;
-NSSCertificate_GetPublicKey;
-NSSCertificate_FindPrivateKey;
-NSSCertificate_IsPrivateKeyAvailable;
-;+#NSSUserCertificate_IsStillPresent;
-;+#NSSUserCertificate_Decrypt;
-;+#NSSUserCertificate_Sign;
-;+#NSSUserCertificate_SignRecover;
-;+#NSSUserCertificate_UnwrapSymmetricKey;
-;+#NSSUserCertificate_DeriveSymmetricKey;
+NSSCert_Destroy;
+NSSCert_DeleteStoredObject;
+NSSCert_Validate;
+;+#NSSCert_ValidateCompletely;
+;+#NSSCert_ValidateAndDiscoverUsagesAndPolicies;
+;+#NSSCert_Encode;
+NSSCert_BuildChain;
+;+#NSSCert_GetTrustDomain;
+NSSCert_GetTokens;
+;+#NSSCert_GetSlot;
+;+#NSSCert_GetModule;
+NSSCert_GetIssuer;
+NSSCert_GetNickname;
+NSSCert_GetDecoding;
+NSSCert_GetSerialNumber;
+NSSCert_GetType;
+NSSCert_GetTrustedUsages;
+NSSCert_SetTrustedUsages;
+;+#NSSCert_Encrypt;
+;+#NSSCert_Verify;
+;+#NSSCert_VerifyRecover;
+NSSCert_WrapSymKey;
+;+#NSSCert_CreateCryptoContext;
+NSSCert_GetPublicKey;
+NSSCert_FindPrivateKey;
+NSSCert_IsPrivateKeyAvailable;
+;+#NSSUserCert_IsStillPresent;
+;+#NSSUserCert_Decrypt;
+;+#NSSUserCert_Sign;
+;+#NSSUserCert_SignRecover;
+;+#NSSUserCert_UnwrapSymKey;
+;+#NSSUserCert_DeriveSymKey;
NSSPrivateKey_Destroy;
NSSPrivateKey_DeleteStoredObject;
NSSPrivateKey_GetType;
@@ -146,12 +146,12 @@ NSSPrivateKey_Encode;
;+#NSSPrivateKey_Decrypt;
;+#NSSPrivateKey_Sign;
;+#NSSPrivateKey_SignRecover;
-;+#NSSPrivateKey_UnwrapSymmetricKey;
-;+#NSSPrivateKey_DeriveSymmetricKey;
+;+#NSSPrivateKey_UnwrapSymKey;
+;+#NSSPrivateKey_DeriveSymKey;
NSSPrivateKey_FindPublicKey;
;+#NSSPrivateKey_CreateCryptoContext;
-NSSPrivateKey_FindCertificates;
-;+#NSSPrivateKey_FindBestCertificate;
+NSSPrivateKey_FindCerts;
+;+#NSSPrivateKey_FindBestCert;
NSSPublicKey_Destroy;
NSSPublicKey_DeleteStoredObject;
;+#NSSPublicKey_Encode;
@@ -163,32 +163,32 @@ NSSPublicKey_GetInfo;
;+#NSSPublicKey_Encrypt;
NSSPublicKey_Verify;
;+#NSSPublicKey_VerifyRecover;
-;+#NSSPublicKey_WrapSymmetricKey;
+;+#NSSPublicKey_WrapSymKey;
;+#NSSPublicKey_CreateCryptoContext;
-;+#NSSPublicKey_FindCertificates;
-;+#NSSPublicKey_FindBestCertificate;
+;+#NSSPublicKey_FindCerts;
+;+#NSSPublicKey_FindBestCert;
;+#NSSPublicKey_FindPrivateKey;
-NSSSymmetricKey_Destroy;
-;+#NSSSymmetricKey_DeleteStoredObject;
-;+#NSSSymmetricKey_GetKeyLength;
-;+#NSSSymmetricKey_GetKeyStrength;
-;+#NSSSymmetricKey_IsStillPresent;
-;+#NSSSymmetricKey_GetTrustDomain;
-;+#NSSSymmetricKey_GetToken;
-;+#NSSSymmetricKey_GetSlot;
-;+#NSSSymmetricKey_GetModule;
-NSSSymmetricKey_Encrypt;
-NSSSymmetricKey_Decrypt;
-;+#NSSSymmetricKey_Sign;
-;+#NSSSymmetricKey_SignRecover;
-;+#NSSSymmetricKey_Verify;
-;+#NSSSymmetricKey_VerifyRecover;
-;+#NSSSymmetricKey_WrapSymmetricKey;
-;+#NSSSymmetricKey_WrapPrivateKey;
-;+#NSSSymmetricKey_UnwrapSymmetricKey;
-;+#NSSSymmetricKey_UnwrapPrivateKey;
-;+#NSSSymmetricKey_DeriveSymmetricKey;
-NSSSymmetricKey_CreateCryptoContext;
+NSSSymKey_Destroy;
+;+#NSSSymKey_DeleteStoredObject;
+;+#NSSSymKey_GetKeyLength;
+;+#NSSSymKey_GetKeyStrength;
+;+#NSSSymKey_IsStillPresent;
+;+#NSSSymKey_GetTrustDomain;
+;+#NSSSymKey_GetToken;
+;+#NSSSymKey_GetSlot;
+;+#NSSSymKey_GetModule;
+NSSSymKey_Encrypt;
+NSSSymKey_Decrypt;
+;+#NSSSymKey_Sign;
+;+#NSSSymKey_SignRecover;
+;+#NSSSymKey_Verify;
+;+#NSSSymKey_VerifyRecover;
+;+#NSSSymKey_WrapSymKey;
+;+#NSSSymKey_WrapPrivateKey;
+;+#NSSSymKey_UnwrapSymKey;
+;+#NSSSymKey_UnwrapPrivateKey;
+;+#NSSSymKey_DeriveSymKey;
+NSSSymKey_CreateCryptoContext;
NSSTrustDomain_Create;
;+#NSSTrustDomain_Destroy;
NSSTrustDomain_SetDefaultCallback;
@@ -204,33 +204,33 @@ NSSTrustDomain_FindTokenByName;
;+#NSSTrustDomain_FindBestTokenForAlgorithms;
NSSTrustDomain_Login;
;+#NSSTrustDomain_Logout;
-;+#NSSTrustDomain_ImportCertificate;
-;+#NSSTrustDomain_ImportPKIXCertificate;
-NSSTrustDomain_ImportEncodedCertificate;
-;+#NSSTrustDomain_ImportEncodedCertificateChain;
+;+#NSSTrustDomain_ImportCert;
+;+#NSSTrustDomain_ImportPKIXCert;
+NSSTrustDomain_ImportEncodedCert;
+;+#NSSTrustDomain_ImportEncodedCertChain;
NSSTrustDomain_ImportEncodedPrivateKey;
;+#NSSTrustDomain_ImportEncodedPublicKey;
-NSSTrustDomain_FindBestCertificateByNickname;
-NSSTrustDomain_FindCertificatesByNickname;
-NSSTrustDomain_FindCertificateByIssuerAndSerialNumber;
-NSSTrustDomain_FindBestCertificateBySubject;
-NSSTrustDomain_FindCertificatesBySubject;
-;+#NSSTrustDomain_FindBestCertificateByNameComponents;
-;+#NSSTrustDomain_FindCertificatesByNameComponents;
-NSSTrustDomain_FindCertificateByEncodedCertificate;
-;+#NSSTrustDomain_FindCertificateByEmail;
-;+#NSSTrustDomain_FindCertificatesByEmail;
-;+#NSSTrustDomain_FindCertificateByOCSPHash;
-;+#NSSTrustDomain_FindBestUserCertificate;
-NSSTrustDomain_FindUserCertificates;
-;+#NSSTrustDomain_FindBestUserCertificateForSSLClientAuth;
-;+#NSSTrustDomain_FindUserCertificatesForSSLClientAuth;
-;+#NSSTrustDomain_FindBestUserCertificateForEmailSigning;
-;+#NSSTrustDomain_FindUserCertificatesForEmailSigning;
+NSSTrustDomain_FindBestCertByNickname;
+NSSTrustDomain_FindCertsByNickname;
+NSSTrustDomain_FindCertByIssuerAndSerialNumber;
+NSSTrustDomain_FindBestCertBySubject;
+NSSTrustDomain_FindCertsBySubject;
+;+#NSSTrustDomain_FindBestCertByNameComponents;
+;+#NSSTrustDomain_FindCertsByNameComponents;
+NSSTrustDomain_FindCertByEncodedCert;
+;+#NSSTrustDomain_FindCertByEmail;
+;+#NSSTrustDomain_FindCertsByEmail;
+;+#NSSTrustDomain_FindCertByOCSPHash;
+;+#NSSTrustDomain_FindBestUserCert;
+NSSTrustDomain_FindUserCerts;
+;+#NSSTrustDomain_FindBestUserCertForSSLClientAuth;
+;+#NSSTrustDomain_FindUserCertsForSSLClientAuth;
+;+#NSSTrustDomain_FindBestUserCertForEmailSigning;
+;+#NSSTrustDomain_FindUserCertsForEmailSigning;
NSSTrustDomain_GenerateKeyPair;
-NSSTrustDomain_GenerateSymmetricKey;
-;+#NSSTrustDomain_GenerateSymmetricKeyFromPassword;
-;+#NSSTrustDomain_FindSymmetricKeyByAlgorithmAndKeyID;
+NSSTrustDomain_GenerateSymKey;
+;+#NSSTrustDomain_GenerateSymKeyFromPassword;
+;+#NSSTrustDomain_FindSymKeyByAlgorithmAndKeyID;
NSSTrustDomain_CreateCryptoContext;
;+#NSSTrustDomain_CreateCryptoContextForAlgorithm;
;+#NSSTrustDomain_CreateCryptoContextForAlgNParam;
@@ -251,8 +251,8 @@ NSSCryptoContext_FinishDecrypt;
;+#NSSCryptoContext_BeginSignRecover;
;+#NSSCryptoContext_ContinueSignRecover;
;+#NSSCryptoContext_FinishSignRecover;
-;+#NSSCryptoContext_UnwrapSymmetricKey;
-;+#NSSCryptoContext_DeriveSymmetricKey;
+;+#NSSCryptoContext_UnwrapSymKey;
+;+#NSSCryptoContext_DeriveSymKey;
NSSCryptoContext_Encrypt;
;+#NSSCryptoContext_BeginEncrypt;
;+#NSSCryptoContext_ContinueEncrypt;
@@ -265,51 +265,51 @@ NSSCryptoContext_Encrypt;
;+#NSSCryptoContext_BeginVerifyRecover;
;+#NSSCryptoContext_ContinueVerifyRecover;
;+#NSSCryptoContext_FinishVerifyRecover;
-;+#NSSCryptoContext_WrapSymmetricKey;
+;+#NSSCryptoContext_WrapSymKey;
NSSCryptoContext_Digest;
;+#NSSCryptoContext_BeginDigest;
;+#NSSCryptoContext_ContinueDigest;
;+#NSSCryptoContext_FinishDigest;
;+#NSSCryptoContext_Clone;
NSSVolatileDomain_Destroy;
-;+#NSSVolatileDomain_ImportCertificate;
-NSSVolatileDomain_ImportEncodedCertificate;
-;+#NSSVolatileDomain_ImportEncodedCertificateChain;
+;+#NSSVolatileDomain_ImportCert;
+NSSVolatileDomain_ImportEncodedCert;
+;+#NSSVolatileDomain_ImportEncodedCertChain;
NSSVolatileDomain_ImportEncodedPrivateKey;
-NSSVolatileDomain_FindBestCertificateByNickname;
-NSSVolatileDomain_FindCertificatesByNickname;
-NSSVolatileDomain_FindCertificateByIssuerAndSerialNumber;
-NSSVolatileDomain_FindBestCertificateBySubject;
-NSSVolatileDomain_FindCertificatesBySubject;
-;+#NSSVolatileDomain_FindBestCertificateByNameComponents;
-;+#NSSVolatileDomain_FindCertificatesByNameComponents;
-NSSVolatileDomain_FindCertificateByEncodedCertificate;
-NSSVolatileDomain_FindBestCertificateByEmail;
-NSSVolatileDomain_FindCertificatesByEmail;
-;+#NSSVolatileDomain_FindCertificateByOCSPHash;
-;+#NSSVolatileDomain_FindBestUserCertificate;
-;+#NSSVolatileDomain_FindUserCertificates;
-;+#NSSVolatileDomain_FindBestUserCertificateForSSLClientAuth;
-;+#NSSVolatileDomain_FindUserCertificatesForSSLClientAuth;
-;+#NSSVolatileDomain_FindBestUserCertificateForEmailSigning;
-;+#NSSVolatileDomain_FindUserCertificatesForEmailSigning;
+NSSVolatileDomain_FindBestCertByNickname;
+NSSVolatileDomain_FindCertsByNickname;
+NSSVolatileDomain_FindCertByIssuerAndSerialNumber;
+NSSVolatileDomain_FindBestCertBySubject;
+NSSVolatileDomain_FindCertsBySubject;
+;+#NSSVolatileDomain_FindBestCertByNameComponents;
+;+#NSSVolatileDomain_FindCertsByNameComponents;
+NSSVolatileDomain_FindCertByEncodedCert;
+NSSVolatileDomain_FindBestCertByEmail;
+NSSVolatileDomain_FindCertsByEmail;
+;+#NSSVolatileDomain_FindCertByOCSPHash;
+;+#NSSVolatileDomain_FindBestUserCert;
+;+#NSSVolatileDomain_FindUserCerts;
+;+#NSSVolatileDomain_FindBestUserCertForSSLClientAuth;
+;+#NSSVolatileDomain_FindUserCertsForSSLClientAuth;
+;+#NSSVolatileDomain_FindBestUserCertForEmailSigning;
+;+#NSSVolatileDomain_FindUserCertsForEmailSigning;
;+#NSSVolatileDomain_GenerateKeyPair;
-NSSVolatileDomain_GenerateSymmetricKey;
-;+#NSSVolatileDomain_GenerateSymmetricKeyFromPassword;
-;+#NSSVolatileDomain_FindSymmetricKeyByAlgorithmAndKeyID;
-NSSVolatileDomain_UnwrapSymmetricKey;
+NSSVolatileDomain_GenerateSymKey;
+;+#NSSVolatileDomain_GenerateSymKeyFromPassword;
+;+#NSSVolatileDomain_FindSymKeyByAlgorithmAndKeyID;
+NSSVolatileDomain_UnwrapSymKey;
;+#
;+# for debugging, determine whether to keep later
;+#
NSSToken_GetName;
-nssCertificate_GetNickname;
-nssCertificate_GetEncoding;
-NSSCertificateArray_Destroy;
+nssCert_GetNickname;
+nssCert_GetEncoding;
+NSSCertArray_Destroy;
NSSModuleArray_Destroy;
NSSSlotArray_Destroy;
NSSTokenArray_Destroy;
nssPrivateKey_GetNickname;
-NSSTrustDomain_TraverseCertificates;
+NSSTrustDomain_TraverseCerts;
NSSTrustDomain_TraversePrivateKeys;
nss_GetDefaultDatabaseToken;
nssToken_NeedsPINInitialization;
diff --git a/security/nss/lib/nss/nss.h b/security/nss/lib/nss/nss.h
index 5baf32e71..00915151b 100644
--- a/security/nss/lib/nss/nss.h
+++ b/security/nss/lib/nss/nss.h
@@ -158,7 +158,7 @@ void PK11_ConfigurePKCS11(const char *man, const char *libdes,
* Dump the contents of the certificate cache and the temporary cert store.
* Use to detect leaked references of certs at shutdown time.
*/
-void nss_DumpCertificateCacheInfo(void);
+void nss_DumpCertCacheInfo(void);
NSS_EXTERN NSSTrustDomain *
NSS_GetDefaultTrustDomain (
@@ -166,9 +166,9 @@ NSS_GetDefaultTrustDomain (
);
NSS_EXTERN PRStatus
-NSS_SetDefaultCertificateHandler (
- NSSCertificateType certType,
- NSSCertificateMethods *certMethods
+NSS_SetDefaultCertHandler (
+ NSSCertType certType,
+ NSSCertMethods *certMethods
);
PR_END_EXTERN_C
diff --git a/security/nss/lib/nss/nsscert.c b/security/nss/lib/nss/nsscert.c
index 33273638e..8a297823b 100644
--- a/security/nss/lib/nss/nsscert.c
+++ b/security/nss/lib/nss/nsscert.c
@@ -34,29 +34,29 @@
#include "nss.h"
#include "nssdevt.h"
-static NSSCertificateMethods *pkixMethods = NULL;
+static NSSCertMethods *pkixMethods = NULL;
NSS_IMPLEMENT PRStatus
-NSS_SetDefaultCertificateHandler (
- NSSCertificateType certType,
- NSSCertificateMethods *certMethods
+NSS_SetDefaultCertHandler (
+ NSSCertType certType,
+ NSSCertMethods *certMethods
)
{
- if (certType == NSSCertificateType_PKIX) {
+ if (certType == NSSCertType_PKIX) {
pkixMethods = certMethods;
return PR_SUCCESS;
}
return PR_FAILURE;
}
-NSS_IMPLEMENT NSSCertificateMethods *
+NSS_IMPLEMENT NSSCertMethods *
nss_GetMethodsForType (
- NSSCertificateType certType
+ NSSCertType certType
)
{
- if (certType == NSSCertificateType_PKIX) {
+ if (certType == NSSCertType_PKIX) {
return pkixMethods;
}
- return (NSSCertificateMethods *)NULL;
+ return (NSSCertMethods *)NULL;
}
diff --git a/security/nss/lib/nss/nssrenam.h b/security/nss/lib/nss/nssrenam.h
index 7791173f5..13b67207b 100644
--- a/security/nss/lib/nss/nssrenam.h
+++ b/security/nss/lib/nss/nssrenam.h
@@ -34,12 +34,12 @@
#ifndef __nssrenam_h_
#define __nssrenam_h_
-#define CERT_NewTempCertificate __CERT_NewTempCertificate
+#define CERT_NewTempCert __CERT_NewTempCert
#define PK11_CreateContextByRawKey __PK11_CreateContextByRawKey
#define PK11_GetKeyData __PK11_GetKeyData
#define nss_InitLock __nss_InitLock
#define CERT_ClosePermCertDB __CERT_ClosePermCertDB
-#define CERT_DecodeDERCertificate __CERT_DecodeDERCertificate
+#define CERT_DecodeDERCert __CERT_DecodeDERCert
#define CERT_TraversePermCertsForNickname __CERT_TraversePermCertsForNickname
#define CERT_TraversePermCertsForSubject __CERT_TraversePermCertsForSubject
#define PBE_CreateContext __PBE_CreateContext
diff --git a/security/nss/lib/nss/nsst.h b/security/nss/lib/nss/nsst.h
index 44f57e686..4d5195396 100644
--- a/security/nss/lib/nss/nsst.h
+++ b/security/nss/lib/nss/nsst.h
@@ -107,7 +107,7 @@ typedef struct
*/
void (PR_CALLBACK *destroy)(void *cert);
}
-NSSCertificateMethods;
+NSSCertMethods;
PR_END_EXTERN_C
diff --git a/security/nss/lib/pki/asymmkey.c b/security/nss/lib/pki/asymmkey.c
index 25bd7cf68..47201aa0a 100644
--- a/security/nss/lib/pki/asymmkey.c
+++ b/security/nss/lib/pki/asymmkey.c
@@ -322,8 +322,9 @@ nssPrivateKey_Encode (
return (NSSItem *)NULL;
}
+ /* XXX use GenByPassword!!! */
/* use the supplied PBE alg/param to create a wrapping key */
- pbeKey = nssToken_GenerateSymmetricKey(vkey->token, vkey->session, ap,
+ pbeKey = nssToken_GenerateSymKey(vkey->token, vkey->session, ap,
0, NULL, PR_FALSE,
NSSOperations_WRAP, 0);
nss_ZFreeIf(password);
@@ -460,7 +461,7 @@ nssPrivateKey_Decode (
}
/* use the supplied PBE alg/param to create a wrapping key */
- pbeKey = nssToken_GenerateSymmetricKey(destination, session, pbeAP,
+ pbeKey = nssToken_GenerateSymKey(destination, session, pbeAP,
0, NULL, PR_FALSE,
NSSOperations_UNWRAP, 0);
nss_ZFreeIf(password);
@@ -608,8 +609,8 @@ NSSPrivateKey_SignRecover (
return NULL;
}
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSPrivateKey_UnwrapSymmetricKey (
+NSS_IMPLEMENT NSSSymKey *
+NSSPrivateKey_UnwrapSymKey (
NSSPrivateKey *vk,
const NSSAlgNParam *apOpt,
NSSItem *wrappedKey,
@@ -620,8 +621,8 @@ NSSPrivateKey_UnwrapSymmetricKey (
return NULL;
}
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSPrivateKey_DeriveSymmetricKey (
+NSS_IMPLEMENT NSSSymKey *
+NSSPrivateKey_DeriveSymKey (
NSSPrivateKey *vk,
NSSPublicKey *bk,
const NSSAlgNParam *apOpt,
@@ -711,32 +712,32 @@ NSSPrivateKey_CreateCryptoContext (
return NULL;
}
-NSS_IMPLEMENT NSSCertificate **
-nssPrivateKey_FindCertificates (
+NSS_IMPLEMENT NSSCert **
+nssPrivateKey_FindCerts (
NSSPrivateKey *vk,
- NSSCertificate **rvOpt,
+ NSSCert **rvOpt,
PRUint32 maximumOpt,
NSSArena *arenaOpt
)
{
NSSTrustDomain *td = nssPrivateKey_GetTrustDomain(vk, NULL);
- return nssTrustDomain_FindCertificatesByID(td, &vk->id,
+ return nssTrustDomain_FindCertsByID(td, &vk->id,
rvOpt, maximumOpt, arenaOpt);
}
-NSS_IMPLEMENT NSSCertificate **
-NSSPrivateKey_FindCertificates (
+NSS_IMPLEMENT NSSCert **
+NSSPrivateKey_FindCerts (
NSSPrivateKey *vk,
- NSSCertificate **rvOpt,
+ NSSCert **rvOpt,
PRUint32 maximumOpt,
NSSArena *arenaOpt
)
{
- return nssPrivateKey_FindCertificates(vk, rvOpt, maximumOpt, arenaOpt);
+ return nssPrivateKey_FindCerts(vk, rvOpt, maximumOpt, arenaOpt);
}
-NSS_IMPLEMENT NSSCertificate *
-NSSPrivateKey_FindBestCertificate (
+NSS_IMPLEMENT NSSCert *
+NSSPrivateKey_FindBestCert (
NSSPrivateKey *vk,
NSSTime time,
NSSUsages *usagesOpt,
@@ -1216,10 +1217,10 @@ nssPublicKey_GetInstanceForAlgorithmAndObject (
}
NSS_IMPLEMENT NSSItem *
-nssPublicKey_WrapSymmetricKey (
+nssPublicKey_WrapSymKey (
NSSPublicKey *bk,
const NSSAlgNParam *ap,
- NSSSymmetricKey *keyToWrap,
+ NSSSymKey *keyToWrap,
NSSCallback *uhh,
NSSItem *rvOpt,
NSSArena *arenaOpt
@@ -1240,16 +1241,16 @@ nssPublicKey_WrapSymmetricKey (
}
NSS_IMPLEMENT NSSItem *
-NSSPublicKey_WrapSymmetricKey (
+NSSPublicKey_WrapSymKey (
NSSPublicKey *bk,
const NSSAlgNParam *ap,
- NSSSymmetricKey *keyToWrap,
+ NSSSymKey *keyToWrap,
NSSCallback *uhh,
NSSItem *rvOpt,
NSSArena *arenaOpt
)
{
- return nssPublicKey_WrapSymmetricKey(bk, ap, keyToWrap,
+ return nssPublicKey_WrapSymKey(bk, ap, keyToWrap,
uhh, rvOpt, arenaOpt);
}
@@ -1264,60 +1265,60 @@ NSSPublicKey_CreateCryptoContext (
return NULL;
}
-NSS_IMPLEMENT NSSCertificate **
-nssPublicKey_FindCertificates (
+NSS_IMPLEMENT NSSCert **
+nssPublicKey_FindCerts (
NSSPublicKey *bk,
- NSSCertificate **rvOpt,
+ NSSCert **rvOpt,
PRUint32 maximumOpt,
NSSArena *arenaOpt
)
{
NSSTrustDomain *td = nssPublicKey_GetTrustDomain(bk, NULL);
- return nssTrustDomain_FindCertificatesByID(td, &bk->id,
+ return nssTrustDomain_FindCertsByID(td, &bk->id,
rvOpt, maximumOpt, arenaOpt);
}
-NSS_IMPLEMENT NSSCertificate **
-NSSPublicKey_FindCertificates (
+NSS_IMPLEMENT NSSCert **
+NSSPublicKey_FindCerts (
NSSPublicKey *bk,
- NSSCertificate **rvOpt,
+ NSSCert **rvOpt,
PRUint32 maximumOpt,
NSSArena *arenaOpt
)
{
- return nssPublicKey_FindCertificates(bk, rvOpt, maximumOpt, arenaOpt);
+ return nssPublicKey_FindCerts(bk, rvOpt, maximumOpt, arenaOpt);
}
-NSS_IMPLEMENT NSSCertificate *
-nssPublicKey_FindBestCertificate (
+NSS_IMPLEMENT NSSCert *
+nssPublicKey_FindBestCert (
NSSPublicKey *bk,
NSSTime time,
NSSUsages *usageOpt,
NSSPolicies *policiesOpt
)
{
- NSSCertificate *rvCert = NULL;
- NSSCertificate **certs;
+ NSSCert *rvCert = NULL;
+ NSSCert **certs;
- certs = nssPublicKey_FindCertificates(bk, NULL, 0, NULL);
+ certs = nssPublicKey_FindCerts(bk, NULL, 0, NULL);
if (!certs) {
- return (NSSCertificate *)NULL;
+ return (NSSCert *)NULL;
}
- rvCert = nssCertificateArray_FindBestCertificate(certs, time,
+ rvCert = nssCertArray_FindBestCert(certs, time,
usageOpt, policiesOpt);
- nssCertificateArray_Destroy(certs);
+ nssCertArray_Destroy(certs);
return rvCert;
}
-NSS_IMPLEMENT NSSCertificate *
-NSSPublicKey_FindBestCertificate (
+NSS_IMPLEMENT NSSCert *
+NSSPublicKey_FindBestCert (
NSSPublicKey *bk,
NSSTime time,
NSSUsages *usageOpt,
NSSPolicies *policiesOpt
)
{
- return nssPublicKey_FindBestCertificate(bk, time,
+ return nssPublicKey_FindBestCert(bk, time,
usageOpt, policiesOpt);
}
diff --git a/security/nss/lib/pki/certificate.c b/security/nss/lib/pki/certificate.c
index b2357d92b..6cee3fc12 100644
--- a/security/nss/lib/pki/certificate.c
+++ b/security/nss/lib/pki/certificate.c
@@ -52,7 +52,7 @@ static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
typedef struct
{
void *data;
- NSSCertificateMethods *methods;
+ NSSCertMethods *methods;
PRBool haveValidity;
NSSTime notBefore;
NSSTime notAfter;
@@ -62,10 +62,10 @@ typedef struct
}
nssCertDecoding;
-struct NSSCertificateStr
+struct NSSCertStr
{
nssPKIObject object;
- NSSCertificateType kind;
+ NSSCertType kind;
NSSItem id;
NSSBER encoding;
NSSDER issuer;
@@ -77,29 +77,29 @@ struct NSSCertificateStr
};
-NSS_EXTERN NSSCertificateMethods *
+NSS_EXTERN NSSCertMethods *
nss_GetMethodsForType (
- NSSCertificateType certType
+ NSSCertType certType
);
/* Creates a certificate from a base object */
-NSS_IMPLEMENT NSSCertificate *
-nssCertificate_Create (
+NSS_IMPLEMENT NSSCert *
+nssCert_Create (
nssPKIObject *object
)
{
PRStatus status;
- NSSCertificate *rvCert;
+ NSSCert *rvCert;
/* mark? */
NSSArena *arena = object->arena;
PR_ASSERT(object->instances != NULL && object->numInstances > 0);
- rvCert = nss_ZNEW(arena, NSSCertificate);
+ rvCert = nss_ZNEW(arena, NSSCert);
if (!rvCert) {
- return (NSSCertificate *)NULL;
+ return (NSSCert *)NULL;
}
rvCert->object = *object;
/* XXX should choose instance based on some criteria */
- status = nssCryptokiCertificate_GetAttributes(object->instances[0],
+ status = nssCryptokiCert_GetAttributes(object->instances[0],
arena,
&rvCert->kind,
&rvCert->id,
@@ -109,36 +109,36 @@ nssCertificate_Create (
&rvCert->subject,
&rvCert->email);
if (status != PR_SUCCESS) {
- return (NSSCertificate *)NULL;
+ return (NSSCert *)NULL;
}
/* all certs need an encoding value */
if (rvCert->encoding.data == NULL) {
- return (NSSCertificate *)NULL;
+ return (NSSCert *)NULL;
}
rvCert->decoding.methods = nss_GetMethodsForType(rvCert->kind);
if (!rvCert->decoding.methods) {
- return (NSSCertificate *)NULL;
+ return (NSSCert *)NULL;
}
return rvCert;
}
-NSS_IMPLEMENT NSSCertificate *
-nssCertificate_Decode (
+NSS_IMPLEMENT NSSCert *
+nssCert_Decode (
NSSBER *ber
)
{
NSSArena *arena;
- NSSCertificate *rvCert;
- NSSCertificateMethods *decoder;
+ NSSCert *rvCert;
+ NSSCertMethods *decoder;
void *decoding;
NSSItem *it;
/* create the PKIObject */
arena = nssArena_Create();
if (!arena) {
- return (NSSCertificate *)NULL;
+ return (NSSCert *)NULL;
}
- rvCert = nss_ZNEW(arena, NSSCertificate);
+ rvCert = nss_ZNEW(arena, NSSCert);
if (!rvCert) {
goto loser;
}
@@ -149,7 +149,7 @@ nssCertificate_Decode (
goto loser;
}
/* try to decode it */
- decoder = nss_GetMethodsForType(NSSCertificateType_PKIX);
+ decoder = nss_GetMethodsForType(NSSCertType_PKIX);
if (!decoder) {
/* nss_SetError(UNKNOWN_CERT_TYPE); */
goto loser;
@@ -159,7 +159,7 @@ nssCertificate_Decode (
/* it's a PKIX cert */
rvCert->decoding.methods = decoder;
rvCert->decoding.data = decoding;
- rvCert->kind = NSSCertificateType_PKIX;
+ rvCert->kind = NSSCertType_PKIX;
} else {
goto loser;
}
@@ -191,17 +191,17 @@ nssCertificate_Decode (
return rvCert;
loser:
nssArena_Destroy(arena);
- return (NSSCertificate *)NULL;
+ return (NSSCert *)NULL;
}
/* XXX */
-NSS_IMPLEMENT NSSCertificate *
-nssCertificate_CreateIndexCert (
+NSS_IMPLEMENT NSSCert *
+nssCert_CreateIndexCert (
NSSDER *issuer,
NSSDER *serial
)
{
- NSSCertificate *c = nss_ZNEW(NULL, NSSCertificate);
+ NSSCert *c = nss_ZNEW(NULL, NSSCert);
if (c) {
c->issuer = *issuer;
c->serial = *serial;
@@ -209,9 +209,9 @@ nssCertificate_CreateIndexCert (
return c;
}
-NSS_IMPLEMENT NSSCertificate *
-nssCertificate_AddRef (
- NSSCertificate *c
+NSS_IMPLEMENT NSSCert *
+nssCert_AddRef (
+ NSSCert *c
)
{
if (c) {
@@ -221,14 +221,14 @@ nssCertificate_AddRef (
}
NSS_IMPLEMENT PRStatus
-nssCertificate_Destroy (
- NSSCertificate *c
+nssCert_Destroy (
+ NSSCert *c
)
{
PRBool destroyed;
if (c) {
void *dc = c->decoding.data;
- NSSCertificateMethods *methods = c->decoding.methods;
+ NSSCertMethods *methods = c->decoding.methods;
destroyed = nssPKIObject_Destroy(&c->object);
if (destroyed) {
if (dc) {
@@ -240,16 +240,16 @@ nssCertificate_Destroy (
}
NSS_IMPLEMENT PRStatus
-NSSCertificate_Destroy (
- NSSCertificate *c
+NSSCert_Destroy (
+ NSSCert *c
)
{
- return nssCertificate_Destroy(c);
+ return nssCert_Destroy(c);
}
NSS_IMPLEMENT PRUint32
-nssCertificate_Hash (
- NSSCertificate *c
+nssCert_Hash (
+ NSSCert *c
)
{
PRUint32 i;
@@ -262,8 +262,8 @@ nssCertificate_Hash (
}
NSS_IMPLEMENT NSSDER *
-nssCertificate_GetEncoding (
- NSSCertificate *c
+nssCert_GetEncoding (
+ NSSCert *c
)
{
if (c->encoding.size > 0 && c->encoding.data) {
@@ -274,8 +274,8 @@ nssCertificate_GetEncoding (
}
NSS_IMPLEMENT NSSDER *
-nssCertificate_GetIssuer (
- NSSCertificate *c
+nssCert_GetIssuer (
+ NSSCert *c
)
{
if (c->issuer.size > 0 && c->issuer.data) {
@@ -286,16 +286,16 @@ nssCertificate_GetIssuer (
}
NSS_IMPLEMENT NSSDER *
-NSSCertificate_GetIssuer (
- NSSCertificate *c
+NSSCert_GetIssuer (
+ NSSCert *c
)
{
- return nssCertificate_GetIssuer(c);
+ return nssCert_GetIssuer(c);
}
NSS_IMPLEMENT NSSDER *
-nssCertificate_GetSerialNumber (
- NSSCertificate *c
+nssCert_GetSerialNumber (
+ NSSCert *c
)
{
if (c->serial.size > 0 && c->serial.data) {
@@ -306,16 +306,16 @@ nssCertificate_GetSerialNumber (
}
NSS_IMPLEMENT NSSDER *
-NSSCertificate_GetSerialNumber (
- NSSCertificate *c
+NSSCert_GetSerialNumber (
+ NSSCert *c
)
{
- return nssCertificate_GetSerialNumber(c);
+ return nssCert_GetSerialNumber(c);
}
NSS_IMPLEMENT NSSDER *
-nssCertificate_GetSubject (
- NSSCertificate *c
+nssCert_GetSubject (
+ NSSCert *c
)
{
if (c->subject.size > 0 && c->subject.data) {
@@ -326,8 +326,8 @@ nssCertificate_GetSubject (
}
NSS_IMPLEMENT PRStatus
-nssCertificate_SetNickname (
- NSSCertificate *c,
+nssCert_SetNickname (
+ NSSCert *c,
NSSToken *tokenOpt,
NSSUTF8 *nickname
)
@@ -336,8 +336,8 @@ nssCertificate_SetNickname (
}
NSS_IMPLEMENT NSSUTF8 *
-nssCertificate_GetNickname (
- NSSCertificate *c,
+nssCert_GetNickname (
+ NSSCert *c,
NSSToken *tokenOpt
)
{
@@ -345,8 +345,8 @@ nssCertificate_GetNickname (
}
NSS_IMPLEMENT NSSToken *
-nssCertificate_GetWriteToken (
- NSSCertificate *c,
+nssCert_GetWriteToken (
+ NSSCert *c,
nssSession **rvSessionOpt
)
{
@@ -354,25 +354,25 @@ nssCertificate_GetWriteToken (
}
NSS_IMPLEMENT NSSUTF8 *
-NSSCertificate_GetNickname (
- NSSCertificate *c,
+NSSCert_GetNickname (
+ NSSCert *c,
NSSToken *tokenOpt
)
{
- return nssCertificate_GetNickname(c, tokenOpt);
+ return nssCert_GetNickname(c, tokenOpt);
}
NSS_IMPLEMENT NSSASCII7 *
-nssCertificate_GetEmailAddress (
- NSSCertificate *c
+nssCert_GetEmailAddress (
+ NSSCert *c
)
{
return c->email;
}
static nssCertDecoding *
-nssCertificate_GetDecoding (
- NSSCertificate *c
+nssCert_GetDecoding (
+ NSSCert *c
)
{
if (!c->decoding.data) {
@@ -382,35 +382,35 @@ nssCertificate_GetDecoding (
}
NSS_IMPLEMENT void *
-NSSCertificate_GetDecoding (
- NSSCertificate *c
+NSSCert_GetDecoding (
+ NSSCert *c
)
{
nssCertDecoding *dc;
- dc = nssCertificate_GetDecoding(c);
+ dc = nssCert_GetDecoding(c);
if (dc) {
return dc->data;
}
return (void *)NULL;
}
-NSS_EXTERN NSSCertificateType
-NSSCertificate_GetType (
- NSSCertificate *c
+NSS_EXTERN NSSCertType
+NSSCert_GetType (
+ NSSCert *c
)
{
return c->kind;
}
NSS_IMPLEMENT NSSUsages *
-nssCertificate_GetUsages (
- NSSCertificate *c,
+nssCert_GetUsages (
+ NSSCert *c,
PRStatus *statusOpt
)
{
PRStatus status;
- nssCertDecoding *dc = nssCertificate_GetDecoding(c);
+ nssCertDecoding *dc = nssCert_GetDecoding(c);
if (statusOpt) *statusOpt = PR_SUCCESS;
if (dc) {
if (!dc->haveUsages) {
@@ -437,14 +437,14 @@ get_validity_period(nssCertDecoding *dc)
/* XXX */
NSS_IMPLEMENT PRBool
-nssCertificate_IsValidAtTime (
- NSSCertificate *c,
+nssCert_IsValidAtTime (
+ NSSCert *c,
NSSTime time,
PRStatus *statusOpt
)
{
PRStatus status;
- nssCertDecoding *dc = nssCertificate_GetDecoding(c);
+ nssCertDecoding *dc = nssCert_GetDecoding(c);
if (statusOpt) *statusOpt = PR_FAILURE;
if (dc) {
status = get_validity_period(dc);
@@ -462,14 +462,14 @@ nssCertificate_IsValidAtTime (
/* XXX */
/* note this isn't the same as CERT_IsNewer, but doesn't intend to be */
NSS_IMPLEMENT PRBool
-nssCertificate_IsNewer (
- NSSCertificate *c1,
- NSSCertificate *c2,
+nssCert_IsNewer (
+ NSSCert *c1,
+ NSSCert *c2,
PRStatus *statusOpt
)
{
- nssCertDecoding *dc1 = nssCertificate_GetDecoding(c1);
- nssCertDecoding *dc2 = nssCertificate_GetDecoding(c2);
+ nssCertDecoding *dc1 = nssCert_GetDecoding(c1);
+ nssCertDecoding *dc2 = nssCert_GetDecoding(c2);
if (statusOpt) *statusOpt = PR_SUCCESS;
/* get the times from the decoding */
if (get_validity_period(dc1) == PR_FAILURE) {
@@ -484,9 +484,9 @@ nssCertificate_IsNewer (
}
NSS_IMPLEMENT PRBool
-nssCertificate_IssuerAndSerialEqual (
- NSSCertificate *c1,
- NSSCertificate *c2
+nssCert_IssuerAndSerialEqual (
+ NSSCert *c1,
+ NSSCert *c2
)
{
return (nssItem_Equal(&c1->issuer, &c2->issuer, NULL) &&
@@ -494,8 +494,8 @@ nssCertificate_IssuerAndSerialEqual (
}
NSS_IMPLEMENT void
-nssCertificate_SetVolatileDomain (
- NSSCertificate *c,
+nssCert_SetVolatileDomain (
+ NSSCert *c,
NSSVolatileDomain *vd
)
{
@@ -504,32 +504,32 @@ nssCertificate_SetVolatileDomain (
}
NSS_IMPLEMENT NSSVolatileDomain *
-nssCertificate_GetVolatileDomain (
- NSSCertificate *c
+nssCert_GetVolatileDomain (
+ NSSCert *c
)
{
return c->object.vd;
}
NSS_IMPLEMENT NSSTrustDomain *
-nssCertificate_GetTrustDomain (
- NSSCertificate *c
+nssCert_GetTrustDomain (
+ NSSCert *c
)
{
return c->object.td;
}
NSS_IMPLEMENT NSSTrustDomain *
-NSSCertificate_GetTrustDomain (
- NSSCertificate *c
+NSSCert_GetTrustDomain (
+ NSSCert *c
)
{
- return nssCertificate_GetTrustDomain(c);
+ return nssCert_GetTrustDomain(c);
}
NSS_IMPLEMENT NSSToken **
-nssCertificate_GetTokens (
- NSSCertificate *c,
+nssCert_GetTokens (
+ NSSCert *c,
PRStatus *statusOpt
)
{
@@ -537,17 +537,17 @@ nssCertificate_GetTokens (
}
NSS_IMPLEMENT NSSToken **
-NSSCertificate_GetTokens (
- NSSCertificate *c,
+NSSCert_GetTokens (
+ NSSCert *c,
PRStatus *statusOpt
)
{
- return nssCertificate_GetTokens(c, statusOpt);
+ return nssCert_GetTokens(c, statusOpt);
}
NSS_IMPLEMENT NSSSlot *
-NSSCertificate_GetSlot (
- NSSCertificate *c,
+NSSCert_GetSlot (
+ NSSCert *c,
PRStatus *statusOpt
)
{
@@ -555,8 +555,8 @@ NSSCertificate_GetSlot (
}
NSS_IMPLEMENT NSSModule *
-NSSCertificate_GetModule (
- NSSCertificate *c,
+NSSCert_GetModule (
+ NSSCert *c,
PRStatus *statusOpt
)
{
@@ -564,8 +564,8 @@ NSSCertificate_GetModule (
}
NSS_IMPLEMENT nssCryptokiObject *
-nssCertificate_FindInstanceForAlgorithm (
- NSSCertificate *c,
+nssCert_FindInstanceForAlgorithm (
+ NSSCert *c,
NSSAlgNParam *ap
)
{
@@ -573,8 +573,8 @@ nssCertificate_FindInstanceForAlgorithm (
}
NSS_IMPLEMENT PRStatus
-nssCertificate_DeleteStoredObject (
- NSSCertificate *c,
+nssCert_DeleteStoredObject (
+ NSSCert *c,
NSSCallback *uhh
)
{
@@ -582,17 +582,17 @@ nssCertificate_DeleteStoredObject (
}
NSS_IMPLEMENT PRStatus
-NSSCertificate_DeleteStoredObject (
- NSSCertificate *c,
+NSSCert_DeleteStoredObject (
+ NSSCert *c,
NSSCallback *uhh
)
{
- return nssCertificate_DeleteStoredObject(c, uhh);
+ return nssCert_DeleteStoredObject(c, uhh);
}
NSS_IMPLEMENT PRStatus
-nssCertificate_CopyToToken (
- NSSCertificate *c,
+nssCert_CopyToToken (
+ NSSCert *c,
NSSToken *token,
NSSUTF8 *nicknameOpt
)
@@ -605,7 +605,7 @@ nssCertificate_CopyToToken (
if (!rwSession) {
return PR_FAILURE;
}
- instance = nssToken_ImportCertificate(token, rwSession,
+ instance = nssToken_ImportCert(token, rwSession,
c->kind, NULL, nicknameOpt,
&c->encoding, &c->issuer,
&c->subject, &c->serial,
@@ -623,7 +623,7 @@ nssCertificate_CopyToToken (
static NSSUsage
get_trusted_usage (
- NSSCertificate *c,
+ NSSCert *c,
PRBool asCA,
PRStatus *status
)
@@ -636,7 +636,7 @@ get_trusted_usage (
checkLevel = asCA ? nssTrustLevel_TrustedDelegator :
nssTrustLevel_Trusted;
/* XXX needs to be cached with cert */
- trust = nssTrustDomain_FindTrustForCertificate(c->object.td, c);
+ trust = nssTrustDomain_FindTrustForCert(c->object.td, c);
if (!trust) {
if (NSS_GetError() == NSS_ERROR_NO_ERROR) {
*status = PR_SUCCESS;
@@ -664,7 +664,7 @@ get_trusted_usage (
static PRStatus
validate_and_discover_trust (
- NSSCertificate *c,
+ NSSCert *c,
NSSTime time,
NSSUsage usage,
NSSPolicies *policiesOpt,
@@ -680,7 +680,7 @@ validate_and_discover_trust (
*trusted = PR_FALSE;
/* First verify the time is within the cert's validity period */
- if (!nssCertificate_IsValidAtTime(c, time, &status)) {
+ if (!nssCert_IsValidAtTime(c, time, &status)) {
if (status == PR_SUCCESS) {
/* The function was successful, so we own the error */
nss_SetError(NSS_ERROR_CERTIFICATE_NOT_VALID_AT_TIME);
@@ -696,7 +696,7 @@ validate_and_discover_trust (
}
/* Verify the cert is capable of the desired set of usages */
- certUsages = nssCertificate_GetUsages(c, &status);
+ certUsages = nssCert_GetUsages(c, &status);
if (status == PR_FAILURE) {
return PR_FAILURE;
}
@@ -715,15 +715,15 @@ validate_and_discover_trust (
static PRStatus
validate_chain_link (
- NSSCertificate *subjectCert,
- NSSCertificate *issuerCert,
+ NSSCert *subjectCert,
+ NSSCert *issuerCert,
void **vData
)
{
PRStatus status;
nssCertDecoding *dcs;
- dcs = nssCertificate_GetDecoding(subjectCert);
+ dcs = nssCert_GetDecoding(subjectCert);
if (!dcs) {
return PR_FAILURE;
}
@@ -751,16 +751,16 @@ validate_chain_link (
#if 0
static PRBool
cert_in_chain_revoked (
- NSSCertificate **chain,
+ NSSCert **chain,
PRStatus *status
)
{
- NSSCertificate **cp;
+ NSSCert **cp;
nssCRL *crl;
for (cp = chain; *cp; cp++) {
crl = nssTrustDomain_FindCRLBySubject(td, subject);
if (crl) {
- status = nssCRL_FindCertificate(*cp);
+ status = nssCRL_FindCert(*cp);
}
}
/* If OCSP is enabled, check revocation status of the cert */
@@ -774,8 +774,8 @@ cert_in_chain_revoked (
#endif
NSS_IMPLEMENT PRStatus
-nssCertificate_Validate (
- NSSCertificate *c,
+nssCert_Validate (
+ NSSCert *c,
NSSTime time,
NSSUsages *usages,
NSSPolicies *policiesOpt
@@ -785,14 +785,14 @@ nssCertificate_Validate (
PRBool asCA;
PRBool trusted = PR_FALSE;
PRBool atRoot = PR_FALSE;
- NSSCertificate **cp, **chain;
- NSSCertificate *subjectCert = NULL;
- NSSCertificate *issuerCert = NULL;
+ NSSCert **cp, **chain;
+ NSSCert *subjectCert = NULL;
+ NSSCert *issuerCert = NULL;
NSSUsage usage;
void *vData = NULL;
/* Build the chain (this cert will be first) */
- chain = nssCertificate_BuildChain(c, time, usages, policiesOpt,
+ chain = nssCert_BuildChain(c, time, usages, policiesOpt,
NULL, 0, NULL, &status);
if (status == PR_FAILURE) {
return PR_FAILURE;
@@ -857,25 +857,25 @@ check_revocation:
#endif
done:
- nssCertificateArray_Destroy(chain);
+ nssCertArray_Destroy(chain);
return status;
}
NSS_IMPLEMENT PRStatus
-NSSCertificate_Validate (
- NSSCertificate *c,
+NSSCert_Validate (
+ NSSCert *c,
NSSTime time,
NSSUsages *usages,
NSSPolicies *policiesOpt
)
{
- return nssCertificate_Validate(c, time, usages, policiesOpt);
+ return nssCert_Validate(c, time, usages, policiesOpt);
}
#if 0
struct NSSValidationErrorStr
{
- NSSCertificate *c;
+ NSSCert *c;
NSSUsage usage;
NSSError error;
PRUint32 level;
@@ -883,8 +883,8 @@ struct NSSValidationErrorStr
#endif
NSS_IMPLEMENT void ** /* void *[] */
-NSSCertificate_ValidateCompletely (
- NSSCertificate *c,
+NSSCert_ValidateCompletely (
+ NSSCert *c,
NSSTime time, /* NULL for "now" */
NSSUsages *usages,
NSSPolicies *policiesOpt, /* NULL for none */
@@ -898,8 +898,8 @@ NSSCertificate_ValidateCompletely (
}
NSS_IMPLEMENT PRStatus
-NSSCertificate_ValidateAndDiscoverUsagesAndPolicies (
- NSSCertificate *c,
+NSSCert_ValidateAndDiscoverUsagesAndPolicies (
+ NSSCert *c,
NSSTime **notBeforeOutOpt,
NSSTime **notAfterOutOpt,
void *allowedUsages,
@@ -915,8 +915,8 @@ NSSCertificate_ValidateAndDiscoverUsagesAndPolicies (
}
NSS_IMPLEMENT NSSUsages *
-nssCertificate_GetTrustedUsages (
- NSSCertificate *c,
+nssCert_GetTrustedUsages (
+ NSSCert *c,
NSSUsages *usagesOpt
)
{
@@ -943,23 +943,23 @@ nssCertificate_GetTrustedUsages (
}
NSS_IMPLEMENT NSSUsages *
-NSSCertificate_GetTrustedUsages (
- NSSCertificate *c,
+NSSCert_GetTrustedUsages (
+ NSSCert *c,
NSSUsages *usagesOpt
)
{
- return nssCertificate_GetTrustedUsages(c, usagesOpt);
+ return nssCert_GetTrustedUsages(c, usagesOpt);
}
NSS_IMPLEMENT PRBool
-nssCertificate_IsTrustedForUsages (
- NSSCertificate *c,
+nssCert_IsTrustedForUsages (
+ NSSCert *c,
NSSUsages *usages,
PRStatus *statusOpt
)
{
NSSUsages certUsages;
- if (nssCertificate_GetTrustedUsages(c, &certUsages) == NULL) {
+ if (nssCert_GetTrustedUsages(c, &certUsages) == NULL) {
if (statusOpt) *statusOpt = PR_FAILURE;
return PR_FALSE;
}
@@ -1031,8 +1031,8 @@ nssTrust_CreateNull (
}
NSS_IMPLEMENT PRStatus
-nssCertificate_SetTrustedUsages (
- NSSCertificate *c,
+nssCert_SetTrustedUsages (
+ NSSCert *c,
NSSUsages *usages
)
{
@@ -1043,7 +1043,7 @@ nssCertificate_SetTrustedUsages (
nssCryptokiObject *instance;
/* XXX needs to be cached with cert */
- trust = nssTrustDomain_FindTrustForCertificate(c->object.td, c);
+ trust = nssTrustDomain_FindTrustForCert(c->object.td, c);
if (trust) {
token = nssTrust_GetWriteToken(trust, &session);
nssTrust_Clear(trust);
@@ -1057,7 +1057,7 @@ nssCertificate_SetTrustedUsages (
if (!trust) {
return PR_FAILURE;
}
- token = nssCertificate_GetWriteToken(c, &session);
+ token = nssCert_GetWriteToken(c, &session);
if (!token) {
/* XXX should extract from trust domain */
PR_ASSERT(0);
@@ -1089,17 +1089,17 @@ nssCertificate_SetTrustedUsages (
}
NSS_IMPLEMENT PRStatus
-NSSCertificate_SetTrustedUsages (
- NSSCertificate *c,
+NSSCert_SetTrustedUsages (
+ NSSCert *c,
NSSUsages *usages
)
{
- return nssCertificate_SetTrustedUsages(c, usages);
+ return nssCert_SetTrustedUsages(c, usages);
}
NSS_IMPLEMENT NSSDER *
-nssCertificate_Encode (
- NSSCertificate *c,
+nssCert_Encode (
+ NSSCert *c,
NSSDER *rvOpt,
NSSArena *arenaOpt
)
@@ -1108,57 +1108,57 @@ nssCertificate_Encode (
}
NSS_IMPLEMENT NSSDER *
-NSSCertificate_Encode (
- NSSCertificate *c,
+NSSCert_Encode (
+ NSSCert *c,
NSSDER *rvOpt,
NSSArena *arenaOpt
)
{
- return nssCertificate_Encode(c, rvOpt, arenaOpt);
+ return nssCert_Encode(c, rvOpt, arenaOpt);
}
-static NSSCertificate *
+static NSSCert *
filter_subject_certs_for_id (
- NSSCertificate **subjectCerts,
+ NSSCert **subjectCerts,
void *id
)
{
- NSSCertificate **si;
- NSSCertificate *rvCert = NULL;
+ NSSCert **si;
+ NSSCert *rvCert = NULL;
/* walk the subject certs */
for (si = subjectCerts; *si; si++) {
- nssCertDecoding *dcp = nssCertificate_GetDecoding(*si);
+ nssCertDecoding *dcp = nssCert_GetDecoding(*si);
if (dcp->methods->isMyIdentifier(dcp->data, id)) {
/* this cert has the correct identifier */
- rvCert = nssCertificate_AddRef(*si);
+ rvCert = nssCert_AddRef(*si);
break;
}
}
return rvCert;
}
-static NSSCertificate *
+static NSSCert *
find_cert_issuer (
- NSSCertificate *c,
+ NSSCert *c,
NSSTime time,
NSSUsages *usagesOpt,
NSSPolicies *policiesOpt
)
{
- NSSCertificate **issuers = NULL;
- NSSCertificate *issuer = NULL;
+ NSSCert **issuers = NULL;
+ NSSCert *issuer = NULL;
NSSTrustDomain *td;
NSSVolatileDomain *vd;
- vd = nssCertificate_GetVolatileDomain(c);
- td = nssCertificate_GetTrustDomain(c);
+ vd = nssCert_GetVolatileDomain(c);
+ td = nssCert_GetTrustDomain(c);
if (vd) {
- issuers = nssVolatileDomain_FindCertificatesBySubject(vd,
+ issuers = nssVolatileDomain_FindCertsBySubject(vd,
&c->issuer,
NULL,
0,
NULL);
} else {
- issuers = nssTrustDomain_FindCertificatesBySubject(td,
+ issuers = nssTrustDomain_FindCertsBySubject(td,
&c->issuer,
NULL,
0,
@@ -1167,7 +1167,7 @@ find_cert_issuer (
if (issuers) {
nssCertDecoding *dc = NULL;
void *issuerID = NULL;
- dc = nssCertificate_GetDecoding(c);
+ dc = nssCert_GetDecoding(c);
if (dc) {
issuerID = dc->methods->getIssuerIdentifier(dc->data);
}
@@ -1175,12 +1175,12 @@ find_cert_issuer (
issuer = filter_subject_certs_for_id(issuers, issuerID);
dc->methods->freeIdentifier(issuerID);
} else {
- issuer = nssCertificateArray_FindBestCertificate(issuers,
+ issuer = nssCertArray_FindBestCert(issuers,
time,
usagesOpt,
policiesOpt);
}
- nssCertificateArray_Destroy(issuers);
+ nssCertArray_Destroy(issuers);
}
return issuer;
}
@@ -1189,32 +1189,32 @@ find_cert_issuer (
* this function is not using the authCertIssuer field as a fallback
* if authority key id does not exist
*/
-NSS_IMPLEMENT NSSCertificate **
-nssCertificate_BuildChain (
- NSSCertificate *c,
+NSS_IMPLEMENT NSSCert **
+nssCert_BuildChain (
+ NSSCert *c,
NSSTime time,
NSSUsages *usagesOpt,
NSSPolicies *policiesOpt,
- NSSCertificate **rvOpt,
+ NSSCert **rvOpt,
PRUint32 rvLimit,
NSSArena *arenaOpt,
PRStatus *statusOpt
)
{
PRStatus status;
- NSSCertificate **rvChain;
+ NSSCert **rvChain;
NSSTrustDomain *td;
nssPKIObjectCollection *collection;
NSSUsages usages = { 0 };
- td = NSSCertificate_GetTrustDomain(c);
+ td = NSSCert_GetTrustDomain(c);
if (statusOpt) *statusOpt = PR_SUCCESS;
/* initialize the collection with the current cert */
- collection = nssCertificateCollection_Create(td, NULL);
+ collection = nssCertCollection_Create(td, NULL);
if (!collection) {
if (statusOpt) *statusOpt = PR_FAILURE;
- return (NSSCertificate **)NULL;
+ return (NSSCert **)NULL;
}
nssPKIObjectCollection_AddObject(collection, (nssPKIObject *)c);
if (rvLimit == 1) {
@@ -1230,7 +1230,7 @@ nssCertificate_BuildChain (
c = find_cert_issuer(c, time, usagesOpt, policiesOpt);
if (c) {
nssPKIObjectCollection_AddObject(collection, (nssPKIObject *)c);
- nssCertificate_Destroy(c); /* collection has it */
+ nssCert_Destroy(c); /* collection has it */
if (rvLimit > 0 &&
nssPKIObjectCollection_Count(collection) == rvLimit)
{
@@ -1243,7 +1243,7 @@ nssCertificate_BuildChain (
}
}
finish:
- rvChain = nssPKIObjectCollection_GetCertificates(collection,
+ rvChain = nssPKIObjectCollection_GetCerts(collection,
rvOpt,
rvLimit,
arenaOpt);
@@ -1251,25 +1251,25 @@ finish:
return rvChain;
}
-NSS_IMPLEMENT NSSCertificate **
-NSSCertificate_BuildChain (
- NSSCertificate *c,
+NSS_IMPLEMENT NSSCert **
+NSSCert_BuildChain (
+ NSSCert *c,
NSSTime time,
NSSUsages *usagesOpt,
NSSPolicies *policiesOpt,
- NSSCertificate **rvOpt,
+ NSSCert **rvOpt,
PRUint32 rvLimit, /* zero for no limit */
NSSArena *arenaOpt,
PRStatus *statusOpt
)
{
- return nssCertificate_BuildChain(c, time, usagesOpt, policiesOpt,
+ return nssCert_BuildChain(c, time, usagesOpt, policiesOpt,
rvOpt, rvLimit, arenaOpt, statusOpt);
}
NSS_IMPLEMENT NSSItem *
-NSSCertificate_Encrypt (
- NSSCertificate *c,
+NSSCert_Encrypt (
+ NSSCert *c,
const NSSAlgNParam *apOpt,
NSSItem *data,
NSSTime time,
@@ -1285,8 +1285,8 @@ NSSCertificate_Encrypt (
}
NSS_IMPLEMENT PRStatus
-NSSCertificate_Verify (
- NSSCertificate *c,
+NSSCert_Verify (
+ NSSCert *c,
const NSSAlgNParam *apOpt,
NSSItem *data,
NSSItem *signature,
@@ -1301,8 +1301,8 @@ NSSCertificate_Verify (
}
NSS_IMPLEMENT NSSItem *
-NSSCertificate_VerifyRecover (
- NSSCertificate *c,
+NSSCert_VerifyRecover (
+ NSSCert *c,
const NSSAlgNParam *apOpt,
NSSItem *signature,
NSSTime time,
@@ -1318,10 +1318,10 @@ NSSCertificate_VerifyRecover (
}
NSS_IMPLEMENT NSSItem *
-nssCertificate_WrapSymmetricKey (
- NSSCertificate *c,
+nssCert_WrapSymKey (
+ NSSCert *c,
const NSSAlgNParam *ap,
- NSSSymmetricKey *keyToWrap,
+ NSSSymKey *keyToWrap,
NSSTime time,
NSSUsages *usages,
NSSPolicies *policiesOpt,
@@ -1335,22 +1335,22 @@ nssCertificate_WrapSymmetricKey (
/* XXX do some validation */
- pubKey = nssCertificate_GetPublicKey(c);
+ pubKey = nssCert_GetPublicKey(c);
if (!pubKey) {
return (NSSItem *)NULL;
}
- wrap = nssPublicKey_WrapSymmetricKey(pubKey, ap, keyToWrap,
+ wrap = nssPublicKey_WrapSymKey(pubKey, ap, keyToWrap,
uhh, rvOpt, arenaOpt);
nssPublicKey_Destroy(pubKey);
return wrap;
}
NSS_IMPLEMENT NSSItem *
-NSSCertificate_WrapSymmetricKey (
- NSSCertificate *c,
+NSSCert_WrapSymKey (
+ NSSCert *c,
const NSSAlgNParam *ap,
- NSSSymmetricKey *keyToWrap,
+ NSSSymKey *keyToWrap,
NSSTime time,
NSSUsages *usages,
NSSPolicies *policiesOpt,
@@ -1359,14 +1359,14 @@ NSSCertificate_WrapSymmetricKey (
NSSArena *arenaOpt
)
{
- return nssCertificate_WrapSymmetricKey(c, ap, keyToWrap,
+ return nssCert_WrapSymKey(c, ap, keyToWrap,
time, usages, policiesOpt,
uhh, rvOpt, arenaOpt);
}
NSS_IMPLEMENT NSSCryptoContext *
-NSSCertificate_CreateCryptoContext (
- NSSCertificate *c,
+NSSCert_CreateCryptoContext (
+ NSSCert *c,
const NSSAlgNParam *apOpt,
NSSTime time,
NSSUsages *usages,
@@ -1379,15 +1379,15 @@ NSSCertificate_CreateCryptoContext (
}
NSS_IMPLEMENT NSSPublicKey *
-nssCertificate_GetPublicKey (
- NSSCertificate *c
+nssCert_GetPublicKey (
+ NSSCert *c
)
{
PRStatus status;
NSSToken **tokens, **tp;
nssCryptokiObject *instance = NULL;
- NSSTrustDomain *td = nssCertificate_GetTrustDomain(c);
- NSSVolatileDomain *vd = nssCertificate_GetVolatileDomain(c);
+ NSSTrustDomain *td = nssCert_GetTrustDomain(c);
+ NSSVolatileDomain *vd = nssCert_GetVolatileDomain(c);
/* first look for a persistent object in the trust domain */
tokens = nssPKIObject_GetTokens(&c->object, &status);
@@ -1419,7 +1419,7 @@ nssCertificate_GetPublicKey (
} else {
NSSOID *keyAlg;
NSSBitString keyBits;
- nssCertDecoding *dc = nssCertificate_GetDecoding(c);
+ nssCertDecoding *dc = nssCert_GetDecoding(c);
/* create an ephemeral pubkey object, either in the cert's
* volatile domain (if it exists), or as a standalone object
@@ -1435,23 +1435,23 @@ nssCertificate_GetPublicKey (
}
NSS_IMPLEMENT NSSPublicKey *
-NSSCertificate_GetPublicKey (
- NSSCertificate *c
+NSSCert_GetPublicKey (
+ NSSCert *c
)
{
- return nssCertificate_GetPublicKey(c);
+ return nssCert_GetPublicKey(c);
}
NSS_IMPLEMENT NSSPrivateKey *
-nssCertificate_FindPrivateKey (
- NSSCertificate *c,
+nssCert_FindPrivateKey (
+ NSSCert *c,
NSSCallback *uhh
)
{
PRStatus status;
NSSToken **tokens, **tp;
nssCryptokiObject *instance;
- NSSTrustDomain *td = nssCertificate_GetTrustDomain(c);
+ NSSTrustDomain *td = nssCert_GetTrustDomain(c);
tokens = nssPKIObject_GetTokens(&c->object, &status);
if (!tokens) {
@@ -1498,17 +1498,17 @@ nssCertificate_FindPrivateKey (
}
NSS_IMPLEMENT NSSPrivateKey *
-NSSCertificate_FindPrivateKey (
- NSSCertificate *c,
+NSSCert_FindPrivateKey (
+ NSSCert *c,
NSSCallback *uhh
)
{
- return nssCertificate_FindPrivateKey(c, uhh);
+ return nssCert_FindPrivateKey(c, uhh);
}
NSS_IMPLEMENT PRBool
-nssCertificate_IsPrivateKeyAvailable (
- NSSCertificate *c,
+nssCert_IsPrivateKeyAvailable (
+ NSSCert *c,
NSSCallback *uhh,
PRStatus *statusOpt
)
@@ -1516,7 +1516,7 @@ nssCertificate_IsPrivateKeyAvailable (
PRStatus status;
NSSToken **tokens, **tp;
nssCryptokiObject *instance = NULL;
- NSSTrustDomain *td = nssCertificate_GetTrustDomain(c);
+ NSSTrustDomain *td = nssCert_GetTrustDomain(c);
PRBool isLoggedIn;
tokens = nssPKIObject_GetTokens(&c->object, &status);
if (!tokens) {
@@ -1552,18 +1552,18 @@ nssCertificate_IsPrivateKeyAvailable (
}
NSS_IMPLEMENT PRBool
-NSSCertificate_IsPrivateKeyAvailable (
- NSSCertificate *c,
+NSSCert_IsPrivateKeyAvailable (
+ NSSCert *c,
NSSCallback *uhh,
PRStatus *statusOpt
)
{
- return nssCertificate_IsPrivateKeyAvailable(c, uhh, statusOpt);
+ return nssCert_IsPrivateKeyAvailable(c, uhh, statusOpt);
}
NSS_IMPLEMENT PRBool
-NSSUserCertificate_IsStillPresent (
- NSSUserCertificate *uc,
+NSSUserCert_IsStillPresent (
+ NSSUserCert *uc,
PRStatus *statusOpt
)
{
@@ -1572,8 +1572,8 @@ NSSUserCertificate_IsStillPresent (
}
NSS_IMPLEMENT NSSItem *
-NSSUserCertificate_Decrypt (
- NSSUserCertificate *uc,
+NSSUserCert_Decrypt (
+ NSSUserCert *uc,
const NSSAlgNParam *apOpt,
NSSItem *data,
NSSTime time,
@@ -1589,8 +1589,8 @@ NSSUserCertificate_Decrypt (
}
NSS_IMPLEMENT NSSItem *
-NSSUserCertificate_Sign (
- NSSUserCertificate *uc,
+NSSUserCert_Sign (
+ NSSUserCert *uc,
const NSSAlgNParam *apOpt,
NSSItem *data,
NSSTime time,
@@ -1606,8 +1606,8 @@ NSSUserCertificate_Sign (
}
NSS_IMPLEMENT NSSItem *
-NSSUserCertificate_SignRecover (
- NSSUserCertificate *uc,
+NSSUserCert_SignRecover (
+ NSSUserCert *uc,
const NSSAlgNParam *apOpt,
NSSItem *data,
NSSTime time,
@@ -1622,9 +1622,9 @@ NSSUserCertificate_SignRecover (
return NULL;
}
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSUserCertificate_UnwrapSymmetricKey (
- NSSUserCertificate *uc,
+NSS_IMPLEMENT NSSSymKey *
+NSSUserCert_UnwrapSymKey (
+ NSSUserCert *uc,
const NSSAlgNParam *apOpt,
NSSItem *wrappedKey,
NSSTime time,
@@ -1639,10 +1639,10 @@ NSSUserCertificate_UnwrapSymmetricKey (
return NULL;
}
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSUserCertificate_DeriveSymmetricKey (
- NSSUserCertificate *uc, /* provides private key */
- NSSCertificate *c, /* provides public key */
+NSS_IMPLEMENT NSSSymKey *
+NSSUserCert_DeriveSymKey (
+ NSSUserCert *uc, /* provides private key */
+ NSSCert *c, /* provides public key */
const NSSAlgNParam *apOpt,
NSSOID *target,
PRUint32 keySizeOpt, /* zero for best allowed */
@@ -1742,7 +1742,7 @@ nssTrust_Destroy (
struct nssSMIMEProfileStr
{
nssPKIObject object;
- NSSCertificate *certificate;
+ NSSCert *certificate;
NSSASCII7 *email;
NSSDER *subject;
NSSItem *profileTime;
@@ -1751,7 +1751,7 @@ struct nssSMIMEProfileStr
NSS_IMPLEMENT nssSMIMEProfile *
nssSMIMEProfile_Create (
- NSSCertificate *cert,
+ NSSCert *cert,
NSSItem *profileTime,
NSSItem *profileData
)
@@ -1760,8 +1760,8 @@ nssSMIMEProfile_Create (
NSSArena *arena;
nssSMIMEProfile *rvProfile;
nssPKIObject *object;
- NSSTrustDomain *td = nssCertificate_GetTrustDomain(cert);
- NSSCryptoContext *cc = nssCertificate_GetCryptoContext(cert);
+ NSSTrustDomain *td = nssCert_GetTrustDomain(cert);
+ NSSCryptoContext *cc = nssCert_GetCryptoContext(cert);
arena = nssArena_Create();
if (!arena) {
return NULL;
diff --git a/security/nss/lib/pki/cryptocontext.c b/security/nss/lib/pki/cryptocontext.c
index 72ccd8a55..fd0af5e6b 100644
--- a/security/nss/lib/pki/cryptocontext.c
+++ b/security/nss/lib/pki/cryptocontext.c
@@ -71,10 +71,10 @@ struct NSSCryptoContextStr
nssCryptokiObject *key; /* key used for crypto */
nssCryptokiObject *bkey; /* public key of user cert */
union {
- NSSSymmetricKey *mkey;
+ NSSSymKey *mkey;
NSSPublicKey *bkey;
NSSPrivateKey *vkey;
- NSSCertificate *cert;
+ NSSCert *cert;
} u; /* the distinguished object */
pki_object_type which;
};
@@ -116,19 +116,19 @@ nssCryptoContext_Create (
}
NSS_IMPLEMENT NSSCryptoContext *
-nssCryptoContext_CreateForSymmetricKey (
- NSSSymmetricKey *mkey,
+nssCryptoContext_CreateForSymKey (
+ NSSSymKey *mkey,
const NSSAlgNParam *apOpt,
NSSCallback *uhhOpt
)
{
NSSCryptoContext *rvCC;
- NSSTrustDomain *td = nssSymmetricKey_GetTrustDomain(mkey, NULL);
+ NSSTrustDomain *td = nssSymKey_GetTrustDomain(mkey, NULL);
rvCC = nssCryptoContext_Create(td, apOpt, uhhOpt);
if (rvCC) {
rvCC->which = a_symkey;
- rvCC->u.mkey = nssSymmetricKey_AddRef(mkey);
+ rvCC->u.mkey = nssSymKey_AddRef(mkey);
}
return rvCC;
}
@@ -140,10 +140,10 @@ nssCryptoContext_Destroy (
{
PRStatus status = PR_SUCCESS;
switch (cc->which) {
- case a_cert: nssCertificate_Destroy(cc->u.cert); break;
+ case a_cert: nssCert_Destroy(cc->u.cert); break;
case a_pubkey: nssPublicKey_Destroy(cc->u.bkey); break;
case a_privkey: nssPrivateKey_Destroy(cc->u.vkey); break;
- case a_symkey: nssSymmetricKey_Destroy(cc->u.mkey); break;
+ case a_symkey: nssSymKey_Destroy(cc->u.mkey); break;
default: break;
}
if (cc->key) {
@@ -282,7 +282,7 @@ prepare_context_symmetric_key (
/* and the token can do the operation */
if (!cc->key) {
/* get a key instance from it */
- cc->key = nssSymmetricKey_GetInstance(cc->u.mkey, cc->token);
+ cc->key = nssSymKey_GetInstance(cc->u.mkey, cc->token);
} /* else we already have a key instance */
} else {
/* the token can't do the math, so this context won't work */
@@ -290,7 +290,7 @@ prepare_context_symmetric_key (
}
} else {
/* find an instance of the key that will do the operation */
- cc->key = nssSymmetricKey_FindInstanceForAlgorithm(cc->u.mkey, cc->ap);
+ cc->key = nssSymKey_FindInstanceForAlgorithm(cc->u.mkey, cc->ap);
if (cc->key) {
/* okay, now we know what token to use */
cc->token = nssToken_AddRef(cc->key->token);
@@ -307,7 +307,7 @@ prepare_context_symmetric_key (
* the token, copy it there as a temp (session) object
*/
if (!cc->key) {
- cc->key = nssSymmetricKey_CopyToToken(cc->u.mkey, cc->token,
+ cc->key = nssSymKey_CopyToToken(cc->u.mkey, cc->token,
PR_FALSE);
if (!cc->key) {
goto loser;
@@ -335,7 +335,7 @@ prepare_context_private_key (
NSSPrivateKey *vkey = NULL;
if (cc->which == a_cert) {
/* try to get the key from the cert */
- vkey = nssCertificate_FindPrivateKey(cc->u.cert, cc->callback);
+ vkey = nssCert_FindPrivateKey(cc->u.cert, cc->callback);
if (!vkey) {
goto loser;
}
@@ -410,7 +410,7 @@ prepare_context_public_key (
NSSPublicKey *bkey = NULL;
if (cc->which == a_cert) {
/* try to get the key from the cert */
- bkey = nssCertificate_GetPublicKey(cc->u.cert);
+ bkey = nssCert_GetPublicKey(cc->u.cert);
if (!bkey) {
goto loser;
}
@@ -891,8 +891,8 @@ NSSCryptoContext_SignRecover (
}
#if 0
-NSS_IMPLEMENT NSSSymmetricKey *
-nssCryptoContext_UnwrapSymmetricKey (
+NSS_IMPLEMENT NSSSymKey *
+nssCryptoContext_UnwrapSymKey (
NSSCryptoContext *cc,
const NSSAlgNParam *apOpt,
NSSItem *wrappedKey,
@@ -904,11 +904,11 @@ nssCryptoContext_UnwrapSymmetricKey (
const NSSAlgNParam *ap = apOpt ? apOpt : cc->ap;
if (!ap) {
nss_SetError(NSS_ERROR_INVALID_CRYPTO_CONTEXT);
- return (NSSSymmetricKey *)NULL;
+ return (NSSSymKey *)NULL;
}
/* set up the private key */
if (prepare_context_private_key(cc, ap) == PR_FAILURE) {
- return (NSSSymmetricKey *)NULL;
+ return (NSSSymKey *)NULL;
}
/* do the unwrap */
cc->mko = nssToken_UnwrapKey(cc->token, cc->session, ap, cc->vko,
@@ -921,12 +921,12 @@ nssCryptoContext_UnwrapSymmetricKey (
if (!pkio) {
goto loser;
}
- cc->mk = nssSymmetricKey_Create(pkio);
+ cc->mk = nssSymKey_Create(pkio);
if (!cc->mk) {
nssPKIObject_Destroy(pkio);
goto loser;
}
- return nssSymmetricKey_AddRef(cc->mk);
+ return nssSymKey_AddRef(cc->mk);
}
loser:
if (cc->mko) {
@@ -934,11 +934,11 @@ loser:
cc->mko = NULL;
}
nss_SetError(NSS_ERROR_INVALID_CRYPTO_CONTEXT);
- return (NSSSymmetricKey *)NULL;
+ return (NSSSymKey *)NULL;
}
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSCryptoContext_UnwrapSymmetricKey (
+NSS_IMPLEMENT NSSSymKey *
+NSSCryptoContext_UnwrapSymKey (
NSSCryptoContext *cc,
const NSSAlgNParam *apOpt,
NSSItem *wrappedKey,
@@ -949,9 +949,9 @@ NSSCryptoContext_UnwrapSymmetricKey (
{
if (!cc->vk && !cc->cert) {
nss_SetError(NSS_ERROR_INVALID_CRYPTO_CONTEXT);
- return (NSSSymmetricKey *)NULL;
+ return (NSSSymKey *)NULL;
}
- return nssCryptoContext_UnwrapSymmetricKey(cc, apOpt,
+ return nssCryptoContext_UnwrapSymKey(cc, apOpt,
wrappedKey, uhhOpt,
operations, properties);
}
@@ -1115,10 +1115,10 @@ NSSCryptoContext_VerifyRecover (
#if 0
NSS_IMPLEMENT NSSItem *
-nssCryptoContext_WrapSymmetricKey (
+nssCryptoContext_WrapSymKey (
NSSCryptoContext *cc,
const NSSAlgNParam *apOpt,
- NSSSymmetricKey *keyToWrap,
+ NSSSymKey *keyToWrap,
NSSCallback *uhhOpt,
NSSItem *rvOpt,
NSSArena *arenaOpt
@@ -1130,7 +1130,7 @@ nssCryptoContext_WrapSymmetricKey (
return (NSSItem *)NULL;
}
/* set the context's symkey to the key to wrap */
- cc->mk = nssSymmetricKey_AddRef(keyToWrap);
+ cc->mk = nssSymKey_AddRef(keyToWrap);
/* initialize the context with the symkey first */
if (prepare_context_symmetric_key(cc, ap) == PR_FAILURE) {
/* didn't find a token that could do the operation */
@@ -1147,10 +1147,10 @@ nssCryptoContext_WrapSymmetricKey (
}
NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_WrapSymmetricKey (
+NSSCryptoContext_WrapSymKey (
NSSCryptoContext *cc,
const NSSAlgNParam *apOpt,
- NSSSymmetricKey *keyToWrap,
+ NSSSymKey *keyToWrap,
NSSCallback *uhhOpt,
NSSItem *rvOpt,
NSSArena *arenaOpt
@@ -1160,7 +1160,7 @@ NSSCryptoContext_WrapSymmetricKey (
nss_SetError(NSS_ERROR_INVALID_CRYPTO_CONTEXT);
return (NSSItem *)NULL;
}
- return nssCryptoContext_WrapSymmetricKey(cc, apOpt, keyToWrap,
+ return nssCryptoContext_WrapSymKey(cc, apOpt, keyToWrap,
uhhOpt, rvOpt, arenaOpt);
}
#endif
diff --git a/security/nss/lib/pki/nsspki.h b/security/nss/lib/pki/nsspki.h
index 519fdeaba..63995a112 100644
--- a/security/nss/lib/pki/nsspki.h
+++ b/security/nss/lib/pki/nsspki.h
@@ -105,7 +105,7 @@ PR_BEGIN_EXTERN_C
*/
/*
- * NSSCertificate
+ * NSSCert
*
* These things can do crypto ops like public keys, except that the trust,
* usage, and other constraints are checked. These objects are "high-level,"
@@ -115,18 +115,18 @@ PR_BEGIN_EXTERN_C
*/
/*
- * NSSCertificate_Destroy
+ * NSSCert_Destroy
*
* Free a pointer to a certificate object.
*/
NSS_EXTERN PRStatus
-NSSCertificate_Destroy (
- NSSCertificate *c
+NSSCert_Destroy (
+ NSSCert *c
);
/*
- * NSSCertificate_DeleteStoredObject
+ * NSSCert_DeleteStoredObject
*
* Permanently remove this certificate from storage. If this is the
* only (remaining) certificate corresponding to a private key,
@@ -135,31 +135,31 @@ NSSCertificate_Destroy (
*/
NSS_EXTERN PRStatus
-NSSCertificate_DeleteStoredObject (
- NSSCertificate *c,
+NSSCert_DeleteStoredObject (
+ NSSCert *c,
NSSCallback *uhh
);
/*
- * NSSCertificate_Validate
+ * NSSCert_Validate
*
* Verify that this certificate is trusted, for the specified usage(s),
* at the specified time, {word word} the specified policies.
*/
NSS_EXTERN PRStatus
-NSSCertificate_Validate (
- NSSCertificate *c,
+NSSCert_Validate (
+ NSSCert *c,
NSSTime time,
NSSUsages *usages,
NSSPolicies *policiesOpt /* NULL for none */
);
/*
- * NSSCertificate_ValidateCompletely
+ * NSSCert_ValidateCompletely
*
* Verify that this certificate is trusted. The difference between
- * this and the previous call is that NSSCertificate_Validate merely
+ * this and the previous call is that NSSCert_Validate merely
* returns success or failure with an appropriate error stack.
* However, there may be (and often are) multiple problems with a
* certificate. This routine returns an array of errors, specifying
@@ -173,8 +173,8 @@ NSSCertificate_Validate (
*/
NSS_EXTERN void ** /* void *[] */
-NSSCertificate_ValidateCompletely (
- NSSCertificate *c,
+NSSCert_ValidateCompletely (
+ NSSCert *c,
NSSTime time, /* NULL for "now" */
NSSUsages *usages,
NSSPolicies *policiesOpt, /* NULL for none */
@@ -184,14 +184,14 @@ NSSCertificate_ValidateCompletely (
);
/*
- * NSSCertificate_ValidateAndDiscoverUsagesAndPolicies
+ * NSSCert_ValidateAndDiscoverUsagesAndPolicies
*
* Returns PR_SUCCESS if the certificate is valid for at least something.
*/
NSS_EXTERN PRStatus
-NSSCertificate_ValidateAndDiscoverUsagesAndPolicies (
- NSSCertificate *c,
+NSSCert_ValidateAndDiscoverUsagesAndPolicies (
+ NSSCert *c,
NSSTime **notBeforeOutOpt,
NSSTime **notAfterOutOpt,
void *allowedUsages,
@@ -203,33 +203,33 @@ NSSCertificate_ValidateAndDiscoverUsagesAndPolicies (
);
NSS_EXTERN NSSUsages *
-NSSCertificate_GetTrustedUsages (
- NSSCertificate *c,
+NSSCert_GetTrustedUsages (
+ NSSCert *c,
NSSUsages *usagesOpt
);
NSS_EXTERN PRStatus
-NSSCertificate_SetTrustedUsages (
- NSSCertificate *c,
+NSSCert_SetTrustedUsages (
+ NSSCert *c,
NSSUsages *usages
);
/*
- * NSSCertificate_Encode
+ * NSSCert_Encode
*
*/
NSS_EXTERN NSSDER *
-NSSCertificate_Encode (
- NSSCertificate *c,
+NSSCert_Encode (
+ NSSCert *c,
NSSDER *rvOpt,
NSSArena *arenaOpt
);
/*
- * NSSCertificate_BuildChain
+ * NSSCert_BuildChain
*
- * This routine returns NSSCertificate *'s for each certificate
+ * This routine returns NSSCert *'s for each certificate
* in the "chain" starting from the specified one up to and
* including the root. The zeroth element in the array is the
* specified ("leaf") certificate.
@@ -242,86 +242,86 @@ NSSCertificate_Encode (
*/
-NSS_EXTERN NSSCertificate **
-NSSCertificate_BuildChain (
- NSSCertificate *c,
+NSS_EXTERN NSSCert **
+NSSCert_BuildChain (
+ NSSCert *c,
NSSTime time,
NSSUsages *usagesOpt,
NSSPolicies *policiesOpt,
- NSSCertificate **rvOpt,
+ NSSCert **rvOpt,
PRUint32 rvLimit, /* zero for no limit */
NSSArena *arenaOpt,
PRStatus *statusOpt
);
/*
- * NSSCertificate_GetTrustDomain
+ * NSSCert_GetTrustDomain
*
*/
NSS_EXTERN NSSTrustDomain *
-NSSCertificate_GetTrustDomain (
- NSSCertificate *c
+NSSCert_GetTrustDomain (
+ NSSCert *c
);
/*
- * NSSCertificate_GetToken
+ * NSSCert_GetToken
*
* There doesn't have to be any.
*/
NSS_EXTERN NSSToken **
-NSSCertificate_GetTokens (
- NSSCertificate *c,
+NSSCert_GetTokens (
+ NSSCert *c,
PRStatus *statusOpt
);
/*
- * NSSCertificate_GetSlot
+ * NSSCert_GetSlot
*
* There doesn't have to be one.
*/
NSS_EXTERN NSSSlot *
-NSSCertificate_GetSlot (
- NSSCertificate *c,
+NSSCert_GetSlot (
+ NSSCert *c,
PRStatus *statusOpt
);
/*
- * NSSCertificate_GetModule
+ * NSSCert_GetModule
*
* There doesn't have to be one.
*/
NSS_EXTERN NSSModule *
-NSSCertificate_GetModule (
- NSSCertificate *c,
+NSSCert_GetModule (
+ NSSCert *c,
PRStatus *statusOpt
);
/* XXX make sure this is right */
NSS_EXTERN void *
-NSSCertificate_GetDecoding (
- NSSCertificate *c
+NSSCert_GetDecoding (
+ NSSCert *c
);
/* XXX make sure this is right */
-NSS_EXTERN NSSCertificateType
-NSSCertificate_GetType (
- NSSCertificate *c
+NSS_EXTERN NSSCertType
+NSSCert_GetType (
+ NSSCert *c
);
/*
- * NSSCertificate_Encrypt
+ * NSSCert_Encrypt
*
* Encrypt a single chunk of data with the public key corresponding to
* this certificate.
*/
NSS_EXTERN NSSItem *
-NSSCertificate_Encrypt (
- NSSCertificate *c,
+NSSCert_Encrypt (
+ NSSCert *c,
const NSSAlgNParam *apOpt,
NSSItem *data,
NSSTime time,
@@ -333,13 +333,13 @@ NSSCertificate_Encrypt (
);
/*
- * NSSCertificate_Verify
+ * NSSCert_Verify
*
*/
NSS_EXTERN PRStatus
-NSSCertificate_Verify (
- NSSCertificate *c,
+NSSCert_Verify (
+ NSSCert *c,
const NSSAlgNParam *apOpt,
NSSItem *data,
NSSItem *signature,
@@ -350,13 +350,13 @@ NSSCertificate_Verify (
);
/*
- * NSSCertificate_VerifyRecover
+ * NSSCert_VerifyRecover
*
*/
NSS_EXTERN NSSItem *
-NSSCertificate_VerifyRecover (
- NSSCertificate *c,
+NSSCert_VerifyRecover (
+ NSSCert *c,
const NSSAlgNParam *apOpt,
NSSItem *signature,
NSSTime time,
@@ -368,7 +368,7 @@ NSSCertificate_VerifyRecover (
);
/*
- * NSSCertificate_WrapSymmetricKey
+ * NSSCert_WrapSymKey
*
* This method tries very hard to to succeed, even in situations
* involving sensitive keys and multiple modules.
@@ -376,10 +376,10 @@ NSSCertificate_VerifyRecover (
*/
NSS_EXTERN NSSItem *
-NSSCertificate_WrapSymmetricKey (
- NSSCertificate *c,
+NSSCert_WrapSymKey (
+ NSSCert *c,
const NSSAlgNParam *ap,
- NSSSymmetricKey *keyToWrap,
+ NSSSymKey *keyToWrap,
NSSTime time,
NSSUsages *usages,
NSSPolicies *policiesOpt,
@@ -389,15 +389,15 @@ NSSCertificate_WrapSymmetricKey (
);
/*
- * NSSCertificate_CreateCryptoContext
+ * NSSCert_CreateCryptoContext
*
* Create a crypto context, in this certificate's trust domain, with this
* as the distinguished certificate.
*/
NSS_EXTERN NSSCryptoContext *
-NSSCertificate_CreateCryptoContext (
- NSSCertificate *c,
+NSSCert_CreateCryptoContext (
+ NSSCert *c,
const NSSAlgNParam *apOpt,
NSSTime time,
NSSUsages *usages,
@@ -406,68 +406,68 @@ NSSCertificate_CreateCryptoContext (
);
/*
- * NSSCertificate_GetPublicKey
+ * NSSCert_GetPublicKey
*
* Returns the public key corresponding to this certificate.
*/
NSS_EXTERN NSSPublicKey *
-NSSCertificate_GetPublicKey (
- NSSCertificate *c
+NSSCert_GetPublicKey (
+ NSSCert *c
);
/*
- * NSSCertificate_FindPrivateKey
+ * NSSCert_FindPrivateKey
*
* Finds and returns the private key corresponding to this certificate,
* if it is available.
*
- * { Should this hang off of NSSUserCertificate? }
+ * { Should this hang off of NSSUserCert? }
*/
NSS_EXTERN NSSPrivateKey *
-NSSCertificate_FindPrivateKey (
- NSSCertificate *c,
+NSSCert_FindPrivateKey (
+ NSSCert *c,
NSSCallback *uhh
);
/*
- * NSSCertificate_IsPrivateKeyAvailable
+ * NSSCert_IsPrivateKeyAvailable
*
* Returns success if the private key corresponding to this certificate
* is available to be used.
*
- * { Should *this* hang off of NSSUserCertificate?? }
+ * { Should *this* hang off of NSSUserCert?? }
*/
NSS_EXTERN PRBool
-NSSCertificate_IsPrivateKeyAvailable (
- NSSCertificate *c,
+NSSCert_IsPrivateKeyAvailable (
+ NSSCert *c,
NSSCallback *uhh,
PRStatus *statusOpt
);
/*
- * If we make NSSUserCertificate not a typedef of NSSCertificate,
+ * If we make NSSUserCert not a typedef of NSSCert,
* then we'll need implementations of the following:
*
- * NSSUserCertificate_Destroy
- * NSSUserCertificate_DeleteStoredObject
- * NSSUserCertificate_Validate
- * NSSUserCertificate_ValidateCompletely
- * NSSUserCertificate_ValidateAndDiscoverUsagesAndPolicies
- * NSSUserCertificate_Encode
- * NSSUserCertificate_BuildChain
- * NSSUserCertificate_GetTrustDomain
- * NSSUserCertificate_GetToken
- * NSSUserCertificate_GetSlot
- * NSSUserCertificate_GetModule
- * NSSUserCertificate_GetCryptoContext
- * NSSUserCertificate_GetPublicKey
+ * NSSUserCert_Destroy
+ * NSSUserCert_DeleteStoredObject
+ * NSSUserCert_Validate
+ * NSSUserCert_ValidateCompletely
+ * NSSUserCert_ValidateAndDiscoverUsagesAndPolicies
+ * NSSUserCert_Encode
+ * NSSUserCert_BuildChain
+ * NSSUserCert_GetTrustDomain
+ * NSSUserCert_GetToken
+ * NSSUserCert_GetSlot
+ * NSSUserCert_GetModule
+ * NSSUserCert_GetCryptoContext
+ * NSSUserCert_GetPublicKey
*/
/*
- * NSSUserCertificate_IsStillPresent
+ * NSSUserCert_IsStillPresent
*
* Verify that if this certificate lives on a token, that the token
* is still present and the certificate still exists. This is a
@@ -477,21 +477,21 @@ NSSCertificate_IsPrivateKeyAvailable (
*/
NSS_EXTERN PRBool
-NSSUserCertificate_IsStillPresent (
- NSSUserCertificate *uc,
+NSSUserCert_IsStillPresent (
+ NSSUserCert *uc,
PRStatus *statusOpt
);
/*
- * NSSUserCertificate_Decrypt
+ * NSSUserCert_Decrypt
*
* Decrypt a single chunk of data with the private key corresponding
* to this certificate.
*/
NSS_EXTERN NSSItem *
-NSSUserCertificate_Decrypt (
- NSSUserCertificate *uc,
+NSSUserCert_Decrypt (
+ NSSUserCert *uc,
const NSSAlgNParam *apOpt,
NSSItem *data,
NSSTime time,
@@ -503,13 +503,13 @@ NSSUserCertificate_Decrypt (
);
/*
- * NSSUserCertificate_Sign
+ * NSSUserCert_Sign
*
*/
NSS_EXTERN NSSItem *
-NSSUserCertificate_Sign (
- NSSUserCertificate *uc,
+NSSUserCert_Sign (
+ NSSUserCert *uc,
const NSSAlgNParam *apOpt,
NSSItem *data,
NSSTime time,
@@ -521,13 +521,13 @@ NSSUserCertificate_Sign (
);
/*
- * NSSUserCertificate_SignRecover
+ * NSSUserCert_SignRecover
*
*/
NSS_EXTERN NSSItem *
-NSSUserCertificate_SignRecover (
- NSSUserCertificate *uc,
+NSSUserCert_SignRecover (
+ NSSUserCert *uc,
const NSSAlgNParam *apOpt,
NSSItem *data,
NSSTime time,
@@ -539,13 +539,13 @@ NSSUserCertificate_SignRecover (
);
/*
- * NSSUserCertificate_UnwrapSymmetricKey
+ * NSSUserCert_UnwrapSymKey
*
*/
-NSS_EXTERN NSSSymmetricKey *
-NSSUserCertificate_UnwrapSymmetricKey (
- NSSUserCertificate *uc,
+NSS_EXTERN NSSSymKey *
+NSSUserCert_UnwrapSymKey (
+ NSSUserCert *uc,
const NSSAlgNParam *apOpt,
NSSItem *wrappedKey,
NSSTime time,
@@ -557,14 +557,14 @@ NSSUserCertificate_UnwrapSymmetricKey (
);
/*
- * NSSUserCertificate_DeriveSymmetricKey
+ * NSSUserCert_DeriveSymKey
*
*/
-NSS_EXTERN NSSSymmetricKey *
-NSSUserCertificate_DeriveSymmetricKey (
- NSSUserCertificate *uc, /* provides private key */
- NSSCertificate *c, /* provides public key */
+NSS_EXTERN NSSSymKey *
+NSSUserCert_DeriveSymKey (
+ NSSUserCert *uc, /* provides private key */
+ NSSCert *c, /* provides public key */
const NSSAlgNParam *apOpt,
NSSOID *target,
PRUint32 keySizeOpt, /* zero for best allowed */
@@ -746,12 +746,12 @@ NSSPrivateKey_SignRecover (
);
/*
- * NSSPrivateKey_UnwrapSymmetricKey
+ * NSSPrivateKey_UnwrapSymKey
*
*/
-NSS_EXTERN NSSSymmetricKey *
-NSSPrivateKey_UnwrapSymmetricKey (
+NSS_EXTERN NSSSymKey *
+NSSPrivateKey_UnwrapSymKey (
NSSPrivateKey *vk,
const NSSAlgNParam *apOpt,
NSSItem *wrappedKey,
@@ -759,12 +759,12 @@ NSSPrivateKey_UnwrapSymmetricKey (
);
/*
- * NSSPrivateKey_DeriveSymmetricKey
+ * NSSPrivateKey_DeriveSymKey
*
*/
-NSS_EXTERN NSSSymmetricKey *
-NSSPrivateKey_DeriveSymmetricKey (
+NSS_EXTERN NSSSymKey *
+NSSPrivateKey_DeriveSymKey (
NSSPrivateKey *vk,
NSSPublicKey *bk,
const NSSAlgNParam *apOpt,
@@ -800,30 +800,30 @@ NSSPrivateKey_CreateCryptoContext (
);
/*
- * NSSPrivateKey_FindCertificates
+ * NSSPrivateKey_FindCerts
*
* Note that there may be more than one certificate for this
- * private key. { FilterCertificates function to further
+ * private key. { FilterCerts function to further
* reduce the list. }
*/
-NSS_EXTERN NSSCertificate **
-NSSPrivateKey_FindCertificates (
+NSS_EXTERN NSSCert **
+NSSPrivateKey_FindCerts (
NSSPrivateKey *vk,
- NSSCertificate *rvOpt[],
+ NSSCert *rvOpt[],
PRUint32 maximumOpt, /* 0 for no max */
NSSArena *arenaOpt
);
/*
- * NSSPrivateKey_FindBestCertificate
+ * NSSPrivateKey_FindBestCert
*
* The parameters for this function will depend on what the users
* need. This is just a starting point.
*/
-NSS_EXTERN NSSCertificate *
-NSSPrivateKey_FindBestCertificate (
+NSS_EXTERN NSSCert *
+NSSPrivateKey_FindBestCert (
NSSPrivateKey *vk,
NSSTime time,
NSSUsages *usagesOpt,
@@ -972,15 +972,15 @@ NSSPublicKey_VerifyRecover (
);
/*
- * NSSPublicKey_WrapSymmetricKey
+ * NSSPublicKey_WrapSymKey
*
*/
NSS_EXTERN NSSItem *
-NSSPublicKey_WrapSymmetricKey (
+NSSPublicKey_WrapSymKey (
NSSPublicKey *bk,
const NSSAlgNParam *ap,
- NSSSymmetricKey *keyToWrap,
+ NSSSymKey *keyToWrap,
NSSCallback *uhh,
NSSItem *rvOpt,
NSSArena *arenaOpt
@@ -1001,33 +1001,33 @@ NSSPublicKey_CreateCryptoContext (
);
/*
- * NSSPublicKey_FindCertificates
+ * NSSPublicKey_FindCerts
*
* Note that there may be more than one certificate for this
* public key. The current implementation may not find every
* last certificate available for this public key: that would
* involve trolling e.g. huge ldap databases, which will be
* grossly inefficient and not generally useful.
- * { FilterCertificates function to further reduce the list }
+ * { FilterCerts function to further reduce the list }
*/
-NSS_EXTERN NSSCertificate **
-NSSPublicKey_FindCertificates (
+NSS_EXTERN NSSCert **
+NSSPublicKey_FindCerts (
NSSPublicKey *bk,
- NSSCertificate *rvOpt[],
+ NSSCert *rvOpt[],
PRUint32 maximumOpt, /* 0 for no max */
NSSArena *arenaOpt
);
/*
- * NSSPrivateKey_FindBestCertificate
+ * NSSPrivateKey_FindBestCert
*
* The parameters for this function will depend on what the users
* need. This is just a starting point.
*/
-NSS_EXTERN NSSCertificate *
-NSSPublicKey_FindBestCertificate (
+NSS_EXTERN NSSCert *
+NSSPublicKey_FindBestCert (
NSSPublicKey *bk,
NSSTime time,
NSSUsages *usagesOpt,
@@ -1046,119 +1046,119 @@ NSSPublicKey_FindPrivateKey (
);
/*
- * NSSSymmetricKey
+ * NSSSymKey
*
*/
/*
- * NSSSymmetricKey_Destroy
+ * NSSSymKey_Destroy
*
* Free a pointer to a symmetric key object.
*/
NSS_EXTERN PRStatus
-NSSSymmetricKey_Destroy (
- NSSSymmetricKey *mk
+NSSSymKey_Destroy (
+ NSSSymKey *mk
);
/*
- * NSSSymmetricKey_DeleteStoredObject
+ * NSSSymKey_DeleteStoredObject
*
* Permanently remove this object.
*/
NSS_EXTERN PRStatus
-NSSSymmetricKey_DeleteStoredObject (
- NSSSymmetricKey *mk,
+NSSSymKey_DeleteStoredObject (
+ NSSSymKey *mk,
NSSCallback *uhh
);
/*
- * NSSSymmetricKey_GetKeyLength
+ * NSSSymKey_GetKeyLength
*
*/
NSS_EXTERN PRUint32
-NSSSymmetricKey_GetKeyLength (
- NSSSymmetricKey *mk
+NSSSymKey_GetKeyLength (
+ NSSSymKey *mk
);
/*
- * NSSSymmetricKey_GetKeyStrength
+ * NSSSymKey_GetKeyStrength
*
*/
NSS_EXTERN PRUint32
-NSSSymmetricKey_GetKeyStrength (
- NSSSymmetricKey *mk
+NSSSymKey_GetKeyStrength (
+ NSSSymKey *mk
);
/*
- * NSSSymmetricKey_IsStillPresent
+ * NSSSymKey_IsStillPresent
*
*/
NSS_EXTERN PRStatus
-NSSSymmetricKey_IsStillPresent (
- NSSSymmetricKey *mk
+NSSSymKey_IsStillPresent (
+ NSSSymKey *mk
);
/*
- * NSSSymmetricKey_GetTrustDomain
+ * NSSSymKey_GetTrustDomain
*
* There doesn't have to be one.
*/
NSS_EXTERN NSSTrustDomain *
-NSSSymmetricKey_GetTrustDomain (
- NSSSymmetricKey *mk,
+NSSSymKey_GetTrustDomain (
+ NSSSymKey *mk,
PRStatus *statusOpt
);
/*
- * NSSSymmetricKey_GetToken
+ * NSSSymKey_GetToken
*
* There doesn't have to be one.
*/
NSS_EXTERN NSSToken *
-NSSSymmetricKey_GetToken (
- NSSSymmetricKey *mk,
+NSSSymKey_GetToken (
+ NSSSymKey *mk,
PRStatus *statusOpt
);
/*
- * NSSSymmetricKey_GetSlot
+ * NSSSymKey_GetSlot
*
* There doesn't have to be one.
*/
NSS_EXTERN NSSSlot *
-NSSSymmetricKey_GetSlot (
- NSSSymmetricKey *mk,
+NSSSymKey_GetSlot (
+ NSSSymKey *mk,
PRStatus *statusOpt
);
/*
- * NSSSymmetricKey_GetModule
+ * NSSSymKey_GetModule
*
* There doesn't have to be one.
*/
NSS_EXTERN NSSModule *
-NSSSymmetricKey_GetModule (
- NSSSymmetricKey *mk,
+NSSSymKey_GetModule (
+ NSSSymKey *mk,
PRStatus *statusOpt
);
/*
- * NSSSymmetricKey_Encrypt
+ * NSSSymKey_Encrypt
*
*/
NSS_EXTERN NSSItem *
-NSSSymmetricKey_Encrypt (
- NSSSymmetricKey *mk,
+NSSSymKey_Encrypt (
+ NSSSymKey *mk,
const NSSAlgNParam *ap,
NSSItem *data,
NSSCallback *uhh,
@@ -1167,13 +1167,13 @@ NSSSymmetricKey_Encrypt (
);
/*
- * NSSSymmetricKey_Decrypt
+ * NSSSymKey_Decrypt
*
*/
NSS_EXTERN NSSItem *
-NSSSymmetricKey_Decrypt (
- NSSSymmetricKey *mk,
+NSSSymKey_Decrypt (
+ NSSSymKey *mk,
const NSSAlgNParam *ap,
NSSItem *encryptedData,
NSSCallback *uhh,
@@ -1182,13 +1182,13 @@ NSSSymmetricKey_Decrypt (
);
/*
- * NSSSymmetricKey_Sign
+ * NSSSymKey_Sign
*
*/
NSS_EXTERN NSSItem *
-NSSSymmetricKey_Sign (
- NSSSymmetricKey *mk,
+NSSSymKey_Sign (
+ NSSSymKey *mk,
const NSSAlgNParam *ap,
NSSItem *data,
NSSCallback *uhh,
@@ -1197,13 +1197,13 @@ NSSSymmetricKey_Sign (
);
/*
- * NSSSymmetricKey_Verify
+ * NSSSymKey_Verify
*
*/
NSS_EXTERN PRStatus
-NSSSymmetricKey_Verify (
- NSSSymmetricKey *mk,
+NSSSymKey_Verify (
+ NSSSymKey *mk,
const NSSAlgNParam *ap,
NSSItem *data,
NSSItem *signature,
@@ -1211,28 +1211,28 @@ NSSSymmetricKey_Verify (
);
/*
- * NSSSymmetricKey_WrapSymmetricKey
+ * NSSSymKey_WrapSymKey
*
*/
NSS_EXTERN NSSItem *
-NSSSymmetricKey_WrapSymmetricKey (
- NSSSymmetricKey *wrappingKey,
+NSSSymKey_WrapSymKey (
+ NSSSymKey *wrappingKey,
const NSSAlgNParam *ap,
- NSSSymmetricKey *keyToWrap,
+ NSSSymKey *keyToWrap,
NSSCallback *uhh,
NSSItem *rvOpt,
NSSArena *arenaOpt
);
/*
- * NSSSymmetricKey_WrapPrivateKey
+ * NSSSymKey_WrapPrivateKey
*
*/
NSS_EXTERN NSSItem *
-NSSSymmetricKey_WrapPrivateKey (
- NSSSymmetricKey *wrappingKey,
+NSSSymKey_WrapPrivateKey (
+ NSSSymKey *wrappingKey,
const NSSAlgNParam *ap,
NSSPrivateKey *keyToWrap,
NSSCallback *uhh,
@@ -1241,13 +1241,13 @@ NSSSymmetricKey_WrapPrivateKey (
);
/*
- * NSSSymmetricKey_UnwrapSymmetricKey
+ * NSSSymKey_UnwrapSymKey
*
*/
-NSS_EXTERN NSSSymmetricKey *
-NSSSymmetricKey_UnwrapSymmetricKey (
- NSSSymmetricKey *wrappingKey,
+NSS_EXTERN NSSSymKey *
+NSSSymKey_UnwrapSymKey (
+ NSSSymKey *wrappingKey,
const NSSAlgNParam *ap,
NSSItem *wrappedKey,
NSSOID *target,
@@ -1257,13 +1257,13 @@ NSSSymmetricKey_UnwrapSymmetricKey (
);
/*
- * NSSSymmetricKey_UnwrapPrivateKey
+ * NSSSymKey_UnwrapPrivateKey
*
*/
NSS_EXTERN NSSPrivateKey *
-NSSSymmetricKey_UnwrapPrivateKey (
- NSSSymmetricKey *wrappingKey,
+NSSSymKey_UnwrapPrivateKey (
+ NSSSymKey *wrappingKey,
const NSSAlgNParam *ap,
NSSItem *wrappedKey,
NSSUTF8 *labelOpt,
@@ -1275,30 +1275,30 @@ NSSSymmetricKey_UnwrapPrivateKey (
);
/*
- * NSSSymmetricKey_DeriveSymmetricKey
+ * NSSSymKey_DeriveSymKey
*
*/
-NSS_EXTERN NSSSymmetricKey *
-NSSSymmetricKey_DeriveSymmetricKey (
- NSSSymmetricKey *originalKey,
+NSS_EXTERN NSSSymKey *
+NSSSymKey_DeriveSymKey (
+ NSSSymKey *originalKey,
const NSSAlgNParam *ap,
- NSSSymmetricKeyType target,
+ NSSSymKeyType target,
PRUint32 keySizeOpt,
NSSOperations operations,
NSSCallback *uhh
);
/*
- * NSSSymmetricKey_CreateCryptoContext
+ * NSSSymKey_CreateCryptoContext
*
* Create a crypto context, in this key's trust domain,
* with this as the distinguished symmetric key.
*/
NSS_EXTERN NSSCryptoContext *
-NSSSymmetricKey_CreateCryptoContext (
- NSSSymmetricKey *mk,
+NSSSymKey_CreateCryptoContext (
+ NSSSymKey *mk,
const NSSAlgNParam *apOpt,
NSSCallback *uhh
);
@@ -1526,39 +1526,39 @@ NSSTrustDomain_Logout (
/* Importing things */
/*
- * NSSTrustDomain_ImportCertificate
+ * NSSTrustDomain_ImportCert
*
* The implementation will pull some data out of the certificate
* (e.g. e-mail address) for use in pkcs#11 object attributes.
*/
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_ImportCertificate (
+NSS_EXTERN NSSCert *
+NSSTrustDomain_ImportCert (
NSSTrustDomain *td,
- NSSCertificate *c,
+ NSSCert *c,
NSSToken *destinationOpt
);
/*
- * NSSTrustDomain_ImportPKIXCertificate
+ * NSSTrustDomain_ImportPKIXCert
*
*/
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_ImportPKIXCertificate (
+NSS_EXTERN NSSCert *
+NSSTrustDomain_ImportPKIXCert (
NSSTrustDomain *td,
/* declared as a struct until these "data types" are defined */
- struct NSSPKIXCertificateStr *pc
+ struct NSSPKIXCertStr *pc
);
/*
- * NSSTrustDomain_ImportEncodedCertificate
+ * NSSTrustDomain_ImportEncodedCert
*
* Imports any type of certificate we support.
*/
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_ImportEncodedCertificate (
+NSS_EXTERN NSSCert *
+NSSTrustDomain_ImportEncodedCert (
NSSTrustDomain *td,
NSSBER *ber,
NSSToken *destinationOpt,
@@ -1566,16 +1566,16 @@ NSSTrustDomain_ImportEncodedCertificate (
);
/*
- * NSSTrustDomain_ImportEncodedCertificateChain
+ * NSSTrustDomain_ImportEncodedCertChain
*
* If you just want the leaf, pass in a maximum of one.
*/
-NSS_EXTERN NSSCertificate **
-NSSTrustDomain_ImportEncodedCertificateChain (
+NSS_EXTERN NSSCert **
+NSSTrustDomain_ImportEncodedCertChain (
NSSTrustDomain *td,
NSSBER *ber,
- NSSCertificate *rvOpt[],
+ NSSCert *rvOpt[],
PRUint32 maximumOpt, /* 0 for no max */
NSSArena *arenaOpt,
NSSToken *destinationOpt
@@ -1620,12 +1620,12 @@ NSSTrustDomain_ImportEncodedCRL (
/* Other importations: S/MIME capabilities */
/*
- * NSSTrustDomain_FindBestCertificateByNickname
+ * NSSTrustDomain_FindBestCertByNickname
*
*/
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_FindBestCertificateByNickname (
+NSS_EXTERN NSSCert *
+NSSTrustDomain_FindBestCertByNickname (
NSSTrustDomain *td,
NSSUTF8 *name,
NSSTime time,
@@ -1634,33 +1634,33 @@ NSSTrustDomain_FindBestCertificateByNickname (
);
/*
- * NSSTrustDomain_FindCertificatesByNickname
+ * NSSTrustDomain_FindCertsByNickname
*
*/
-NSS_EXTERN NSSCertificate **
-NSSTrustDomain_FindCertificatesByNickname (
+NSS_EXTERN NSSCert **
+NSSTrustDomain_FindCertsByNickname (
NSSTrustDomain *td,
NSSUTF8 *name,
- NSSCertificate *rvOpt[],
+ NSSCert *rvOpt[],
PRUint32 maximumOpt, /* 0 for no max */
NSSArena *arenaOpt
);
/*
- * NSSTrustDomain_FindCertificateByIssuerAndSerialNumber
+ * NSSTrustDomain_FindCertByIssuerAndSerialNumber
*
*/
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_FindCertificateByIssuerAndSerialNumber (
+NSS_EXTERN NSSCert *
+NSSTrustDomain_FindCertByIssuerAndSerialNumber (
NSSTrustDomain *td,
NSSDER *issuer,
NSSDER *serialNumber
);
/*
- * NSSTrustDomain_FindCertificatesByIssuerAndSerialNumber
+ * NSSTrustDomain_FindCertsByIssuerAndSerialNumber
*
* Theoretically, this should never happen. However, some companies
* we know have issued duplicate certificates with the same issuer
@@ -1668,13 +1668,13 @@ NSSTrustDomain_FindCertificateByIssuerAndSerialNumber (
*/
/*
- * NSSTrustDomain_FindBestCertificateBySubject
+ * NSSTrustDomain_FindBestCertBySubject
*
* This does not search through alternate names hidden in extensions.
*/
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_FindBestCertificateBySubject (
+NSS_EXTERN NSSCert *
+NSSTrustDomain_FindBestCertBySubject (
NSSTrustDomain *td,
NSSDER *subject,
NSSTime time,
@@ -1683,22 +1683,22 @@ NSSTrustDomain_FindBestCertificateBySubject (
);
/*
- * NSSTrustDomain_FindCertificatesBySubject
+ * NSSTrustDomain_FindCertsBySubject
*
* This does not search through alternate names hidden in extensions.
*/
-NSS_EXTERN NSSCertificate **
-NSSTrustDomain_FindCertificatesBySubject (
+NSS_EXTERN NSSCert **
+NSSTrustDomain_FindCertsBySubject (
NSSTrustDomain *td,
NSSDER *subject,
- NSSCertificate *rvOpt[],
+ NSSCert *rvOpt[],
PRUint32 maximumOpt, /* 0 for no max */
NSSArena *arenaOpt
);
/*
- * NSSTrustDomain_FindBestCertificateByNameComponents
+ * NSSTrustDomain_FindBestCertByNameComponents
*
* This call does try several tricks, including a pseudo pkcs#11
* attribute for the ldap module to try as a query. Eventually
@@ -1706,8 +1706,8 @@ NSSTrustDomain_FindCertificatesBySubject (
* It will search through alternate names hidden in extensions.
*/
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_FindBestCertificateByNameComponents (
+NSS_EXTERN NSSCert *
+NSSTrustDomain_FindBestCertByNameComponents (
NSSTrustDomain *td,
NSSUTF8 *nameComponents,
NSSTime time,
@@ -1716,40 +1716,40 @@ NSSTrustDomain_FindBestCertificateByNameComponents (
);
/*
- * NSSTrustDomain_FindCertificatesByNameComponents
+ * NSSTrustDomain_FindCertsByNameComponents
*
* This call, too, tries several tricks. It will stop on the first
* attempt that generates results, so it won't e.g. traverse the
* entire ldap database.
*/
-NSS_EXTERN NSSCertificate **
-NSSTrustDomain_FindCertificatesByNameComponents (
+NSS_EXTERN NSSCert **
+NSSTrustDomain_FindCertsByNameComponents (
NSSTrustDomain *td,
NSSUTF8 *nameComponents,
- NSSCertificate *rvOpt[],
+ NSSCert *rvOpt[],
PRUint32 maximumOpt, /* 0 for no max */
NSSArena *arenaOpt
);
/*
- * NSSTrustDomain_FindCertificateByEncodedCertificate
+ * NSSTrustDomain_FindCertByEncodedCert
*
*/
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_FindCertificateByEncodedCertificate (
+NSS_EXTERN NSSCert *
+NSSTrustDomain_FindCertByEncodedCert (
NSSTrustDomain *td,
- NSSBER *encodedCertificate
+ NSSBER *encodedCert
);
/*
- * NSSTrustDomain_FindBestCertificateByEmail
+ * NSSTrustDomain_FindBestCertByEmail
*
*/
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_FindBestCertificateByEmail (
+NSS_EXTERN NSSCert *
+NSSTrustDomain_FindBestCertByEmail (
NSSTrustDomain *td,
NSSASCII7 *email,
NSSTime time,
@@ -1758,33 +1758,33 @@ NSSTrustDomain_FindBestCertificateByEmail (
);
/*
- * NSSTrustDomain_FindCertificatesByEmail
+ * NSSTrustDomain_FindCertsByEmail
*
*/
-NSS_EXTERN NSSCertificate **
-NSSTrustDomain_FindCertificatesByEmail (
+NSS_EXTERN NSSCert **
+NSSTrustDomain_FindCertsByEmail (
NSSTrustDomain *td,
NSSASCII7 *email,
- NSSCertificate *rvOpt[],
+ NSSCert *rvOpt[],
PRUint32 maximumOpt, /* 0 for no max */
NSSArena *arenaOpt
);
/*
- * NSSTrustDomain_FindCertificateByOCSPHash
+ * NSSTrustDomain_FindCertByOCSPHash
*
* There can be only one.
*/
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_FindCertificateByOCSPHash (
+NSS_EXTERN NSSCert *
+NSSTrustDomain_FindCertByOCSPHash (
NSSTrustDomain *td,
NSSItem *hash
);
/*
- * NSSTrustDomain_TraverseCertificates
+ * NSSTrustDomain_TraverseCerts
*
* This function descends from one in older versions of NSS which
* traverses the certs in the permanent database. That function
@@ -1802,19 +1802,19 @@ NSSTrustDomain_FindCertificateByOCSPHash (
* needed in a "friend" header file?
*/
NSS_EXTERN PRStatus *
-NSSTrustDomain_TraverseCertificates (
+NSSTrustDomain_TraverseCerts (
NSSTrustDomain *td,
- PRStatus (*callback)(NSSCertificate *c, void *arg),
+ PRStatus (*callback)(NSSCert *c, void *arg),
void *arg
);
/*
- * NSSTrustDomain_FindBestUserCertificate
+ * NSSTrustDomain_FindBestUserCert
*
*/
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_FindBestUserCertificate (
+NSS_EXTERN NSSCert *
+NSSTrustDomain_FindBestUserCert (
NSSTrustDomain *td,
NSSTime time,
NSSUsages *usages,
@@ -1822,25 +1822,25 @@ NSSTrustDomain_FindBestUserCertificate (
);
/*
- * NSSTrustDomain_FindUserCertificates
+ * NSSTrustDomain_FindUserCerts
*
*/
-NSS_EXTERN NSSCertificate **
-NSSTrustDomain_FindUserCertificates (
+NSS_EXTERN NSSCert **
+NSSTrustDomain_FindUserCerts (
NSSTrustDomain *td,
- NSSCertificate **rvOpt,
+ NSSCert **rvOpt,
PRUint32 rvLimit, /* zero for no limit */
NSSArena *arenaOpt
);
/*
- * NSSTrustDomain_FindBestUserCertificateForSSLClientAuth
+ * NSSTrustDomain_FindBestUserCertForSSLClientAuth
*
*/
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_FindBestUserCertificateForSSLClientAuth (
+NSS_EXTERN NSSCert *
+NSSTrustDomain_FindBestUserCertForSSLClientAuth (
NSSTrustDomain *td,
NSSUTF8 *sslHostOpt,
NSSDER *rootCAsOpt[], /* null pointer for none */
@@ -1850,30 +1850,30 @@ NSSTrustDomain_FindBestUserCertificateForSSLClientAuth (
);
/*
- * NSSTrustDomain_FindUserCertificatesForSSLClientAuth
+ * NSSTrustDomain_FindUserCertsForSSLClientAuth
*
*/
-NSS_EXTERN NSSCertificate **
-NSSTrustDomain_FindUserCertificatesForSSLClientAuth (
+NSS_EXTERN NSSCert **
+NSSTrustDomain_FindUserCertsForSSLClientAuth (
NSSTrustDomain *td,
NSSUTF8 *sslHostOpt,
NSSDER *rootCAsOpt[], /* null pointer for none */
PRUint32 rootCAsMaxOpt, /* zero means list is null-terminated */
const NSSAlgNParam *apOpt,
NSSPolicies *policiesOpt,
- NSSCertificate **rvOpt,
+ NSSCert **rvOpt,
PRUint32 rvLimit, /* zero for no limit */
NSSArena *arenaOpt
);
/*
- * NSSTrustDomain_FindBestUserCertificateForEmailSigning
+ * NSSTrustDomain_FindBestUserCertForEmailSigning
*
*/
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_FindBestUserCertificateForEmailSigning (
+NSS_EXTERN NSSCert *
+NSSTrustDomain_FindBestUserCertForEmailSigning (
NSSTrustDomain *td,
NSSASCII7 *signerOpt,
NSSASCII7 *recipientOpt,
@@ -1883,25 +1883,25 @@ NSSTrustDomain_FindBestUserCertificateForEmailSigning (
);
/*
- * NSSTrustDomain_FindUserCertificatesForEmailSigning
+ * NSSTrustDomain_FindUserCertsForEmailSigning
*
*/
-NSS_EXTERN NSSCertificate **
-NSSTrustDomain_FindUserCertificatesForEmailSigning (
+NSS_EXTERN NSSCert **
+NSSTrustDomain_FindUserCertsForEmailSigning (
NSSTrustDomain *td,
NSSASCII7 *signerOpt,
NSSASCII7 *recipientOpt,
/* anything more here? */
const NSSAlgNParam *apOpt,
NSSPolicies *policiesOpt,
- NSSCertificate **rvOpt,
+ NSSCert **rvOpt,
PRUint32 rvLimit, /* zero for no limit */
NSSArena *arenaOpt
);
/*
- * Here is where we'd add more Find[Best]UserCertificate[s]For<usage>
+ * Here is where we'd add more Find[Best]UserCert[s]For<usage>
* routines.
*/
@@ -1946,12 +1946,12 @@ NSSTrustDomain_TraversePrivateKeys (
/* Symmetric Keys */
/*
- * NSSTrustDomain_GenerateSymmetricKey
+ * NSSTrustDomain_GenerateSymKey
*
*/
-NSS_EXTERN NSSSymmetricKey *
-NSSTrustDomain_GenerateSymmetricKey (
+NSS_EXTERN NSSSymKey *
+NSSTrustDomain_GenerateSymKey (
NSSTrustDomain *td,
const NSSAlgNParam *ap,
PRUint32 keysize,
@@ -1960,12 +1960,12 @@ NSSTrustDomain_GenerateSymmetricKey (
);
/*
- * NSSTrustDomain_GenerateSymmetricKeyFromPassword
+ * NSSTrustDomain_GenerateSymKeyFromPassword
*
*/
-NSS_EXTERN NSSSymmetricKey *
-NSSTrustDomain_GenerateSymmetricKeyFromPassword (
+NSS_EXTERN NSSSymKey *
+NSSTrustDomain_GenerateSymKeyFromPassword (
NSSTrustDomain *td,
const NSSAlgNParam *ap,
NSSUTF8 *passwordOpt, /* if null, prompt */
@@ -1974,12 +1974,12 @@ NSSTrustDomain_GenerateSymmetricKeyFromPassword (
);
/*
- * NSSTrustDomain_FindSymmetricKeyByAlgorithm
+ * NSSTrustDomain_FindSymKeyByAlgorithm
*
* Is this still needed?
*
- * NSS_EXTERN NSSSymmetricKey *
- * NSSTrustDomain_FindSymmetricKeyByAlgorithm
+ * NSS_EXTERN NSSSymKey *
+ * NSSTrustDomain_FindSymKeyByAlgorithm
* (
* NSSTrustDomain *td,
* NSSOID *algorithm,
@@ -1988,12 +1988,12 @@ NSSTrustDomain_GenerateSymmetricKeyFromPassword (
*/
/*
- * NSSTrustDomain_FindSymmetricKeyByAlgorithmAndKeyID
+ * NSSTrustDomain_FindSymKeyByAlgorithmAndKeyID
*
*/
-NSS_EXTERN NSSSymmetricKey *
-NSSTrustDomain_FindSymmetricKeyByAlgorithmAndKeyID (
+NSS_EXTERN NSSSymKey *
+NSSTrustDomain_FindSymKeyByAlgorithmAndKeyID (
NSSTrustDomain *td,
NSSOID *algorithm,
NSSItem *keyID,
@@ -2001,14 +2001,14 @@ NSSTrustDomain_FindSymmetricKeyByAlgorithmAndKeyID (
);
/*
- * NSSTrustDomain_TraverseSymmetricKeys
+ * NSSTrustDomain_TraverseSymKeys
*
*
* NSS_EXTERN PRStatus *
- * NSSTrustDomain_TraverseSymmetricKeys
+ * NSSTrustDomain_TraverseSymKeys
* (
* NSSTrustDomain *td,
- * PRStatus (*callback)(NSSSymmetricKey *mk, void *arg),
+ * PRStatus (*callback)(NSSSymKey *mk, void *arg),
* void *arg
* );
*/
@@ -2069,12 +2069,12 @@ NSSVolatileDomain_Destroy (
);
/*
- * NSSVolatileDomain_FindBestCertificateByNickname
+ * NSSVolatileDomain_FindBestCertByNickname
*
*/
-NSS_EXTERN NSSCertificate *
-NSSVolatileDomain_FindBestCertificateByNickname (
+NSS_EXTERN NSSCert *
+NSSVolatileDomain_FindBestCertByNickname (
NSSVolatileDomain *vd,
NSSUTF8 *name,
NSSTime time, /* NULL for "now" */
@@ -2083,39 +2083,39 @@ NSSVolatileDomain_FindBestCertificateByNickname (
);
/*
- * NSSVolatileDomain_FindCertificatesByNickname
+ * NSSVolatileDomain_FindCertsByNickname
*
*/
-NSS_EXTERN NSSCertificate **
-NSSVolatileDomain_FindCertificatesByNickname (
+NSS_EXTERN NSSCert **
+NSSVolatileDomain_FindCertsByNickname (
NSSVolatileDomain *vd,
NSSUTF8 *name,
- NSSCertificate *rvOpt[],
+ NSSCert *rvOpt[],
PRUint32 maximumOpt, /* 0 for no max */
NSSArena *arenaOpt
);
/*
- * NSSVolatileDomain_FindCertificateByIssuerAndSerialNumber
+ * NSSVolatileDomain_FindCertByIssuerAndSerialNumber
*
*/
-NSS_EXTERN NSSCertificate *
-NSSVolatileDomain_FindCertificateByIssuerAndSerialNumber (
+NSS_EXTERN NSSCert *
+NSSVolatileDomain_FindCertByIssuerAndSerialNumber (
NSSVolatileDomain *vd,
NSSDER *issuer,
NSSDER *serialNumber
);
/*
- * NSSVolatileDomain_FindBestCertificateBySubject
+ * NSSVolatileDomain_FindBestCertBySubject
*
* This does not search through alternate names hidden in extensions.
*/
-NSS_EXTERN NSSCertificate *
-NSSVolatileDomain_FindBestCertificateBySubject (
+NSS_EXTERN NSSCert *
+NSSVolatileDomain_FindBestCertBySubject (
NSSVolatileDomain *vd,
NSSDER *subject,
NSSTime time,
@@ -2124,38 +2124,38 @@ NSSVolatileDomain_FindBestCertificateBySubject (
);
/*
- * NSSVolatileDomain_FindCertificatesBySubject
+ * NSSVolatileDomain_FindCertsBySubject
*
* This does not search through alternate names hidden in extensions.
*/
-NSS_EXTERN NSSCertificate **
-NSSVolatileDomain_FindCertificatesBySubject (
+NSS_EXTERN NSSCert **
+NSSVolatileDomain_FindCertsBySubject (
NSSVolatileDomain *vd,
NSSDER *subject,
- NSSCertificate *rvOpt[],
+ NSSCert *rvOpt[],
PRUint32 maximumOpt, /* 0 for no max */
NSSArena *arenaOpt
);
/*
- * NSSVolatileDomain_FindCertificateByEncodedCertificate
+ * NSSVolatileDomain_FindCertByEncodedCert
*
*/
-NSS_EXTERN NSSCertificate *
-NSSVolatileDomain_FindCertificateByEncodedCertificate (
+NSS_EXTERN NSSCert *
+NSSVolatileDomain_FindCertByEncodedCert (
NSSVolatileDomain *vd,
- NSSBER *encodedCertificate
+ NSSBER *encodedCert
);
/*
- * NSSVolatileDomain_FindBestCertificateByEmail
+ * NSSVolatileDomain_FindBestCertByEmail
*
*/
-NSS_EXTERN NSSCertificate *
-NSSVolatileDomain_FindBestCertificateByEmail (
+NSS_EXTERN NSSCert *
+NSSVolatileDomain_FindBestCertByEmail (
NSSVolatileDomain *vd,
NSSASCII7 *email,
NSSTime time,
@@ -2164,39 +2164,39 @@ NSSVolatileDomain_FindBestCertificateByEmail (
);
/*
- * NSSVolatileDomain_FindCertificatesByEmail
+ * NSSVolatileDomain_FindCertsByEmail
*
*/
-NSS_EXTERN NSSCertificate **
-NSSVolatileDomain_FindCertificatesByEmail (
+NSS_EXTERN NSSCert **
+NSSVolatileDomain_FindCertsByEmail (
NSSVolatileDomain *vd,
NSSASCII7 *email,
- NSSCertificate *rvOpt[],
+ NSSCert *rvOpt[],
PRUint32 maximumOpt, /* 0 for no max */
NSSArena *arenaOpt
);
/*
- * NSSVolatileDomain_TraverseCertificates
+ * NSSVolatileDomain_TraverseCerts
*
*
* NSS_EXTERN PRStatus *
- * NSSVolatileDomain_TraverseCertificates
+ * NSSVolatileDomain_TraverseCerts
* (
* NSSVolatileDomain *vd,
- * PRStatus (*callback)(NSSCertificate *c, void *arg),
+ * PRStatus (*callback)(NSSCert *c, void *arg),
* void *arg
* );
*/
/*
- * NSSVolatileDomain_FindBestUserCertificate
+ * NSSVolatileDomain_FindBestUserCert
*
*/
-NSS_EXTERN NSSCertificate *
-NSSVolatileDomain_FindBestUserCertificate (
+NSS_EXTERN NSSCert *
+NSSVolatileDomain_FindBestUserCert (
NSSVolatileDomain *vd,
NSSTime time,
NSSUsages *usages,
@@ -2204,28 +2204,28 @@ NSSVolatileDomain_FindBestUserCertificate (
);
/*
- * NSSVolatileDomain_FindUserCertificates
+ * NSSVolatileDomain_FindUserCerts
*
*/
-NSS_EXTERN NSSCertificate **
-NSSVolatileDomain_FindUserCertificates (
+NSS_EXTERN NSSCert **
+NSSVolatileDomain_FindUserCerts (
NSSVolatileDomain *vd,
NSSTime time,
NSSUsages *usagesOpt,
NSSPolicies *policiesOpt,
- NSSCertificate **rvOpt,
+ NSSCert **rvOpt,
PRUint32 rvLimit, /* zero for no limit */
NSSArena *arenaOpt
);
/*
- * NSSVolatileDomain_FindBestUserCertificateForSSLClientAuth
+ * NSSVolatileDomain_FindBestUserCertForSSLClientAuth
*
*/
-NSS_EXTERN NSSCertificate *
-NSSVolatileDomain_FindBestUserCertificateForSSLClientAuth (
+NSS_EXTERN NSSCert *
+NSSVolatileDomain_FindBestUserCertForSSLClientAuth (
NSSVolatileDomain *vd,
NSSUTF8 *sslHostOpt,
NSSDER *rootCAsOpt[], /* null pointer for none */
@@ -2235,30 +2235,30 @@ NSSVolatileDomain_FindBestUserCertificateForSSLClientAuth (
);
/*
- * NSSVolatileDomain_FindUserCertificatesForSSLClientAuth
+ * NSSVolatileDomain_FindUserCertsForSSLClientAuth
*
*/
-NSS_EXTERN NSSCertificate **
-NSSVolatileDomain_FindUserCertificatesForSSLClientAuth (
+NSS_EXTERN NSSCert **
+NSSVolatileDomain_FindUserCertsForSSLClientAuth (
NSSVolatileDomain *vd,
NSSUTF8 *sslHostOpt,
NSSDER *rootCAsOpt[], /* null pointer for none */
PRUint32 rootCAsMaxOpt, /* zero means list is null-terminated */
const NSSAlgNParam *apOpt,
NSSPolicies *policiesOpt,
- NSSCertificate **rvOpt,
+ NSSCert **rvOpt,
PRUint32 rvLimit, /* zero for no limit */
NSSArena *arenaOpt
);
/*
- * NSSVolatileDomain_FindBestUserCertificateForEmailSigning
+ * NSSVolatileDomain_FindBestUserCertForEmailSigning
*
*/
-NSS_EXTERN NSSCertificate *
-NSSVolatileDomain_FindBestUserCertificateForEmailSigning (
+NSS_EXTERN NSSCert *
+NSSVolatileDomain_FindBestUserCertForEmailSigning (
NSSVolatileDomain *vd,
NSSASCII7 *signerOpt,
NSSASCII7 *recipientOpt,
@@ -2268,19 +2268,19 @@ NSSVolatileDomain_FindBestUserCertificateForEmailSigning (
);
/*
- * NSSVolatileDomain_FindUserCertificatesForEmailSigning
+ * NSSVolatileDomain_FindUserCertsForEmailSigning
*
*/
-NSS_EXTERN NSSCertificate *
-NSSVolatileDomain_FindUserCertificatesForEmailSigning (
+NSS_EXTERN NSSCert *
+NSSVolatileDomain_FindUserCertsForEmailSigning (
NSSVolatileDomain *vd,
NSSASCII7 *signerOpt, /* fgmr or a more general name? */
NSSASCII7 *recipientOpt,
/* anything more here? */
const NSSAlgNParam *apOpt,
NSSPolicies *policiesOpt,
- NSSCertificate **rvOpt,
+ NSSCert **rvOpt,
PRUint32 rvLimit, /* zero for no limit */
NSSArena *arenaOpt
);
@@ -2288,38 +2288,38 @@ NSSVolatileDomain_FindUserCertificatesForEmailSigning (
/* Importing things */
/*
- * NSSVolatileDomain_ImportCertificate
+ * NSSVolatileDomain_ImportCert
*
*/
NSS_EXTERN PRStatus
-NSSVolatileDomain_ImportCertificate (
+NSSVolatileDomain_ImportCert (
NSSVolatileDomain *vd,
- NSSCertificate *c
+ NSSCert *c
);
/*
- * NSSVolatileDomain_ImportEncodedCertificate
+ * NSSVolatileDomain_ImportEncodedCert
*
*/
-NSS_EXTERN NSSCertificate *
-NSSVolatileDomain_ImportEncodedCertificate (
+NSS_EXTERN NSSCert *
+NSSVolatileDomain_ImportEncodedCert (
NSSVolatileDomain *vd,
NSSBER *ber,
NSSUTF8 *nicknameOpt
);
/*
- * NSSVolatileDomain_ImportEncodedCertificateChain
+ * NSSVolatileDomain_ImportEncodedCertChain
*
*/
NSS_EXTERN PRStatus
-NSSVolatileDomain_ImportEncodedCertificateChain (
+NSSVolatileDomain_ImportEncodedCertChain (
NSSVolatileDomain *vd,
NSSBER *ber,
- NSSCertificateType certType
+ NSSCertType certType
);
/*
@@ -2381,12 +2381,12 @@ NSSVolatileDomain_GenerateKeyPair (
/* Symmetric Keys */
/*
- * NSSVolatileDomain_GenerateSymmetricKey
+ * NSSVolatileDomain_GenerateSymKey
*
*/
-NSS_EXTERN NSSSymmetricKey *
-NSSVolatileDomain_GenerateSymmetricKey (
+NSS_EXTERN NSSSymKey *
+NSSVolatileDomain_GenerateSymKey (
NSSVolatileDomain *vd,
const NSSAlgNParam *ap,
PRUint32 keysize,
@@ -2398,12 +2398,12 @@ NSSVolatileDomain_GenerateSymmetricKey (
);
/*
- * NSSVolatileDomain_GenerateSymmetricKeyFromPassword
+ * NSSVolatileDomain_GenerateSymKeyFromPassword
*
*/
-NSS_EXTERN NSSSymmetricKey *
-NSSVolatileDomain_GenerateSymmetricKeyFromPassword (
+NSS_EXTERN NSSSymKey *
+NSSVolatileDomain_GenerateSymKeyFromPassword (
NSSVolatileDomain *vd,
const NSSAlgNParam *ap,
NSSUTF8 *passwordOpt, /* if null, prompt */
@@ -2412,11 +2412,11 @@ NSSVolatileDomain_GenerateSymmetricKeyFromPassword (
);
/*
- * NSSVolatileDomain_FindSymmetricKeyByAlgorithm
+ * NSSVolatileDomain_FindSymKeyByAlgorithm
*
*
- * NSS_EXTERN NSSSymmetricKey *
- * NSSVolatileDomain_FindSymmetricKeyByType
+ * NSS_EXTERN NSSSymKey *
+ * NSSVolatileDomain_FindSymKeyByType
* (
* NSSVolatileDomain *vd,
* NSSOID *type,
@@ -2425,12 +2425,12 @@ NSSVolatileDomain_GenerateSymmetricKeyFromPassword (
*/
/*
- * NSSVolatileDomain_FindSymmetricKeyByAlgorithmAndKeyID
+ * NSSVolatileDomain_FindSymKeyByAlgorithmAndKeyID
*
*/
-NSS_EXTERN NSSSymmetricKey *
-NSSVolatileDomain_FindSymmetricKeyByAlgorithmAndKeyID (
+NSS_EXTERN NSSSymKey *
+NSSVolatileDomain_FindSymKeyByAlgorithmAndKeyID (
NSSVolatileDomain *vd,
NSSOID *algorithm,
NSSItem *keyID,
@@ -2438,12 +2438,12 @@ NSSVolatileDomain_FindSymmetricKeyByAlgorithmAndKeyID (
);
/*
- * NSSVolatileDomain_UnwrapSymmetricKey
+ * NSSVolatileDomain_UnwrapSymKey
*
*/
-NSS_EXTERN NSSSymmetricKey *
-NSSVolatileDomain_UnwrapSymmetricKey (
+NSS_EXTERN NSSSymKey *
+NSSVolatileDomain_UnwrapSymKey (
NSSVolatileDomain *vd,
const NSSAlgNParam *ap,
NSSPrivateKey *wrapKey,
@@ -2455,25 +2455,25 @@ NSSVolatileDomain_UnwrapSymmetricKey (
);
/*
- * NSSVolatileDomain_TraverseSymmetricKeys
+ * NSSVolatileDomain_TraverseSymKeys
*
*
* NSS_EXTERN PRStatus *
- * NSSVolatileDomain_TraverseSymmetricKeys
+ * NSSVolatileDomain_TraverseSymKeys
* (
* NSSVolatileDomain *vd,
- * PRStatus (*callback)(NSSSymmetricKey *mk, void *arg),
+ * PRStatus (*callback)(NSSSymKey *mk, void *arg),
* void *arg
* );
*/
/*
- * NSSVolatileDomain_DeriveSymmetricKey
+ * NSSVolatileDomain_DeriveSymKey
*
*/
-NSS_EXTERN NSSSymmetricKey *
-NSSVolatileDomain_DeriveSymmetricKey (
+NSS_EXTERN NSSSymKey *
+NSSVolatileDomain_DeriveSymKey (
NSSVolatileDomain *vd,
NSSPublicKey *bkOpt,
const NSSAlgNParam *apOpt,
@@ -2815,15 +2815,15 @@ NSSCryptoContext_VerifyRecover (
);
/*
- * NSSCryptoContext_WrapSymmetricKey
+ * NSSCryptoContext_WrapSymKey
*
*/
NSS_EXTERN NSSItem *
-NSSCryptoContext_WrapSymmetricKey (
+NSSCryptoContext_WrapSymKey (
NSSCryptoContext *cc,
const NSSAlgNParam *apOpt,
- NSSSymmetricKey *keyToWrap,
+ NSSSymKey *keyToWrap,
NSSCallback *uhhOpt,
NSSItem *rvOpt,
NSSArena *arenaOpt
@@ -2871,7 +2871,7 @@ NSSCryptoContext_ContinueDigest (
NSS_EXTERN PRStatus
NSSCryptoContext_DigestKey (
NSSCryptoContext *cc,
- NSSSymmetricKey *mkOpt
+ NSSSymKey *mkOpt
);
/*
@@ -2918,14 +2918,14 @@ NSSCryptoContext_Release (
);
/*
- * ..._SignTBSCertificate
+ * ..._SignTBSCert
*
* This requires feedback from the cert server team.
*/
/*
- * PRBool NSSCertificate_GetIsTrustedFor{xxx}(NSSCertificate *c);
- * PRStatus NSSCertificate_SetIsTrustedFor{xxx}(NSSCertificate *c, PRBool trusted);
+ * PRBool NSSCert_GetIsTrustedFor{xxx}(NSSCert *c);
+ * PRStatus NSSCert_SetIsTrustedFor{xxx}(NSSCert *c, PRBool trusted);
*
* These will be helper functions which get the trust object for a cert,
* and then call the corresponding function(s) on it.
@@ -2942,8 +2942,8 @@ NSSCryptoContext_Release (
* like "EmailSigning."
*
*
- * NSSPKIXTrust *NSSCertificate_GetPKIXTrustObject(NSSCertificate *c);
- * PRStatus NSSCertificate_SetPKIXTrustObject(NSSCertificate *c, NSPKIXTrust *t);
+ * NSSPKIXTrust *NSSCert_GetPKIXTrustObject(NSSCert *c);
+ * PRStatus NSSCert_SetPKIXTrustObject(NSSCert *c, NSPKIXTrust *t);
*
* I want to hold off on any general trust object until we've investigated
* other models more thoroughly.
diff --git a/security/nss/lib/pki/nsspkit.h b/security/nss/lib/pki/nsspkit.h
index 9f65ec5e1..fb9bb3879 100644
--- a/security/nss/lib/pki/nsspkit.h
+++ b/security/nss/lib/pki/nsspkit.h
@@ -51,9 +51,9 @@ static const char NSSPKIT_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
PR_BEGIN_EXTERN_C
/*
- * NSSCertificate
+ * NSSCert
*
- * This is the public representation of a Certificate. The certificate
+ * This is the public representation of a Cert. The certificate
* may be one found on a smartcard or other token, one decoded from data
* received as part of a protocol, one constructed from constituent
* parts, etc. Usually it is associated with ("in") a trust domain; as
@@ -65,11 +65,11 @@ PR_BEGIN_EXTERN_C
* by implementing public-key crypto operations as methods on this type.
*/
-struct NSSCertificateStr;
-typedef struct NSSCertificateStr NSSCertificate;
+struct NSSCertStr;
+typedef struct NSSCertStr NSSCert;
/*
- * NSSUserCertificate
+ * NSSUserCert
*
* A ``User'' certificate is one for which the private key is available.
* People speak of "using my certificate to sign my email" and "using
@@ -86,7 +86,7 @@ typedef struct NSSCertificateStr NSSCertificate;
* Open design question: should these types be more firmly separated?
*/
-typedef NSSCertificate NSSUserCertificate;
+typedef NSSCert NSSUserCert;
/*
* NSSPrivateKey
@@ -108,12 +108,12 @@ struct NSSPublicKeyStr;
typedef struct NSSPublicKeyStr NSSPublicKey;
/*
- * NSSSymmetricKey
+ * NSSSymKey
*
*/
-struct NSSSymmetricKeyStr;
-typedef struct NSSSymmetricKeyStr NSSSymmetricKey;
+struct NSSSymKeyStr;
+typedef struct NSSSymKeyStr NSSSymKey;
/*
* NSSTrustDomain
@@ -140,8 +140,8 @@ typedef struct NSSTrustDomainStr NSSTrustDomain;
typedef struct NSSVolatileDomainStr NSSVolatileDomain;
/* special case of volatile domain */
-struct NSSCertificateChainStr;
-typedef struct NSSCertificateChainStr NSSCertificateChain;
+struct NSSCertChainStr;
+typedef struct NSSCertChainStr NSSCertChain;
/*
* NSSCryptoContext
@@ -245,7 +245,7 @@ typedef struct NSSUsagesStr NSSUsages;
struct NSSPoliciesStr;
typedef struct NSSPoliciesStr NSSPolicies;
-struct NSSPKIXCertificateStr;
+struct NSSPKIXCertStr;
PR_END_EXTERN_C
diff --git a/security/nss/lib/pki/pki.h b/security/nss/lib/pki/pki.h
index 8c602d643..a06eaf572 100644
--- a/security/nss/lib/pki/pki.h
+++ b/security/nss/lib/pki/pki.h
@@ -70,163 +70,163 @@ nssTrustDomain_GetDefaultCallback (
PRStatus *statusOpt
);
-NSS_EXTERN NSSCertificate **
-nssTrustDomain_FindCertificatesByNickname (
+NSS_EXTERN NSSCert **
+nssTrustDomain_FindCertsByNickname (
NSSTrustDomain *td,
NSSUTF8 *name,
- NSSCertificate *rvOpt[],
+ NSSCert *rvOpt[],
PRUint32 maximumOpt, /* 0 for no max */
NSSArena *arenaOpt
);
-NSS_EXTERN NSSCertificate **
-nssTrustDomain_FindCertificatesBySubject (
+NSS_EXTERN NSSCert **
+nssTrustDomain_FindCertsBySubject (
NSSTrustDomain *td,
NSSDER *subject,
- NSSCertificate *rvOpt[],
+ NSSCert *rvOpt[],
PRUint32 maximumOpt,
NSSArena *arenaOpt
);
-NSS_EXTERN NSSCertificate *
-nssTrustDomain_FindCertificateByIssuerAndSerialNumber (
+NSS_EXTERN NSSCert *
+nssTrustDomain_FindCertByIssuerAndSerialNumber (
NSSTrustDomain *td,
NSSDER *issuer,
NSSDER *serialNumber
);
-NSS_EXTERN NSSCertificate **
-nssTrustDomain_FindCertificatesByEmail (
+NSS_EXTERN NSSCert **
+nssTrustDomain_FindCertsByEmail (
NSSTrustDomain *td,
NSSASCII7 *email,
- NSSCertificate *rvOpt[],
+ NSSCert *rvOpt[],
PRUint32 maximumOpt, /* 0 for no max */
NSSArena *arenaOpt
);
-NSS_EXTERN NSSCertificate *
-nssTrustDomain_FindCertificateByEncodedCertificate (
+NSS_EXTERN NSSCert *
+nssTrustDomain_FindCertByEncodedCert (
NSSTrustDomain *td,
- NSSBER *encodedCertificate
+ NSSBER *encodedCert
);
NSS_EXTERN PRStatus *
-nssTrustDomain_TraverseCertificates (
+nssTrustDomain_TraverseCerts (
NSSTrustDomain *td,
- PRStatus (*callback)(NSSCertificate *c, void *arg),
+ PRStatus (*callback)(NSSCert *c, void *arg),
void *arg
);
NSS_EXTERN nssTrust *
-nssTrustDomain_FindTrustForCertificate (
+nssTrustDomain_FindTrustForCert (
NSSTrustDomain *td,
- NSSCertificate *c
+ NSSCert *c
);
-NSS_EXTERN NSSCertificate *
-nssCertificate_Decode (
+NSS_EXTERN NSSCert *
+nssCert_Decode (
NSSBER *ber
);
-NSS_EXTERN NSSCertificate *
-nssCertificate_AddRef (
- NSSCertificate *c
+NSS_EXTERN NSSCert *
+nssCert_AddRef (
+ NSSCert *c
);
NSS_EXTERN PRStatus
-nssCertificate_Destroy (
- NSSCertificate *c
+nssCert_Destroy (
+ NSSCert *c
);
NSS_EXTERN NSSDER *
-nssCertificate_GetEncoding (
- NSSCertificate *c
+nssCert_GetEncoding (
+ NSSCert *c
);
NSS_EXTERN NSSDER *
-nssCertificate_GetIssuer (
- NSSCertificate *c
+nssCert_GetIssuer (
+ NSSCert *c
);
NSS_EXTERN NSSDER *
-nssCertificate_GetSerialNumber (
- NSSCertificate *c
+nssCert_GetSerialNumber (
+ NSSCert *c
);
NSS_EXTERN NSSDER *
-nssCertificate_GetSubject (
- NSSCertificate *c
+nssCert_GetSubject (
+ NSSCert *c
);
NSS_EXTERN PRStatus
-nssCertificate_SetNickname (
- NSSCertificate *c,
+nssCert_SetNickname (
+ NSSCert *c,
NSSToken *tokenOpt,
NSSUTF8 *nickname
);
NSS_EXTERN NSSUTF8 *
-nssCertificate_GetNickname (
- NSSCertificate *c,
+nssCert_GetNickname (
+ NSSCert *c,
NSSToken *tokenOpt
);
NSS_EXTERN NSSASCII7 *
-nssCertificate_GetEmailAddress (
- NSSCertificate *c
+nssCert_GetEmailAddress (
+ NSSCert *c
);
NSS_EXTERN PRBool
-nssCertificate_IssuerAndSerialEqual (
- NSSCertificate *c1,
- NSSCertificate *c2
+nssCert_IssuerAndSerialEqual (
+ NSSCert *c1,
+ NSSCert *c2
);
NSS_EXTERN NSSPublicKey *
-nssCertificate_GetPublicKey (
- NSSCertificate *c
+nssCert_GetPublicKey (
+ NSSCert *c
);
NSS_EXTERN NSSPrivateKey *
-nssCertificate_FindPrivateKey (
- NSSCertificate *c,
+nssCert_FindPrivateKey (
+ NSSCert *c,
NSSCallback *uhh
);
NSS_EXTERN PRBool
-nssCertificate_IsPrivateKeyAvailable (
- NSSCertificate *c,
+nssCert_IsPrivateKeyAvailable (
+ NSSCert *c,
NSSCallback *uhh,
PRStatus *statusOpt
);
NSS_EXTERN NSSUsages *
-nssCertificate_GetUsages (
- NSSCertificate *c,
+nssCert_GetUsages (
+ NSSCert *c,
PRStatus *statusOpt
);
NSS_EXTERN PRBool
-nssCertificate_IsValidAtTime (
- NSSCertificate *c,
+nssCert_IsValidAtTime (
+ NSSCert *c,
NSSTime time,
PRStatus *statusOpt
);
NSS_EXTERN PRBool
-nssCertificate_IsNewer (
- NSSCertificate *c1,
- NSSCertificate *c2,
+nssCert_IsNewer (
+ NSSCert *c1,
+ NSSCert *c2,
PRStatus *statusOpt
);
-NSS_EXTERN NSSCertificate **
-nssCertificate_BuildChain (
- NSSCertificate *c,
+NSS_EXTERN NSSCert **
+nssCert_BuildChain (
+ NSSCert *c,
NSSTime time,
NSSUsages *usagesOpt,
NSSPolicies *policiesOpt,
- NSSCertificate **rvOpt,
+ NSSCert **rvOpt,
PRUint32 rvLimit,
NSSArena *arenaOpt,
PRStatus *statusOpt
@@ -282,29 +282,29 @@ nssPublicKey_GetID (
);
NSS_EXTERN NSSItem *
-nssPublicKey_WrapSymmetricKey (
+nssPublicKey_WrapSymKey (
NSSPublicKey *bk,
const NSSAlgNParam *ap,
- NSSSymmetricKey *keyToWrap,
+ NSSSymKey *keyToWrap,
NSSCallback *uhh,
NSSItem *rvOpt,
NSSArena *arenaOpt
);
-NSS_EXTERN NSSSymmetricKey *
-nssSymmetricKey_AddRef (
- NSSSymmetricKey *mk
+NSS_EXTERN NSSSymKey *
+nssSymKey_AddRef (
+ NSSSymKey *mk
);
NSS_EXTERN PRStatus
-nssSymmetricKey_DeriveSSLSessionKeys (
- NSSSymmetricKey *masterSecret,
+nssSymKey_DeriveSSLSessionKeys (
+ NSSSymKey *masterSecret,
const NSSAlgNParam *ap,
- NSSSymmetricKeyType bulkKeyType,
+ NSSSymKeyType bulkKeyType,
NSSOperations operations,
NSSProperties properties,
PRUint32 keySize,
- NSSSymmetricKey **sessionKeys
+ NSSSymKey **sessionKeys
);
NSS_EXTERN NSSVolatileDomain *
@@ -313,11 +313,11 @@ nssVolatileDomain_Create (
NSSCallback *uhhOpt
);
-NSS_EXTERN NSSCertificate **
-nssVolatileDomain_FindCertificatesBySubject (
+NSS_EXTERN NSSCert **
+nssVolatileDomain_FindCertsBySubject (
NSSVolatileDomain *vd,
NSSDER *subject,
- NSSCertificate *rvOpt[],
+ NSSCert *rvOpt[],
PRUint32 maximumOpt, /* 0 for no max */
NSSArena *arenaOpt
);
@@ -333,8 +333,8 @@ nssPrivateKeyArray_Destroy (
);
NSS_EXTERN void
-nssSymmetricKeyArray_Destroy (
- NSSSymmetricKey **mkeys
+nssSymKeyArray_Destroy (
+ NSSSymKey **mkeys
);
NSS_EXTERN nssTrust *
@@ -359,7 +359,7 @@ nssSMIMEProfile_Destroy (
NSS_EXTERN nssSMIMEProfile *
nssSMIMEProfile_Create (
- NSSCertificate *cert,
+ NSSCert *cert,
NSSItem *profileTime,
NSSItem *profileData
);
diff --git a/security/nss/lib/pki/pkibase.c b/security/nss/lib/pki/pkibase.c
index e294a6096..2c8e4ceff 100644
--- a/security/nss/lib/pki/pkibase.c
+++ b/security/nss/lib/pki/pkibase.c
@@ -487,35 +487,35 @@ nssPKIObject_GetWriteToken (
}
NSS_IMPLEMENT void
-nssCertificateArray_Destroy (
- NSSCertificate **certs
+nssCertArray_Destroy (
+ NSSCert **certs
)
{
if (certs) {
- NSSCertificate **certp;
+ NSSCert **certp;
for (certp = certs; *certp; certp++) {
- nssCertificate_Destroy(*certp);
+ nssCert_Destroy(*certp);
}
nss_ZFreeIf(certs);
}
}
NSS_IMPLEMENT void
-NSSCertificateArray_Destroy (
- NSSCertificate **certs
+NSSCertArray_Destroy (
+ NSSCert **certs
)
{
- nssCertificateArray_Destroy(certs);
+ nssCertArray_Destroy(certs);
}
-NSS_IMPLEMENT NSSCertificate **
-nssCertificateArray_Join (
- NSSCertificate **certs1,
- NSSCertificate **certs2
+NSS_IMPLEMENT NSSCert **
+nssCertArray_Join (
+ NSSCert **certs1,
+ NSSCert **certs2
)
{
if (certs1 && certs2) {
- NSSCertificate **certs, **cp;
+ NSSCert **certs, **cp;
PRUint32 count = 0;
PRUint32 count1 = 0;
cp = certs1;
@@ -523,11 +523,11 @@ nssCertificateArray_Join (
count = count1;
cp = certs2;
while (*cp++) count++;
- certs = nss_ZREALLOCARRAY(certs1, NSSCertificate *, count + 1);
+ certs = nss_ZREALLOCARRAY(certs1, NSSCert *, count + 1);
if (!certs) {
nss_ZFreeIf(certs1);
nss_ZFreeIf(certs2);
- return (NSSCertificate **)NULL;
+ return (NSSCert **)NULL;
}
for (cp = certs2; *cp; cp++, count1++) {
certs[count1] = *cp;
@@ -541,29 +541,29 @@ nssCertificateArray_Join (
}
}
-NSS_IMPLEMENT NSSCertificate *
-nssCertificateArray_FindBestCertificate (
- NSSCertificate **certs,
+NSS_IMPLEMENT NSSCert *
+nssCertArray_FindBestCert (
+ NSSCert **certs,
NSSTime time,
NSSUsages *usagesOpt,
NSSPolicies *policiesOpt
)
{
PRStatus status;
- NSSCertificate *bestCert = NULL;
+ NSSCert *bestCert = NULL;
if (!certs) {
- return (NSSCertificate *)NULL;
+ return (NSSCert *)NULL;
}
for (; *certs; certs++) {
- NSSCertificate *c = *certs;
- NSSUsages *certUsages = nssCertificate_GetUsages(c, &status);
+ NSSCert *c = *certs;
+ NSSUsages *certUsages = nssCert_GetUsages(c, &status);
if (status == PR_FAILURE) {
- return (NSSCertificate *)NULL;
+ return (NSSCert *)NULL;
}
if (!bestCert) {
/* take the first cert with matching usage (if provided) */
if (!usagesOpt || nssUsages_Match(usagesOpt, certUsages)) {
- bestCert = nssCertificate_AddRef(c);
+ bestCert = nssCert_AddRef(c);
}
continue;
} else {
@@ -576,31 +576,31 @@ nssCertificateArray_FindBestCertificate (
}
}
/* time */
- if (nssCertificate_IsValidAtTime(bestCert, time, &status)) {
+ if (nssCert_IsValidAtTime(bestCert, time, &status)) {
/* The current best cert is valid at time */
- if (!nssCertificate_IsValidAtTime(c, time, &status)) {
+ if (!nssCert_IsValidAtTime(c, time, &status)) {
/* If the new cert isn't valid at time, it's not better */
continue;
}
} else {
if (status == PR_FAILURE) {
- return (NSSCertificate *)NULL;
+ return (NSSCert *)NULL;
}
/* The current best cert is not valid at time */
- if (nssCertificate_IsValidAtTime(c, time, NULL)) {
+ if (nssCert_IsValidAtTime(c, time, NULL)) {
/* If the new cert is valid at time, it's better */
- nssCertificate_Destroy(bestCert);
- bestCert = nssCertificate_AddRef(c);
+ nssCert_Destroy(bestCert);
+ bestCert = nssCert_AddRef(c);
}
}
/* either they are both valid at time, or neither valid;
* take the newer one
*/
- if (nssCertificate_IsNewer(c, bestCert, &status)) {
- nssCertificate_Destroy(bestCert);
- bestCert = nssCertificate_AddRef(c);
+ if (nssCert_IsNewer(c, bestCert, &status)) {
+ nssCert_Destroy(bestCert);
+ bestCert = nssCert_AddRef(c);
} else if (status == PR_FAILURE) {
- return (NSSCertificate *)NULL;
+ return (NSSCert *)NULL;
}
/* policies */
/* XXX later -- defer to policies */
@@ -609,15 +609,15 @@ nssCertificateArray_FindBestCertificate (
}
NSS_IMPLEMENT PRStatus
-nssCertificateArray_Traverse (
- NSSCertificate **certs,
- PRStatus (* callback)(NSSCertificate *c, void *arg),
+nssCertArray_Traverse (
+ NSSCert **certs,
+ PRStatus (* callback)(NSSCert *c, void *arg),
void *arg
)
{
PRStatus status = PR_SUCCESS;
if (certs) {
- NSSCertificate **certp;
+ NSSCert **certp;
for (certp = certs; *certp; certp++) {
status = (*callback)(*certp, arg);
if (status != PR_SUCCESS) {
@@ -659,7 +659,7 @@ nssUsages_Match (
typedef enum
{
- pkiObjectType_Certificate = 0,
+ pkiObjectType_Cert = 0,
pkiObjectType_CRL = 1,
pkiObjectType_PrivateKey = 2,
pkiObjectType_PublicKey = 3
@@ -668,7 +668,7 @@ typedef enum
/* Each object is defined by a set of items that uniquely identify it.
* Here are the uid sets:
*
- * NSSCertificate ==> { issuer, serial }
+ * NSSCert ==> { issuer, serial }
* NSSPrivateKey
* (RSA) ==> { modulus, public exponent }
*
@@ -996,8 +996,8 @@ nssPKIObjectCollection_Traverse (
node->haveObject = PR_TRUE;
}
switch (collection->objectType) {
- case pkiObjectType_Certificate:
- status = (*callback->func.cert)((NSSCertificate *)node->object,
+ case pkiObjectType_Cert:
+ status = (*callback->func.cert)((NSSCert *)node->object,
callback->arg);
break;
case pkiObjectType_CRL:
@@ -1042,23 +1042,23 @@ nssPKIObjectCollection_AddInstanceAsObject (
}
/*
- * Certificate collections
+ * Cert collections
*/
static void
cert_destroyObject(nssPKIObject *o)
{
- NSSCertificate *c = (NSSCertificate *)o;
- nssCertificate_Destroy(c);
+ NSSCert *c = (NSSCert *)o;
+ nssCert_Destroy(c);
}
static PRStatus
cert_getUIDFromObject(nssPKIObject *o, NSSItem *uid)
{
- NSSCertificate *c = (NSSCertificate *)o;
+ NSSCert *c = (NSSCert *)o;
NSSDER *issuer, *serial;
- issuer = nssCertificate_GetIssuer(c);
- serial = nssCertificate_GetSerialNumber(c);
+ issuer = nssCert_GetIssuer(c);
+ serial = nssCert_GetSerialNumber(c);
uid[0] = *issuer;
uid[1] = *serial;
return PR_SUCCESS;
@@ -1068,7 +1068,7 @@ static PRStatus
cert_getUIDFromInstance(nssCryptokiObject *instance, NSSItem *uid,
NSSArena *arena)
{
- return nssCryptokiCertificate_GetAttributes(instance,
+ return nssCryptokiCert_GetAttributes(instance,
arena, /* arena */
NULL, /* type */
NULL, /* id */
@@ -1082,21 +1082,21 @@ cert_getUIDFromInstance(nssCryptokiObject *instance, NSSItem *uid,
static nssPKIObject *
cert_createObject(nssPKIObject *o)
{
- NSSCertificate *cert;
- cert = nssCertificate_Create(o);
+ NSSCert *cert;
+ cert = nssCert_Create(o);
return (nssPKIObject *)cert;
}
NSS_IMPLEMENT nssPKIObjectCollection *
-nssCertificateCollection_Create (
+nssCertCollection_Create (
NSSTrustDomain *td,
- NSSCertificate **certsOpt
+ NSSCert **certsOpt
)
{
PRStatus status;
nssPKIObjectCollection *collection;
collection = nssPKIObjectCollection_Create(td);
- collection->objectType = pkiObjectType_Certificate;
+ collection->objectType = pkiObjectType_Cert;
collection->destroyObject = cert_destroyObject;
collection->getUIDFromObject = cert_getUIDFromObject;
collection->getUIDFromInstance = cert_getUIDFromInstance;
@@ -1110,10 +1110,10 @@ nssCertificateCollection_Create (
return collection;
}
-NSS_IMPLEMENT NSSCertificate **
-nssPKIObjectCollection_GetCertificates (
+NSS_IMPLEMENT NSSCert **
+nssPKIObjectCollection_GetCerts (
nssPKIObjectCollection *collection,
- NSSCertificate **rvOpt,
+ NSSCert **rvOpt,
PRUint32 maximumOpt,
NSSArena *arenaOpt
)
@@ -1122,7 +1122,7 @@ nssPKIObjectCollection_GetCertificates (
PRUint32 rvSize;
PRBool allocated = PR_FALSE;
if (collection->size == 0) {
- return (NSSCertificate **)NULL;
+ return (NSSCert **)NULL;
}
if (maximumOpt == 0) {
rvSize = collection->size;
@@ -1130,9 +1130,9 @@ nssPKIObjectCollection_GetCertificates (
rvSize = PR_MIN(collection->size, maximumOpt);
}
if (!rvOpt) {
- rvOpt = nss_ZNEWARRAY(arenaOpt, NSSCertificate *, rvSize + 1);
+ rvOpt = nss_ZNEWARRAY(arenaOpt, NSSCert *, rvSize + 1);
if (!rvOpt) {
- return (NSSCertificate **)NULL;
+ return (NSSCert **)NULL;
}
allocated = PR_TRUE;
}
@@ -1143,7 +1143,7 @@ nssPKIObjectCollection_GetCertificates (
if (allocated) {
nss_ZFreeIf(rvOpt);
}
- return (NSSCertificate **)NULL;
+ return (NSSCert **)NULL;
}
return rvOpt;
}
@@ -1562,8 +1562,8 @@ loser:
return PR_FAILURE;
}
-NSS_IMPLEMENT NSSSymmetricKey *
-nssPKIObjectCreator_GenerateSymmetricKey (
+NSS_IMPLEMENT NSSSymKey *
+nssPKIObjectCreator_GenerateSymKey (
nssPKIObjectCreator *creator,
PRUint32 keysize
)
@@ -1573,7 +1573,7 @@ nssPKIObjectCreator_GenerateSymmetricKey (
NSSToken *source;
nssSession *session = NULL;
nssCryptokiObject *key = NULL;
- NSSSymmetricKey *rvKey = NULL;
+ NSSSymKey *rvKey = NULL;
NSSSlot *slot;
/* search the trust domain for a usable token for the keygen */
@@ -1581,7 +1581,7 @@ nssPKIObjectCreator_GenerateSymmetricKey (
creator->ap,
creator->destination);
if (!source) {
- return (NSSSymmetricKey *)NULL;
+ return (NSSSymKey *)NULL;
}
/* If we want a persistent object but the destination token can't
* do the math, then create a temporary object on the source token
@@ -1610,7 +1610,7 @@ nssPKIObjectCreator_GenerateSymmetricKey (
}
/* XXX */
- key = nssToken_GenerateSymmetricKey(source, session, creator->ap,
+ key = nssToken_GenerateSymKey(source, session, creator->ap,
keysize, NULL, !temporary, 0, 0);
if (!key) {
goto loser;
@@ -1631,7 +1631,7 @@ nssPKIObjectCreator_GenerateSymmetricKey (
goto loser;
}
}
- destKey = nssCryptokiSymmetricKey_Copy(key, session,
+ destKey = nssCryptokiSymKey_Copy(key, session,
creator->destination,
copySession,
creator->persistent);
@@ -1646,7 +1646,7 @@ nssPKIObjectCreator_GenerateSymmetricKey (
key = destKey;
}
- rvKey = nssSymmetricKey_CreateFromInstance(key, creator->td, creator->vd);
+ rvKey = nssSymKey_CreateFromInstance(key, creator->td, creator->vd);
if (!rvKey) {
goto loser;
}
@@ -1664,7 +1664,7 @@ loser:
nssCryptokiObject_Destroy(key);
}
nssToken_Destroy(source);
- return (NSSSymmetricKey *)NULL;
+ return (NSSSymKey *)NULL;
}
struct nssTokenSessionHashStr {
diff --git a/security/nss/lib/pki/pkim.h b/security/nss/lib/pki/pkim.h
index 72cf56dc8..329addff6 100644
--- a/security/nss/lib/pki/pkim.h
+++ b/security/nss/lib/pki/pkim.h
@@ -224,11 +224,11 @@ nssTrustDomain_FindSourceToken (
NSSToken *candidate
);
-NSS_EXTERN NSSCertificate **
-nssTrustDomain_FindCertificatesByID (
+NSS_EXTERN NSSCert **
+nssTrustDomain_FindCertsByID (
NSSTrustDomain *td,
NSSItem *id,
- NSSCertificate **rvOpt,
+ NSSCert **rvOpt,
PRUint32 maximumOpt,
NSSArena *arenaOpt
);
@@ -249,35 +249,35 @@ nssCryptoContext_Create (
);
NSS_EXTERN NSSCryptoContext *
-nssCryptoContext_CreateForSymmetricKey (
- NSSSymmetricKey *mk,
+nssCryptoContext_CreateForSymKey (
+ NSSSymKey *mk,
const NSSAlgNParam *apOpt,
NSSCallback *uhh
);
/* XXX for the collection */
-NSS_EXTERN NSSCertificate *
-nssCertificate_Create (
+NSS_EXTERN NSSCert *
+nssCert_Create (
nssPKIObject *object
);
/* XXX XXX most of these belong in pki.h */
NSS_EXTERN nssCryptokiObject *
-nssCertificate_FindInstanceForAlgorithm (
- NSSCertificate *c,
+nssCert_FindInstanceForAlgorithm (
+ NSSCert *c,
NSSAlgNParam *ap
);
NSS_EXTERN void
-nssCertificate_SetVolatileDomain (
- NSSCertificate *c,
+nssCert_SetVolatileDomain (
+ NSSCert *c,
NSSVolatileDomain *vd
);
NSS_EXTERN PRStatus
-nssCertificate_CopyToToken (
- NSSCertificate *c,
+nssCert_CopyToToken (
+ NSSCert *c,
NSSToken *token,
NSSUTF8 *nicknameOpt
);
@@ -308,57 +308,57 @@ nssCRL_DeleteStoredObject (
NSSCallback *uhh
);
-NSS_EXTERN NSSSymmetricKey *
-nssSymmetricKey_Create (
+NSS_EXTERN NSSSymKey *
+nssSymKey_Create (
nssPKIObject *object
);
-NSS_EXTERN NSSSymmetricKey *
-nssSymmetricKey_CreateFromInstance (
+NSS_EXTERN NSSSymKey *
+nssSymKey_CreateFromInstance (
nssCryptokiObject *instance,
NSSTrustDomain *td,
NSSVolatileDomain *vdOpt
);
NSS_EXTERN PRStatus
-nssSymmetricKey_Destroy (
- NSSSymmetricKey *mk
+nssSymKey_Destroy (
+ NSSSymKey *mk
);
NSS_IMPLEMENT nssCryptokiObject *
-nssSymmetricKey_CopyToToken (
- NSSSymmetricKey *mk,
+nssSymKey_CopyToToken (
+ NSSSymKey *mk,
NSSToken *destination,
PRBool asPersistentObject
);
NSS_EXTERN NSSToken **
-nssSymmetricKey_GetTokens (
- NSSSymmetricKey *mk,
+nssSymKey_GetTokens (
+ NSSSymKey *mk,
PRStatus *statusOpt
);
NSS_EXTERN NSSTrustDomain *
-nssSymmetricKey_GetTrustDomain (
- NSSSymmetricKey *mk,
+nssSymKey_GetTrustDomain (
+ NSSSymKey *mk,
PRStatus *statusOpt
);
NSS_EXTERN PRBool
-nssSymmetricKey_IsOnToken (
- NSSSymmetricKey *mk,
+nssSymKey_IsOnToken (
+ NSSSymKey *mk,
NSSToken *token
);
NSS_EXTERN nssCryptokiObject *
-nssSymmetricKey_GetInstance (
- NSSSymmetricKey *mk,
+nssSymKey_GetInstance (
+ NSSSymKey *mk,
NSSToken *token
);
NSS_EXTERN nssCryptokiObject *
-nssSymmetricKey_FindInstanceForAlgorithm (
- NSSSymmetricKey *mk,
+nssSymKey_FindInstanceForAlgorithm (
+ NSSSymKey *mk,
const NSSAlgNParam *ap
);
@@ -448,29 +448,29 @@ nssUsages_Match (
NSSUsages *testUsages
);
-/* nssCertificateArray
+/* nssCertArray
*
* These are being thrown around a lot, might as well group together some
* functionality.
*
- * nssCertificateArray_Destroy
- * nssCertificateArray_Join
- * nssCertificateArray_FindBestCertificate
- * nssCertificateArray_Traverse
+ * nssCertArray_Destroy
+ * nssCertArray_Join
+ * nssCertArray_FindBestCert
+ * nssCertArray_Traverse
*/
-/* nssCertificateArray_Destroy
+/* nssCertArray_Destroy
*
* Will destroy the array and the certs within it. If the array was created
* in an arena, will *not* (of course) destroy the arena. However, is safe
* to call this method on an arena-allocated array.
*/
NSS_EXTERN void
-nssCertificateArray_Destroy (
- NSSCertificate **certs
+nssCertArray_Destroy (
+ NSSCert **certs
);
-/* nssCertificateArray_Join
+/* nssCertArray_Join
*
* Join two arrays into one. The two arrays, certs1 and certs2, should
* be considered invalid after a call to this function (they may be destroyed
@@ -478,34 +478,34 @@ nssCertificateArray_Destroy (
* call with arrays allocated in an arena, the result will also be in the
* arena.
*/
-NSS_EXTERN NSSCertificate **
-nssCertificateArray_Join (
- NSSCertificate **certs1,
- NSSCertificate **certs2
+NSS_EXTERN NSSCert **
+nssCertArray_Join (
+ NSSCert **certs1,
+ NSSCert **certs2
);
-/* nssCertificateArray_FindBestCertificate
+/* nssCertArray_FindBestCert
*
* Use the usual { time, usage, policies } to find the best cert in the
* array.
*/
-NSS_EXTERN NSSCertificate *
-nssCertificateArray_FindBestCertificate (
- NSSCertificate **certs,
+NSS_EXTERN NSSCert *
+nssCertArray_FindBestCert (
+ NSSCert **certs,
NSSTime time,
NSSUsages *usagesOpt,
NSSPolicies *policiesOpt
);
-/* nssCertificateArray_Traverse
+/* nssCertArray_Traverse
*
* Do the callback for each cert, terminate the traversal if the callback
* fails.
*/
NSS_EXTERN PRStatus
-nssCertificateArray_Traverse (
- NSSCertificate **certs,
- PRStatus (* callback)(NSSCertificate *c, void *arg),
+nssCertArray_Traverse (
+ NSSCert **certs,
+ PRStatus (* callback)(NSSCert *c, void *arg),
void *arg
);
@@ -521,7 +521,7 @@ nssCRLArray_Destroy (
* objects instances on tokens, where the actual object hasn't
* been formed yet.
*
- * nssCertificateCollection_Create
+ * nssCertCollection_Create
* nssPrivateKeyCollection_Create
* nssPublicKeyCollection_Create
*
@@ -529,7 +529,7 @@ nssCRLArray_Destroy (
* inherit all of the following methods. Instead, there is only one
* type (nssPKIObjectCollection), shared among all. This may cause
* confusion; an alternative would be to define all of the methods
- * for each subtype (nssCertificateCollection_Destroy, ...), but that doesn't
+ * for each subtype (nssCertCollection_Destroy, ...), but that doesn't
* seem worth the code bloat.. It is left up to the caller to remember
* what type of collection he/she is dealing with.
*
@@ -541,21 +541,21 @@ nssCRLArray_Destroy (
*
* Back to type-specific methods.
*
- * nssPKIObjectCollection_GetCertificates
+ * nssPKIObjectCollection_GetCerts
* nssPKIObjectCollection_GetCRLs
* nssPKIObjectCollection_GetPrivateKeys
* nssPKIObjectCollection_GetPublicKeys
*/
-/* nssCertificateCollection_Create
+/* nssCertCollection_Create
*
* Create a collection of certificates in the specified trust domain.
* Optionally provide a starting set of certs.
*/
NSS_EXTERN nssPKIObjectCollection *
-nssCertificateCollection_Create (
+nssCertCollection_Create (
NSSTrustDomain *td,
- NSSCertificate **certsOpt
+ NSSCert **certsOpt
);
/* nssCRLCollection_Create
@@ -638,7 +638,7 @@ nssPKIObjectCollection_Traverse (
);
/* This function is being added for NSS 3.5. It corresponds to the function
- * nssToken_TraverseCertificates. The idea is to use the collection during
+ * nssToken_TraverseCerts. The idea is to use the collection during
* a traversal, creating certs each time a new instance is added for which
* a cert does not already exist.
*/
@@ -648,14 +648,14 @@ nssPKIObjectCollection_AddInstanceAsObject (
nssCryptokiObject *instance
);
-/* nssPKIObjectCollection_GetCertificates
+/* nssPKIObjectCollection_GetCerts
*
* Get all of the certificates in the collection.
*/
-NSS_EXTERN NSSCertificate **
-nssPKIObjectCollection_GetCertificates (
+NSS_EXTERN NSSCert **
+nssPKIObjectCollection_GetCerts (
nssPKIObjectCollection *collection,
- NSSCertificate **rvOpt,
+ NSSCert **rvOpt,
PRUint32 maximumOpt,
NSSArena *arenaOpt
);
@@ -691,14 +691,14 @@ nssPKIObjectCreator_GenerateKeyPair (
NSSPrivateKey **pvkOpt
);
-NSS_EXTERN NSSSymmetricKey *
-nssPKIObjectCreator_GenerateSymmetricKey (
+NSS_EXTERN NSSSymKey *
+nssPKIObjectCreator_GenerateSymKey (
nssPKIObjectCreator *creator,
PRUint32 keysize
);
NSS_EXTERN nssHash *
-nssHash_CreateCertificate (
+nssHash_CreateCert (
NSSArena *arenaOpt,
PRUint32 numBuckets
);
diff --git a/security/nss/lib/pki/pkistore.c b/security/nss/lib/pki/pkistore.c
index 5d4022f45..d352aa978 100644
--- a/security/nss/lib/pki/pkistore.c
+++ b/security/nss/lib/pki/pkistore.c
@@ -49,18 +49,18 @@ static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
/* taking from certificate implementation... move to pkim.h? */
NSS_EXTERN PRUint32
-nssCertificate_Hash (
- NSSCertificate *c
+nssCert_Hash (
+ NSSCert *c
);
-NSS_EXTERN NSSCertificate *
-nssCertificate_CreateIndexCert (
+NSS_EXTERN NSSCert *
+nssCert_CreateIndexCert (
NSSDER *issuer,
NSSDER *serial
);
/*
- * Certificate Store
+ * Cert Store
*
* This differs from the cache in that it is a true storage facility. Items
* stay in until they are explicitly removed. It is only used by crypto
@@ -68,7 +68,7 @@ nssCertificate_CreateIndexCert (
*
*/
-struct nssCertificateStoreStr
+struct nssCertStoreStr
{
PRBool i_allocated_arena;
NSSArena *arena;
@@ -81,22 +81,22 @@ typedef struct certificate_hash_entry_str certificate_hash_entry;
struct certificate_hash_entry_str
{
- NSSCertificate *cert;
+ NSSCert *cert;
nssTrust *trust;
nssSMIMEProfile *profile;
};
#if 0
/* XXX This a common function that should be moved out, possibly an
- * nssSubjectCertificateList should be created?
+ * nssSubjectCertList should be created?
*/
/* sort the subject list from newest to oldest */
static PRIntn subject_list_sort(void *v1, void *v2)
{
- NSSCertificate *c1 = (NSSCertificate *)v1;
- NSSCertificate *c2 = (NSSCertificate *)v2;
- nssDecodedCert *dc1 = nssCertificate_GetDecoding(c1);
- nssDecodedCert *dc2 = nssCertificate_GetDecoding(c2);
+ NSSCert *c1 = (NSSCert *)v1;
+ NSSCert *c2 = (NSSCert *)v2;
+ nssDecodedCert *dc1 = nssCert_GetDecoding(c1);
+ nssDecodedCert *dc2 = nssCert_GetDecoding(c2);
if (dc1->isNewerThan(dc1, dc2)) {
return -1;
} else {
@@ -108,7 +108,7 @@ static PRIntn subject_list_sort(void *v1, void *v2)
struct subject_list_node_str
{
PRCList link;
- NSSCertificate *cert;
+ NSSCert *cert;
};
struct subject_hash_entry_str
@@ -146,7 +146,7 @@ subject_hash_entry_destroy (
static PRStatus
subject_hash_entry_add (
subject_hash_entry *entry,
- NSSCertificate *cert
+ NSSCert *cert
)
{
struct subject_list_node_str *node;
@@ -154,7 +154,7 @@ subject_hash_entry_add (
/* XXX sort by validity */
while (link != &entry->head) {
node = (struct subject_list_node_str *)link;
- if (nssCertificate_IssuerAndSerialEqual(cert, node->cert)) {
+ if (nssCert_IssuerAndSerialEqual(cert, node->cert)) {
/* cert already in */
return PR_FAILURE;
}
@@ -174,7 +174,7 @@ subject_hash_entry_add (
static void
subject_hash_entry_remove (
subject_hash_entry *entry,
- NSSCertificate *cert
+ NSSCert *cert
)
{
struct subject_list_node_str *node;
@@ -194,7 +194,7 @@ subject_hash_entry_remove (
static void
get_subject_entry_certs (
subject_hash_entry *entry,
- NSSCertificate **array,
+ NSSCert **array,
PRUint32 count
)
{
@@ -203,18 +203,18 @@ get_subject_entry_certs (
PRCList *link = PR_NEXT_LINK(&entry->head);
while (link != &entry->head && i < count) {
node = (struct subject_list_node_str *)link;
- array[i++] = nssCertificate_AddRef(node->cert);
+ array[i++] = nssCert_AddRef(node->cert);
link = PR_NEXT_LINK(link);
}
}
-NSS_IMPLEMENT nssCertificateStore *
-nssCertificateStore_Create (
+NSS_IMPLEMENT nssCertStore *
+nssCertStore_Create (
NSSArena *arenaOpt
)
{
NSSArena *arena;
- nssCertificateStore *store;
+ nssCertStore *store;
PRBool i_allocated_arena;
if (arenaOpt) {
arena = arenaOpt;
@@ -226,7 +226,7 @@ nssCertificateStore_Create (
}
i_allocated_arena = PR_TRUE;
}
- store = nss_ZNEW(arena, nssCertificateStore);
+ store = nss_ZNEW(arena, nssCertStore);
if (!store) {
goto loser;
}
@@ -235,7 +235,7 @@ nssCertificateStore_Create (
goto loser;
}
/* Create the issuer/serial --> {cert, trust, S/MIME profile } hash */
- store->issuer_and_serial = nssHash_CreateCertificate(arena, 0);
+ store->issuer_and_serial = nssHash_CreateCert(arena, 0);
if (!store->issuer_and_serial) {
goto loser;
}
@@ -266,8 +266,8 @@ loser:
}
NSS_IMPLEMENT void
-nssCertificateStore_Destroy (
- nssCertificateStore *store
+nssCertStore_Destroy (
+ nssCertStore *store
)
{
PZ_DestroyLock(store->lock);
@@ -282,8 +282,8 @@ nssCertificateStore_Destroy (
static PRStatus
add_certificate_entry (
- nssCertificateStore *store,
- NSSCertificate *cert
+ nssCertStore *store,
+ NSSCert *cert
)
{
PRStatus status;
@@ -302,13 +302,13 @@ add_certificate_entry (
static PRStatus
add_subject_entry (
- nssCertificateStore *store,
- NSSCertificate *cert
+ nssCertStore *store,
+ NSSCert *cert
)
{
PRStatus status;
subject_hash_entry *entry;
- NSSDER *subject = nssCertificate_GetSubject(cert);
+ NSSDER *subject = nssCert_GetSubject(cert);
entry = (subject_hash_entry *)nssHash_Lookup(store->subject, subject);
if (entry) {
/* The subject is already in, add this cert to the list */
@@ -333,14 +333,14 @@ add_subject_entry (
/* declared below */
static void
remove_certificate_entry (
- nssCertificateStore *store,
- NSSCertificate *cert
+ nssCertStore *store,
+ NSSCert *cert
);
NSS_IMPLEMENT PRStatus
-nssCertificateStore_Add (
- nssCertificateStore *store,
- NSSCertificate *cert
+nssCertStore_Add (
+ nssCertStore *store,
+ NSSCert *cert
)
{
PRStatus status;
@@ -353,7 +353,7 @@ nssCertificateStore_Add (
if (status == PR_SUCCESS) {
status = add_subject_entry(store, cert);
if (status == PR_SUCCESS) {
- nssCertificate_AddRef(cert); /* obtain a reference for the store */
+ nssCert_AddRef(cert); /* obtain a reference for the store */
} else {
remove_certificate_entry(store, cert);
}
@@ -364,8 +364,8 @@ nssCertificateStore_Add (
static void
remove_certificate_entry (
- nssCertificateStore *store,
- NSSCertificate *cert
+ nssCertStore *store,
+ NSSCert *cert
)
{
certificate_hash_entry *entry;
@@ -385,12 +385,12 @@ remove_certificate_entry (
static void
remove_subject_entry (
- nssCertificateStore *store,
- NSSCertificate *cert
+ nssCertStore *store,
+ NSSCert *cert
)
{
subject_hash_entry *entry;
- NSSDER *subject = nssCertificate_GetSubject(cert);
+ NSSDER *subject = nssCert_GetSubject(cert);
/* Get the subject list for the cert's subject */
entry = (subject_hash_entry *)nssHash_Lookup(store->subject, subject);
if (entry) {
@@ -404,9 +404,9 @@ remove_subject_entry (
}
NSS_IMPLEMENT void
-nssCertificateStore_Remove (
- nssCertificateStore *store,
- NSSCertificate *cert
+nssCertStore_Remove (
+ nssCertStore *store,
+ NSSCert *cert
)
{
certificate_hash_entry *entry;
@@ -416,23 +416,23 @@ nssCertificateStore_Remove (
if (entry && entry->cert == cert) {
remove_certificate_entry(store, cert);
remove_subject_entry(store, cert);
- NSSCertificate_Destroy(cert); /* release the store's reference */
+ NSSCert_Destroy(cert); /* release the store's reference */
}
PZ_Unlock(store->lock);
}
-static NSSCertificate **
+static NSSCert **
get_certs_from_entry (
subject_hash_entry *entry,
- NSSCertificate *rvOpt[],
+ NSSCert *rvOpt[],
PRUint32 maximumOpt,
NSSArena *arenaOpt
)
{
PRUint32 count;
- NSSCertificate **rvArray = NULL;
+ NSSCert **rvArray = NULL;
if (entry->count == 0) {
- return (NSSCertificate **)NULL;
+ return (NSSCert **)NULL;
}
if (maximumOpt > 0) {
count = PR_MIN(maximumOpt, entry->count);
@@ -440,7 +440,7 @@ get_certs_from_entry (
if (rvOpt) {
rvArray = rvOpt;
} else {
- rvArray = nss_ZNEWARRAY(arenaOpt, NSSCertificate *, count + 1);
+ rvArray = nss_ZNEWARRAY(arenaOpt, NSSCert *, count + 1);
}
if (rvArray) {
get_subject_entry_certs(entry, rvArray, count);
@@ -448,16 +448,16 @@ get_certs_from_entry (
return rvArray;
}
-NSS_IMPLEMENT NSSCertificate **
-nssCertificateStore_FindCertificatesBySubject (
- nssCertificateStore *store,
+NSS_IMPLEMENT NSSCert **
+nssCertStore_FindCertsBySubject (
+ nssCertStore *store,
NSSDER *subject,
- NSSCertificate *rvOpt[],
+ NSSCert *rvOpt[],
PRUint32 maximumOpt,
NSSArena *arenaOpt
)
{
- NSSCertificate **rvArray = NULL;
+ NSSCert **rvArray = NULL;
subject_hash_entry *entry;
PZ_Lock(store->lock);
entry = (subject_hash_entry *)nssHash_Lookup(store->subject, subject);
@@ -493,7 +493,7 @@ static void match_nickname(const void *k, void *v, void *a)
subject_hash_entry *entry = (subject_hash_entry *)v;
struct subject_list_node_str *node;
node = (struct subject_list_node_str *)PR_NEXT_LINK(&entry->head);
- nickname = nssCertificate_GetNickname(node->cert, NULL);
+ nickname = nssCert_GetNickname(node->cert, NULL);
if (status == PR_SUCCESS && nickname &&
nssUTF8_Equal(nickname, nt->nickname, &status))
{
@@ -504,16 +504,16 @@ static void match_nickname(const void *k, void *v, void *a)
/*
* Find all cached certs with this label.
*/
-NSS_IMPLEMENT NSSCertificate **
-nssCertificateStore_FindCertificatesByNickname (
- nssCertificateStore *store,
+NSS_IMPLEMENT NSSCert **
+nssCertStore_FindCertsByNickname (
+ nssCertStore *store,
NSSUTF8 *nickname,
- NSSCertificate *rvOpt[],
+ NSSCert *rvOpt[],
PRUint32 maximumOpt,
NSSArena *arenaOpt
)
{
- NSSCertificate **rvArray = NULL;
+ NSSCert **rvArray = NULL;
struct nickname_template_str nt;
nt.nickname = nickname;
nt.entry = NULL;
@@ -531,7 +531,7 @@ struct email_template_str
NSSASCII7 *email;
NSSArena *arena;
PRUint32 maximum;
- NSSCertificate **certs;
+ NSSCert **certs;
PRUint32 numCerts;
};
@@ -543,18 +543,18 @@ static void match_email(const void *k, void *v, void *a)
subject_hash_entry *entry = (subject_hash_entry *)v;
struct subject_list_node_str *node;
node = (struct subject_list_node_str *)PR_NEXT_LINK(&entry->head);
- email = nssCertificate_GetEmailAddress(node->cert);
+ email = nssCert_GetEmailAddress(node->cert);
if (nssUTF8_Equal(email, et->email, &status)) {
PRUint32 i, count = entry->count;
if (et->numCerts == 0 && !et->certs) {
/* First encounter with matching certs, and need to allocate
* an array for them
*/
- et->certs = nss_ZNEWARRAY(et->arena, NSSCertificate *, count + 1);
+ et->certs = nss_ZNEWARRAY(et->arena, NSSCert *, count + 1);
} else if (et->maximum == 0 && et->certs) {
/* Already have matching certs, need to realloc */
et->certs = nss_ZREALLOCARRAY(et->certs,
- NSSCertificate *,
+ NSSCert *,
et->numCerts + count + 1);
}
if (!et->certs) {
@@ -566,7 +566,7 @@ static void match_email(const void *k, void *v, void *a)
count = et->maximum - et->numCerts;
}
for (i=0; i<count; i++) {
- et->certs[et->numCerts++] = nssCertificate_AddRef(node->cert);
+ et->certs[et->numCerts++] = nssCert_AddRef(node->cert);
}
}
}
@@ -574,11 +574,11 @@ static void match_email(const void *k, void *v, void *a)
/*
* Find all cached certs with this email address.
*/
-NSS_IMPLEMENT NSSCertificate **
-nssCertificateStore_FindCertificatesByEmail (
- nssCertificateStore *store,
+NSS_IMPLEMENT NSSCert **
+nssCertStore_FindCertsByEmail (
+ nssCertStore *store,
NSSASCII7 *email,
- NSSCertificate *rvOpt[],
+ NSSCert *rvOpt[],
PRUint32 maximumOpt,
NSSArena *arenaOpt
)
@@ -595,22 +595,22 @@ nssCertificateStore_FindCertificatesByEmail (
return et.certs;
}
-NSS_IMPLEMENT NSSCertificate *
-nssCertificateStore_FindCertificateByIssuerAndSerialNumber (
- nssCertificateStore *store,
+NSS_IMPLEMENT NSSCert *
+nssCertStore_FindCertByIssuerAndSerialNumber (
+ nssCertStore *store,
NSSDER *issuer,
NSSDER *serial
)
{
certificate_hash_entry *entry;
- NSSCertificate *index;
- NSSCertificate *rvCert = NULL;
- index = nssCertificate_CreateIndexCert(issuer, serial);
+ NSSCert *index;
+ NSSCert *rvCert = NULL;
+ index = nssCert_CreateIndexCert(issuer, serial);
PZ_Lock(store->lock);
entry = (certificate_hash_entry *)
nssHash_Lookup(store->issuer_and_serial, &index);
if (entry) {
- rvCert = nssCertificate_AddRef(entry->cert);
+ rvCert = nssCert_AddRef(entry->cert);
}
PZ_Unlock(store->lock);
nss_ZFreeIf(index);
@@ -646,22 +646,22 @@ issuer_and_serial_from_encoding (
}
#endif
-NSS_IMPLEMENT NSSCertificate *
-nssCertificateStore_FindCertificateByEncodedCertificate (
- nssCertificateStore *store,
+NSS_IMPLEMENT NSSCert *
+nssCertStore_FindCertByEncodedCert (
+ nssCertStore *store,
NSSDER *encoding
)
{
PRStatus status = PR_FAILURE;
NSSDER issuer, serial;
- NSSCertificate *rvCert = NULL;
+ NSSCert *rvCert = NULL;
#ifdef NSS_3_4_CODE
status = issuer_and_serial_from_encoding(encoding, &issuer, &serial);
#endif
if (status != PR_SUCCESS) {
return NULL;
}
- rvCert = nssCertificateStore_FindCertificateByIssuerAndSerialNumber(store,
+ rvCert = nssCertStore_FindCertByIssuerAndSerialNumber(store,
&issuer,
&serial);
#ifdef NSS_3_4_CODE
@@ -672,13 +672,13 @@ nssCertificateStore_FindCertificateByEncodedCertificate (
}
NSS_EXTERN PRStatus
-nssCertificateStore_AddTrust (
- nssCertificateStore *store,
+nssCertStore_AddTrust (
+ nssCertStore *store,
nssTrust *trust
)
{
#if 0
- NSSCertificate *cert;
+ NSSCert *cert;
certificate_hash_entry *entry;
cert = trust->certificate;
PZ_Lock(store->lock);
@@ -694,9 +694,9 @@ nssCertificateStore_AddTrust (
}
NSS_IMPLEMENT nssTrust *
-nssCertificateStore_FindTrustForCertificate (
- nssCertificateStore *store,
- NSSCertificate *cert
+nssCertStore_FindTrustForCert (
+ nssCertStore *store,
+ NSSCert *cert
)
{
certificate_hash_entry *entry;
@@ -712,13 +712,13 @@ nssCertificateStore_FindTrustForCertificate (
}
NSS_EXTERN PRStatus
-nssCertificateStore_AddSMIMEProfile (
- nssCertificateStore *store,
+nssCertStore_AddSMIMEProfile (
+ nssCertStore *store,
nssSMIMEProfile *profile
)
{
#if 0
- NSSCertificate *cert;
+ NSSCert *cert;
certificate_hash_entry *entry;
cert = profile->certificate;
PZ_Lock(store->lock);
@@ -734,9 +734,9 @@ nssCertificateStore_AddSMIMEProfile (
}
NSS_IMPLEMENT nssSMIMEProfile *
-nssCertificateStore_FindSMIMEProfileForCertificate (
- nssCertificateStore *store,
- NSSCertificate *cert
+nssCertStore_FindSMIMEProfileForCert (
+ nssCertStore *store,
+ NSSCert *cert
)
{
certificate_hash_entry *entry;
@@ -754,18 +754,18 @@ nssCertificateStore_FindSMIMEProfileForCertificate (
static PLHashNumber
nss_certificate_hash(const void *c)
{
- return (PLHashNumber)nssCertificate_Hash((NSSCertificate *)c);
+ return (PLHashNumber)nssCert_Hash((NSSCert *)c);
}
static int
nss_compare_certs(const void *v1, const void *v2)
{
- return nssCertificate_IssuerAndSerialEqual((NSSCertificate *)v1,
- (NSSCertificate *)v2);
+ return nssCert_IssuerAndSerialEqual((NSSCert *)v1,
+ (NSSCert *)v2);
}
NSS_IMPLEMENT nssHash *
-nssHash_CreateCertificate (
+nssHash_CreateCert (
NSSArena *arenaOpt,
PRUint32 numBuckets
)
@@ -778,8 +778,8 @@ nssHash_CreateCertificate (
}
NSS_IMPLEMENT void
-nssCertificateStore_DumpStoreInfo (
- nssCertificateStore *store,
+nssCertStore_DumpStoreInfo (
+ nssCertStore *store,
void (* cert_dump_iter)(const void *, void *, void *),
void *arg
)
diff --git a/security/nss/lib/pki/pkistore.h b/security/nss/lib/pki/pkistore.h
index d252eb192..76a600830 100644
--- a/security/nss/lib/pki/pkistore.h
+++ b/security/nss/lib/pki/pkistore.h
@@ -58,117 +58,117 @@ PR_BEGIN_EXTERN_C
*/
/*
- * nssCertificateStore
+ * nssCertStore
*
* Manages local store of certificate, trust, and S/MIME profile objects.
* Within a crypto context, mappings of cert to trust and cert to S/MIME
* profile are always 1-1. Therefore, it is reasonable to store all objects
* in a single collection, indexed by the certificate.
*
- * nssCertificateStore_Create
- * nssCertificateStore_Destroy
- * nssCertificateStore_Add
- * nssCertificateStore_Remove
- * nssCertificateStore_FindCertificatesBySubject
- * nssCertificateStore_FindCertificatesByNickname
- * nssCertificateStore_FindCertificatesByEmail
- * nssCertificateStore_FindCertificateByIssuerAndSerialNumber
- * nssCertificateStore_FindCertificateByEncodedCertificate
- * nssCertificateStore_AddTrust
- * nssCertificateStore_FindTrustForCertificate
- * nssCertificateStore_AddSMIMEProfile
- * nssCertificateStore_FindSMIMEProfileForCertificate
+ * nssCertStore_Create
+ * nssCertStore_Destroy
+ * nssCertStore_Add
+ * nssCertStore_Remove
+ * nssCertStore_FindCertsBySubject
+ * nssCertStore_FindCertsByNickname
+ * nssCertStore_FindCertsByEmail
+ * nssCertStore_FindCertByIssuerAndSerialNumber
+ * nssCertStore_FindCertByEncodedCert
+ * nssCertStore_AddTrust
+ * nssCertStore_FindTrustForCert
+ * nssCertStore_AddSMIMEProfile
+ * nssCertStore_FindSMIMEProfileForCert
*/
-NSS_EXTERN nssCertificateStore *
-nssCertificateStore_Create (
+NSS_EXTERN nssCertStore *
+nssCertStore_Create (
NSSArena *arenaOpt
);
NSS_EXTERN void
-nssCertificateStore_Destroy (
- nssCertificateStore *store
+nssCertStore_Destroy (
+ nssCertStore *store
);
NSS_EXTERN PRStatus
-nssCertificateStore_Add (
- nssCertificateStore *store,
- NSSCertificate *cert
+nssCertStore_Add (
+ nssCertStore *store,
+ NSSCert *cert
);
NSS_EXTERN void
-nssCertificateStore_Remove (
- nssCertificateStore *store,
- NSSCertificate *cert
+nssCertStore_Remove (
+ nssCertStore *store,
+ NSSCert *cert
);
-NSS_EXTERN NSSCertificate **
-nssCertificateStore_FindCertificatesBySubject (
- nssCertificateStore *store,
+NSS_EXTERN NSSCert **
+nssCertStore_FindCertsBySubject (
+ nssCertStore *store,
NSSDER *subject,
- NSSCertificate *rvOpt[],
+ NSSCert *rvOpt[],
PRUint32 maximumOpt,
NSSArena *arenaOpt
);
-NSS_EXTERN NSSCertificate **
-nssCertificateStore_FindCertificatesByNickname (
- nssCertificateStore *store,
+NSS_EXTERN NSSCert **
+nssCertStore_FindCertsByNickname (
+ nssCertStore *store,
NSSUTF8 *nickname,
- NSSCertificate *rvOpt[],
+ NSSCert *rvOpt[],
PRUint32 maximumOpt,
NSSArena *arenaOpt
);
-NSS_EXTERN NSSCertificate **
-nssCertificateStore_FindCertificatesByEmail (
- nssCertificateStore *store,
+NSS_EXTERN NSSCert **
+nssCertStore_FindCertsByEmail (
+ nssCertStore *store,
NSSASCII7 *email,
- NSSCertificate *rvOpt[],
+ NSSCert *rvOpt[],
PRUint32 maximumOpt,
NSSArena *arenaOpt
);
-NSS_EXTERN NSSCertificate *
-nssCertificateStore_FindCertificateByIssuerAndSerialNumber (
- nssCertificateStore *store,
+NSS_EXTERN NSSCert *
+nssCertStore_FindCertByIssuerAndSerialNumber (
+ nssCertStore *store,
NSSDER *issuer,
NSSDER *serial
);
-NSS_EXTERN NSSCertificate *
-nssCertificateStore_FindCertificateByEncodedCertificate (
- nssCertificateStore *store,
+NSS_EXTERN NSSCert *
+nssCertStore_FindCertByEncodedCert (
+ nssCertStore *store,
NSSDER *encoding
);
NSS_EXTERN PRStatus
-nssCertificateStore_AddTrust (
- nssCertificateStore *store,
+nssCertStore_AddTrust (
+ nssCertStore *store,
nssTrust *trust
);
NSS_EXTERN nssTrust *
-nssCertificateStore_FindTrustForCertificate (
- nssCertificateStore *store,
- NSSCertificate *cert
+nssCertStore_FindTrustForCert (
+ nssCertStore *store,
+ NSSCert *cert
);
NSS_EXTERN PRStatus
-nssCertificateStore_AddSMIMEProfile (
- nssCertificateStore *store,
+nssCertStore_AddSMIMEProfile (
+ nssCertStore *store,
nssSMIMEProfile *profile
);
NSS_EXTERN nssSMIMEProfile *
-nssCertificateStore_FindSMIMEProfileForCertificate (
- nssCertificateStore *store,
- NSSCertificate *cert
+nssCertStore_FindSMIMEProfileForCert (
+ nssCertStore *store,
+ NSSCert *cert
);
NSS_EXTERN void
-nssCertificateStore_DumpStoreInfo (
- nssCertificateStore *store,
+nssCertStore_DumpStoreInfo (
+ nssCertStore *store,
void (* cert_dump_iter)(const void *, void *, void *),
void *arg
);
diff --git a/security/nss/lib/pki/pkit.h b/security/nss/lib/pki/pkit.h
index 70af31e69..d95ef3a67 100644
--- a/security/nss/lib/pki/pkit.h
+++ b/security/nss/lib/pki/pkit.h
@@ -55,22 +55,22 @@ static const char PKIT_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
PR_BEGIN_EXTERN_C
/* XXX */
-typedef struct nssCertificateCacheStr nssCertificateCache;
+typedef struct nssCertCacheStr nssCertCache;
typedef PRUint32 nssUpdateLevel;
typedef struct nssDecodedCertStr nssDecodedCert;
-typedef struct nssCertificateStoreStr nssCertificateStore;
+typedef struct nssCertStoreStr nssCertStore;
/* How wide is the scope of this? */
typedef struct nssSMIMEProfileStr nssSMIMEProfile;
-struct NSSSymmetricKeyStr;
+struct NSSSymKeyStr;
struct NSSPoliciesStr;
-struct NSSPKIXCertificateStr;
+struct NSSPKIXCertStr;
typedef struct nssTrustStr nssTrust;
diff --git a/security/nss/lib/pki/pkitm.h b/security/nss/lib/pki/pkitm.h
index c8d2da5bf..547424756 100644
--- a/security/nss/lib/pki/pkitm.h
+++ b/security/nss/lib/pki/pkitm.h
@@ -102,10 +102,10 @@ struct nssPKIObjectStr
typedef struct nssPKIObjectStr nssPKIObject;
-/* nssCertificateCollection
+/* nssCertCollection
*
* You guessed it; a collection of certs. Each entry may be either an
- * NSSCertificate or an nssProtoCertificate.
+ * NSSCert or an nssProtoCert.
*/
typedef struct nssPKIObjectCollectionStr nssPKIObjectCollection;
@@ -113,7 +113,7 @@ typedef struct nssPKIObjectCollectionStr nssPKIObjectCollection;
typedef struct
{
union {
- PRStatus (* cert)(NSSCertificate *c, void *arg);
+ PRStatus (* cert)(NSSCert *c, void *arg);
PRStatus (* crl)(NSSCRL *crl, void *arg);
PRStatus (* pvkey)(NSSPrivateKey *vk, void *arg);
PRStatus (* pbkey)(NSSPublicKey *bk, void *arg);
@@ -125,7 +125,7 @@ typedef struct
struct nssTrustStr
{
nssPKIObject object;
- NSSCertificate *certificate;
+ NSSCert *certificate;
nssTrustLevel serverAuth;
nssTrustLevel clientAuth;
nssTrustLevel emailProtection;
diff --git a/security/nss/lib/pki/symmkey.c b/security/nss/lib/pki/symmkey.c
index fd89bddb6..02e671c76 100644
--- a/security/nss/lib/pki/symmkey.c
+++ b/security/nss/lib/pki/symmkey.c
@@ -44,42 +44,42 @@ static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
#endif /* PKIM_H */
-struct NSSSymmetricKeyStr
+struct NSSSymKeyStr
{
nssPKIObject object;
- NSSSymmetricKeyType kind;
+ NSSSymKeyType kind;
PRUint32 length; /* XXX 64-bit... */
NSSOperations operations;
};
-NSS_IMPLEMENT NSSSymmetricKey *
-nssSymmetricKey_Create (
+NSS_IMPLEMENT NSSSymKey *
+nssSymKey_Create (
nssPKIObject *object
)
{
PRStatus status;
- NSSSymmetricKey *rvKey;
+ NSSSymKey *rvKey;
NSSArena *arena = object->arena;
PR_ASSERT(object->instances != NULL && object->numInstances > 0);
- rvKey = nss_ZNEW(arena, NSSSymmetricKey);
+ rvKey = nss_ZNEW(arena, NSSSymKey);
if (!rvKey) {
- return (NSSSymmetricKey *)NULL;
+ return (NSSSymKey *)NULL;
}
rvKey->object = *object;
/* XXX should choose instance based on some criteria */
- status = nssCryptokiSymmetricKey_GetAttributes(object->instances[0],
+ status = nssCryptokiSymKey_GetAttributes(object->instances[0],
arena,
&rvKey->kind,
&rvKey->length,
&rvKey->operations);
if (status != PR_SUCCESS) {
- return (NSSSymmetricKey *)NULL;
+ return (NSSSymKey *)NULL;
}
return rvKey;
}
-NSS_IMPLEMENT NSSSymmetricKey *
-nssSymmetricKey_CreateFromInstance (
+NSS_IMPLEMENT NSSSymKey *
+nssSymKey_CreateFromInstance (
nssCryptokiObject *instance,
NSSTrustDomain *td,
NSSVolatileDomain *vdOpt
@@ -89,14 +89,14 @@ nssSymmetricKey_CreateFromInstance (
pkio = nssPKIObject_Create(NULL, instance, td, vdOpt);
if (pkio) {
- return nssSymmetricKey_Create(pkio);
+ return nssSymKey_Create(pkio);
}
- return (NSSSymmetricKey *)NULL;
+ return (NSSSymKey *)NULL;
}
-NSS_IMPLEMENT NSSSymmetricKey *
-nssSymmetricKey_AddRef (
- NSSSymmetricKey *mk
+NSS_IMPLEMENT NSSSymKey *
+nssSymKey_AddRef (
+ NSSSymKey *mk
)
{
if (mk) {
@@ -106,25 +106,25 @@ nssSymmetricKey_AddRef (
}
NSS_IMPLEMENT PRStatus
-nssSymmetricKey_Destroy (
- NSSSymmetricKey *mk
+nssSymKey_Destroy (
+ NSSSymKey *mk
)
{
return nssPKIObject_Destroy(&mk->object);
}
NSS_IMPLEMENT PRStatus
-NSSSymmetricKey_Destroy (
- NSSSymmetricKey *mk
+NSSSymKey_Destroy (
+ NSSSymKey *mk
)
{
- nssSymmetricKey_Destroy(mk);
+ nssSymKey_Destroy(mk);
return PR_SUCCESS;
}
NSS_IMPLEMENT NSSToken **
-nssSymmetricKey_GetTokens (
- NSSSymmetricKey *mk,
+nssSymKey_GetTokens (
+ NSSSymKey *mk,
PRStatus *statusOpt
)
{
@@ -132,8 +132,8 @@ nssSymmetricKey_GetTokens (
}
NSS_IMPLEMENT nssCryptokiObject *
-nssSymmetricKey_GetInstance (
- NSSSymmetricKey *mk,
+nssSymKey_GetInstance (
+ NSSSymKey *mk,
NSSToken *token
)
{
@@ -141,8 +141,8 @@ nssSymmetricKey_GetInstance (
}
NSS_IMPLEMENT nssCryptokiObject *
-nssSymmetricKey_FindInstanceForAlgorithm (
- NSSSymmetricKey *mk,
+nssSymKey_FindInstanceForAlgorithm (
+ NSSSymKey *mk,
const NSSAlgNParam *ap
)
{
@@ -150,8 +150,8 @@ nssSymmetricKey_FindInstanceForAlgorithm (
}
NSS_IMPLEMENT PRBool
-nssSymmetricKey_IsOnToken (
- NSSSymmetricKey *mk,
+nssSymKey_IsOnToken (
+ NSSSymKey *mk,
NSSToken *token
)
{
@@ -159,8 +159,8 @@ nssSymmetricKey_IsOnToken (
}
NSS_IMPLEMENT PRStatus
-nssSymmetricKey_DeleteStoredObject (
- NSSSymmetricKey *mk,
+nssSymKey_DeleteStoredObject (
+ NSSSymKey *mk,
NSSCallback *uhh
)
{
@@ -168,17 +168,17 @@ nssSymmetricKey_DeleteStoredObject (
}
NSS_IMPLEMENT PRStatus
-NSSSymmetricKey_DeleteStoredObject (
- NSSSymmetricKey *mk,
+NSSSymKey_DeleteStoredObject (
+ NSSSymKey *mk,
NSSCallback *uhh
)
{
- return nssSymmetricKey_DeleteStoredObject(mk, uhh);
+ return nssSymKey_DeleteStoredObject(mk, uhh);
}
NSS_IMPLEMENT nssCryptokiObject *
-nssSymmetricKey_CopyToToken (
- NSSSymmetricKey *mk,
+nssSymKey_CopyToToken (
+ NSSSymKey *mk,
NSSToken *destination,
PRBool asPersistentObject
)
@@ -192,7 +192,7 @@ nssSymmetricKey_CopyToToken (
return (nssCryptokiObject *)NULL;
}
/* XXX kind of a hack to peek into first instance like this */
- mko = nssCryptokiSymmetricKey_Copy(mk->object.instances[0],
+ mko = nssCryptokiSymKey_Copy(mk->object.instances[0],
mk->object.instances[0]->session,
destination, session,
asPersistentObject);
@@ -210,19 +210,19 @@ nssSymmetricKey_CopyToToken (
}
NSS_IMPLEMENT PRUint32
-nssSymmetricKey_GetKeyLength (
- NSSSymmetricKey *mk
+nssSymKey_GetKeyLength (
+ NSSSymKey *mk
)
{
return mk->length;
}
NSS_IMPLEMENT PRUint32
-NSSSymmetricKey_GetKeyLength (
- NSSSymmetricKey *mk
+NSSSymKey_GetKeyLength (
+ NSSSymKey *mk
)
{
- return nssSymmetricKey_GetKeyLength(mk);
+ return nssSymKey_GetKeyLength(mk);
}
#ifndef BPB
@@ -230,24 +230,24 @@ NSSSymmetricKey_GetKeyLength (
#endif
NSS_IMPLEMENT PRUint32
-NSSSymmetricKey_GetKeyStrength (
- NSSSymmetricKey *mk
+NSSSymKey_GetKeyStrength (
+ NSSSymKey *mk
)
{
/* XXX look these up */
switch (mk->kind) {
- case NSSSymmetricKeyType_DES: return 56;
- case NSSSymmetricKeyType_TripleDES: return 112; /* IIRC */
- case NSSSymmetricKeyType_RC2: return -1; /* need eff. len. */
- case NSSSymmetricKeyType_RC4: return mk->length * BPB;
- case NSSSymmetricKeyType_AES: return mk->length * BPB;
+ case NSSSymKeyType_DES: return 56;
+ case NSSSymKeyType_TripleDES: return 112; /* IIRC */
+ case NSSSymKeyType_RC2: return -1; /* need eff. len. */
+ case NSSSymKeyType_RC4: return mk->length * BPB;
+ case NSSSymKeyType_AES: return mk->length * BPB;
default: return -1;
}
}
NSS_IMPLEMENT PRStatus
-NSSSymmetricKey_IsStillPresent (
- NSSSymmetricKey *mk
+NSSSymKey_IsStillPresent (
+ NSSSymKey *mk
)
{
nss_SetError(NSS_ERROR_NOT_FOUND);
@@ -255,8 +255,8 @@ NSSSymmetricKey_IsStillPresent (
}
NSS_IMPLEMENT NSSTrustDomain *
-nssSymmetricKey_GetTrustDomain (
- NSSSymmetricKey *mk,
+nssSymKey_GetTrustDomain (
+ NSSSymKey *mk,
PRStatus *statusOpt
)
{
@@ -264,17 +264,17 @@ nssSymmetricKey_GetTrustDomain (
}
NSS_IMPLEMENT NSSTrustDomain *
-NSSSymmetricKey_GetTrustDomain (
- NSSSymmetricKey *mk,
+NSSSymKey_GetTrustDomain (
+ NSSSymKey *mk,
PRStatus *statusOpt
)
{
- return nssSymmetricKey_GetTrustDomain(mk, statusOpt);
+ return nssSymKey_GetTrustDomain(mk, statusOpt);
}
NSS_IMPLEMENT NSSToken *
-NSSSymmetricKey_GetToken (
- NSSSymmetricKey *mk,
+NSSSymKey_GetToken (
+ NSSSymKey *mk,
PRStatus *statusOpt
)
{
@@ -283,8 +283,8 @@ NSSSymmetricKey_GetToken (
}
NSS_IMPLEMENT NSSSlot *
-NSSSymmetricKey_GetSlot (
- NSSSymmetricKey *mk,
+NSSSymKey_GetSlot (
+ NSSSymKey *mk,
PRStatus *statusOpt
)
{
@@ -293,8 +293,8 @@ NSSSymmetricKey_GetSlot (
}
NSS_IMPLEMENT NSSModule *
-NSSSymmetricKey_GetModule (
- NSSSymmetricKey *mk,
+NSSSymKey_GetModule (
+ NSSSymKey *mk,
PRStatus *statusOpt
)
{
@@ -303,8 +303,8 @@ NSSSymmetricKey_GetModule (
}
NSS_IMPLEMENT NSSItem *
-nssSymmetricKey_Encrypt (
- NSSSymmetricKey *mk,
+nssSymKey_Encrypt (
+ NSSSymKey *mk,
const NSSAlgNParam *ap,
NSSItem *data,
NSSCallback *uhh,
@@ -335,8 +335,8 @@ nssSymmetricKey_Encrypt (
}
NSS_IMPLEMENT NSSItem *
-NSSSymmetricKey_Encrypt (
- NSSSymmetricKey *mk,
+NSSSymKey_Encrypt (
+ NSSSymKey *mk,
const NSSAlgNParam *ap,
NSSItem *data,
NSSCallback *uhh,
@@ -344,12 +344,12 @@ NSSSymmetricKey_Encrypt (
NSSArena *arenaOpt
)
{
- return nssSymmetricKey_Encrypt(mk, ap, data, uhh, rvOpt, arenaOpt);
+ return nssSymKey_Encrypt(mk, ap, data, uhh, rvOpt, arenaOpt);
}
NSS_IMPLEMENT NSSItem *
-nssSymmetricKey_Decrypt (
- NSSSymmetricKey *mk,
+nssSymKey_Decrypt (
+ NSSSymKey *mk,
const NSSAlgNParam *ap,
NSSItem *encryptedData,
NSSCallback *uhh,
@@ -380,8 +380,8 @@ nssSymmetricKey_Decrypt (
}
NSS_IMPLEMENT NSSItem *
-NSSSymmetricKey_Decrypt (
- NSSSymmetricKey *mk,
+NSSSymKey_Decrypt (
+ NSSSymKey *mk,
const NSSAlgNParam *ap,
NSSItem *encryptedData,
NSSCallback *uhh,
@@ -389,13 +389,13 @@ NSSSymmetricKey_Decrypt (
NSSArena *arenaOpt
)
{
- return nssSymmetricKey_Decrypt(mk, ap, encryptedData,
+ return nssSymKey_Decrypt(mk, ap, encryptedData,
uhh, rvOpt, arenaOpt);
}
NSS_IMPLEMENT NSSItem *
-nssSymmetricKey_Sign (
- NSSSymmetricKey *mk,
+nssSymKey_Sign (
+ NSSSymKey *mk,
const NSSAlgNParam *ap,
NSSItem *data,
NSSCallback *uhh,
@@ -426,8 +426,8 @@ nssSymmetricKey_Sign (
}
NSS_IMPLEMENT NSSItem *
-NSSSymmetricKey_Sign (
- NSSSymmetricKey *mk,
+NSSSymKey_Sign (
+ NSSSymKey *mk,
const NSSAlgNParam *ap,
NSSItem *data,
NSSCallback *uhh,
@@ -435,12 +435,12 @@ NSSSymmetricKey_Sign (
NSSArena *arenaOpt
)
{
- return nssSymmetricKey_Sign(mk, ap, data, uhh, rvOpt, arenaOpt);
+ return nssSymKey_Sign(mk, ap, data, uhh, rvOpt, arenaOpt);
}
NSS_IMPLEMENT PRStatus
-nssSymmetricKey_Verify (
- NSSSymmetricKey *mk,
+nssSymKey_Verify (
+ NSSSymKey *mk,
const NSSAlgNParam *ap,
NSSItem *data,
NSSItem *signature,
@@ -478,22 +478,22 @@ nssSymmetricKey_Verify (
}
NSS_IMPLEMENT PRStatus
-NSSSymmetricKey_Verify (
- NSSSymmetricKey *mk,
+NSSSymKey_Verify (
+ NSSSymKey *mk,
const NSSAlgNParam *ap,
NSSItem *data,
NSSItem *signature,
NSSCallback *uhh
)
{
- return nssSymmetricKey_Verify(mk, ap, data, signature, uhh);
+ return nssSymKey_Verify(mk, ap, data, signature, uhh);
}
NSS_IMPLEMENT NSSItem *
-NSSSymmetricKey_WrapSymmetricKey (
- NSSSymmetricKey *wrappingKey,
+NSSSymKey_WrapSymKey (
+ NSSSymKey *wrappingKey,
const NSSAlgNParam *ap,
- NSSSymmetricKey *keyToWrap,
+ NSSSymKey *keyToWrap,
NSSCallback *uhh,
NSSItem *rvOpt,
NSSArena *arenaOpt
@@ -504,8 +504,8 @@ NSSSymmetricKey_WrapSymmetricKey (
}
NSS_IMPLEMENT NSSItem *
-NSSSymmetricKey_WrapPrivateKey (
- NSSSymmetricKey *wrappingKey,
+NSSSymKey_WrapPrivateKey (
+ NSSSymKey *wrappingKey,
const NSSAlgNParam *ap,
NSSPrivateKey *keyToWrap,
NSSCallback *uhh,
@@ -517,9 +517,9 @@ NSSSymmetricKey_WrapPrivateKey (
return NULL;
}
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSSymmetricKey_UnwrapSymmetricKey (
- NSSSymmetricKey *wrappingKey,
+NSS_IMPLEMENT NSSSymKey *
+NSSSymKey_UnwrapSymKey (
+ NSSSymKey *wrappingKey,
const NSSAlgNParam *ap,
NSSItem *wrappedKey,
NSSOID *target,
@@ -533,8 +533,8 @@ NSSSymmetricKey_UnwrapSymmetricKey (
}
NSS_IMPLEMENT NSSPrivateKey *
-NSSSymmetricKey_UnwrapPrivateKey (
- NSSSymmetricKey *wrappingKey,
+NSSSymKey_UnwrapPrivateKey (
+ NSSSymKey *wrappingKey,
const NSSAlgNParam *ap,
NSSItem *wrappedKey,
NSSUTF8 *labelOpt,
@@ -549,11 +549,11 @@ NSSSymmetricKey_UnwrapPrivateKey (
return NULL;
}
-NSS_IMPLEMENT NSSSymmetricKey *
-nssSymmetricKey_DeriveSymmetricKey (
- NSSSymmetricKey *originalKey,
+NSS_IMPLEMENT NSSSymKey *
+nssSymKey_DeriveSymKey (
+ NSSSymKey *originalKey,
const NSSAlgNParam *ap,
- NSSSymmetricKeyType target,
+ NSSSymKeyType target,
PRUint32 keySizeOpt,
NSSOperations operations,
NSSCallback *uhh
@@ -563,51 +563,51 @@ nssSymmetricKey_DeriveSymmetricKey (
return NULL;
}
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSSymmetricKey_DeriveSymmetricKey (
- NSSSymmetricKey *originalKey,
+NSS_IMPLEMENT NSSSymKey *
+NSSSymKey_DeriveSymKey (
+ NSSSymKey *originalKey,
const NSSAlgNParam *ap,
- NSSSymmetricKeyType target,
+ NSSSymKeyType target,
PRUint32 keySizeOpt,
NSSOperations operations,
NSSCallback *uhh
)
{
- return nssSymmetricKey_DeriveSymmetricKey(originalKey, ap, target,
+ return nssSymKey_DeriveSymKey(originalKey, ap, target,
keySizeOpt, operations, uhh);
}
NSS_IMPLEMENT NSSCryptoContext *
-nssSymmetricKey_CreateCryptoContext (
- NSSSymmetricKey *mk,
+nssSymKey_CreateCryptoContext (
+ NSSSymKey *mk,
const NSSAlgNParam *apOpt,
NSSCallback *uhh
)
{
NSSCryptoContext *cc;
- cc = nssCryptoContext_CreateForSymmetricKey(mk, apOpt, uhh);
+ cc = nssCryptoContext_CreateForSymKey(mk, apOpt, uhh);
return cc;
}
NSS_IMPLEMENT NSSCryptoContext *
-NSSSymmetricKey_CreateCryptoContext (
- NSSSymmetricKey *mk,
+NSSSymKey_CreateCryptoContext (
+ NSSSymKey *mk,
const NSSAlgNParam *apOpt,
NSSCallback *uhh
)
{
- return nssSymmetricKey_CreateCryptoContext(mk, apOpt, uhh);
+ return nssSymKey_CreateCryptoContext(mk, apOpt, uhh);
}
NSS_IMPLEMENT PRStatus
-nssSymmetricKey_DeriveSSLSessionKeys (
- NSSSymmetricKey *masterSecret,
+nssSymKey_DeriveSSLSessionKeys (
+ NSSSymKey *masterSecret,
const NSSAlgNParam *ap,
- NSSSymmetricKeyType bulkKeyType,
+ NSSSymKeyType bulkKeyType,
NSSOperations operations,
NSSProperties properties,
PRUint32 keySize,
- NSSSymmetricKey **sessionKeys
+ NSSSymKey **sessionKeys
)
{
nssCryptokiObject *mso; /* only one instance of master secret */
@@ -624,7 +624,7 @@ nssSymmetricKey_DeriveSSLSessionKeys (
return PR_FAILURE;
}
for (i=0; i<4; i++) {
- sessionKeys[i] = nssSymmetricKey_CreateFromInstance(skeys[i],
+ sessionKeys[i] = nssSymKey_CreateFromInstance(skeys[i],
masterSecret->object.td,
masterSecret->object.vd);
if (!sessionKeys[i]) break;
@@ -632,7 +632,7 @@ nssSymmetricKey_DeriveSSLSessionKeys (
if (i < 4) {
nssCryptokiObject_Destroy(skeys[i]);
for (--i; i>=0; --i) {
- nssSymmetricKey_Destroy(sessionKeys[i]);
+ nssSymKey_Destroy(sessionKeys[i]);
}
status = PR_FAILURE;
}
@@ -640,14 +640,14 @@ nssSymmetricKey_DeriveSSLSessionKeys (
}
NSS_IMPLEMENT void
-nssSymmetricKeyArray_Destroy (
- NSSSymmetricKey **mkeys
+nssSymKeyArray_Destroy (
+ NSSSymKey **mkeys
)
{
- NSSSymmetricKey **mk = mkeys;
+ NSSSymKey **mk = mkeys;
if (mkeys) {
while (mk++) {
- nssSymmetricKey_Destroy(*mk);
+ nssSymKey_Destroy(*mk);
}
}
nss_ZFreeIf(mkeys);
diff --git a/security/nss/lib/pki/trustdomain.c b/security/nss/lib/pki/trustdomain.c
index bd1f451a3..5ab3929e0 100644
--- a/security/nss/lib/pki/trustdomain.c
+++ b/security/nss/lib/pki/trustdomain.c
@@ -63,7 +63,7 @@ struct NSSTrustDomainStr {
nssSlotList *forTrust;
} slots;
#ifdef CERT_CACHE
- nssCertificateCache *cache;
+ nssCertCache *cache;
#endif /* CERT_CACHE */
};
@@ -99,7 +99,7 @@ NSSTrustDomain_Create (
goto loser;
}
#ifdef CERT_CACHE
- rvTD->cache = nssCertificateCache_Create();
+ rvTD->cache = nssCertCache_Create();
if (!rvTD->cache) {
goto loser;
}
@@ -125,7 +125,7 @@ NSSTrustDomain_Destroy (
nssSlotList_Destroy(td->slots.forCiphers);
nssSlotList_Destroy(td->slots.forTrust);
#ifdef CERT_CACHE
- nssCertificateCache_Destroy(td->cache);
+ nssCertCache_Destroy(td->cache);
#endif /* CERT_CACHE */
/* Destroy the trust domain */
nssArena_Destroy(td->arena);
@@ -405,10 +405,10 @@ NSSTrustDomain_Logout (
return PR_FAILURE;
}
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_ImportCertificate (
+NSS_IMPLEMENT NSSCert *
+NSSTrustDomain_ImportCert (
NSSTrustDomain *td,
- NSSCertificate *c,
+ NSSCert *c,
NSSToken *destinationOpt
)
{
@@ -416,8 +416,8 @@ NSSTrustDomain_ImportCertificate (
return NULL;
}
-NSS_IMPLEMENT NSSCertificate *
-nssTrustDomain_ImportEncodedCertificate (
+NSS_IMPLEMENT NSSCert *
+nssTrustDomain_ImportEncodedCert (
NSSTrustDomain *td,
NSSBER *ber,
NSSToken *destinationOpt,
@@ -425,42 +425,42 @@ nssTrustDomain_ImportEncodedCertificate (
)
{
PRStatus status;
- NSSCertificate *c = NULL;
+ NSSCert *c = NULL;
NSSToken *destination = destinationOpt; /* XXX */
- c = nssCertificate_Decode(ber);
+ c = nssCert_Decode(ber);
if (!c) {
goto loser;
}
- status = nssCertificate_CopyToToken(c, destination, nicknameOpt);
+ status = nssCert_CopyToToken(c, destination, nicknameOpt);
if (status == PR_FAILURE) {
goto loser;
}
return c;
loser:
if (c) {
- nssCertificate_Destroy(c);
+ nssCert_Destroy(c);
}
- return (NSSCertificate *)NULL;
+ return (NSSCert *)NULL;
}
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_ImportEncodedCertificate (
+NSS_IMPLEMENT NSSCert *
+NSSTrustDomain_ImportEncodedCert (
NSSTrustDomain *td,
NSSBER *ber,
NSSToken *destinationOpt,
NSSUTF8 *nicknameOpt
)
{
- return nssTrustDomain_ImportEncodedCertificate(td, ber, destinationOpt,
+ return nssTrustDomain_ImportEncodedCert(td, ber, destinationOpt,
nicknameOpt);
}
-NSS_IMPLEMENT NSSCertificate **
-NSSTrustDomain_ImportEncodedCertificateChain (
+NSS_IMPLEMENT NSSCert **
+NSSTrustDomain_ImportEncodedCertChain (
NSSTrustDomain *td,
NSSBER *ber,
- NSSCertificate *rvOpt[],
+ NSSCert *rvOpt[],
PRUint32 maximumOpt, /* 0 for no max */
NSSArena *arenaOpt,
NSSToken *destinationOpt
@@ -516,11 +516,11 @@ NSSTrustDomain_ImportEncodedPublicKey (
return NULL;
}
-NSS_IMPLEMENT NSSCertificate **
-nssTrustDomain_FindCertificatesByNickname (
+NSS_IMPLEMENT NSSCert **
+nssTrustDomain_FindCertsByNickname (
NSSTrustDomain *td,
NSSUTF8 *name,
- NSSCertificate *rvOpt[],
+ NSSCert *rvOpt[],
PRUint32 maximumOpt, /* 0 for no max */
NSSArena *arenaOpt
)
@@ -530,12 +530,12 @@ nssTrustDomain_FindCertificatesByNickname (
NSSToken *token = NULL;
NSSSlot **slots = NULL;
NSSSlot **slotp;
- NSSCertificate **rvCerts = NULL;
+ NSSCert **rvCerts = NULL;
nssPKIObjectCollection *collection = NULL;
nssUpdateLevel updateLevel;
#ifdef CERT_CACHE
/* see if this search is already cached */
- rvCerts = nssCertificateCache_FindCertificatesByNickname(td->cache,
+ rvCerts = nssCertCache_FindCertsByNickname(td->cache,
name,
rvOpt,
maximumOpt,
@@ -552,11 +552,11 @@ nssTrustDomain_FindCertificatesByNickname (
/* initialize the collection of token certificates with the set of
* cached certs (if any).
*/
- collection = nssCertificateCollection_Create(td, rvCerts);
+ collection = nssCertCollection_Create(td, rvCerts);
if (!collection) {
- return (NSSCertificate **)NULL;
+ return (NSSCert **)NULL;
}
- nssCertificateArray_Destroy(rvCerts);
+ nssCertArray_Destroy(rvCerts);
/* obtain the current set of active slots in the trust domain */
slots = nssTrustDomain_GetActiveSlots(td, &updateLevel);
if (!slots) {
@@ -584,7 +584,7 @@ nssTrustDomain_FindCertificatesByNickname (
nssToken_Destroy(token);
goto loser;
}
- instances = nssToken_FindCertificatesByNickname(token,
+ instances = nssToken_FindCertsByNickname(token,
session,
name,
tokenOnly,
@@ -612,14 +612,14 @@ nssTrustDomain_FindCertificatesByNickname (
}
}
/* Grab the certs collected in the search. */
- rvCerts = nssPKIObjectCollection_GetCertificates(collection,
+ rvCerts = nssPKIObjectCollection_GetCerts(collection,
rvOpt, maximumOpt,
arenaOpt);
#ifdef CERT_CACHE
/* Cache this search. It is up-to-date w.r.t. the time when it grabbed
* the slots to search.
*/
- status = nssCertificateCache_AddCertificatesForNickname(td->cache,
+ status = nssCertCache_AddCertsForNickname(td->cache,
name,
rvCerts,
updateLevel);
@@ -634,27 +634,27 @@ loser:
if (collection) {
nssPKIObjectCollection_Destroy(collection);
}
- return (NSSCertificate **)NULL;
+ return (NSSCert **)NULL;
}
-NSS_IMPLEMENT NSSCertificate **
-NSSTrustDomain_FindCertificatesByNickname (
+NSS_IMPLEMENT NSSCert **
+NSSTrustDomain_FindCertsByNickname (
NSSTrustDomain *td,
NSSUTF8 *name,
- NSSCertificate *rvOpt[],
+ NSSCert *rvOpt[],
PRUint32 maximumOpt, /* 0 for no max */
NSSArena *arenaOpt
)
{
- return nssTrustDomain_FindCertificatesByNickname(td,
+ return nssTrustDomain_FindCertsByNickname(td,
name,
rvOpt,
maximumOpt,
arenaOpt);
}
-NSS_IMPLEMENT NSSCertificate *
-nssTrustDomain_FindBestCertificateByNickname (
+NSS_IMPLEMENT NSSCert *
+nssTrustDomain_FindBestCertByNickname (
NSSTrustDomain *td,
NSSUTF8 *name,
NSSTime time,
@@ -662,24 +662,24 @@ nssTrustDomain_FindBestCertificateByNickname (
NSSPolicies *policiesOpt
)
{
- NSSCertificate **nicknameCerts;
- NSSCertificate *rvCert = NULL;
- nicknameCerts = nssTrustDomain_FindCertificatesByNickname(td, name,
+ NSSCert **nicknameCerts;
+ NSSCert *rvCert = NULL;
+ nicknameCerts = nssTrustDomain_FindCertsByNickname(td, name,
NULL,
0,
NULL);
if (nicknameCerts) {
- rvCert = nssCertificateArray_FindBestCertificate(nicknameCerts,
+ rvCert = nssCertArray_FindBestCert(nicknameCerts,
time,
usagesOpt,
policiesOpt);
- nssCertificateArray_Destroy(nicknameCerts);
+ nssCertArray_Destroy(nicknameCerts);
}
return rvCert;
}
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_FindBestCertificateByNickname (
+NSS_IMPLEMENT NSSCert *
+NSSTrustDomain_FindBestCertByNickname (
NSSTrustDomain *td,
NSSUTF8 *name,
NSSTime time,
@@ -687,18 +687,18 @@ NSSTrustDomain_FindBestCertificateByNickname (
NSSPolicies *policiesOpt
)
{
- return nssTrustDomain_FindBestCertificateByNickname(td,
+ return nssTrustDomain_FindBestCertByNickname(td,
name,
time,
usagesOpt,
policiesOpt);
}
-NSS_IMPLEMENT NSSCertificate **
-nssTrustDomain_FindCertificatesBySubject (
+NSS_IMPLEMENT NSSCert **
+nssTrustDomain_FindCertsBySubject (
NSSTrustDomain *td,
NSSDER *subject,
- NSSCertificate *rvOpt[],
+ NSSCert *rvOpt[],
PRUint32 maximumOpt,
NSSArena *arenaOpt
)
@@ -708,12 +708,12 @@ nssTrustDomain_FindCertificatesBySubject (
NSSToken *token = NULL;
NSSSlot **slots = NULL;
NSSSlot **slotp;
- NSSCertificate **rvCerts = NULL;
+ NSSCert **rvCerts = NULL;
nssPKIObjectCollection *collection = NULL;
nssUpdateLevel updateLevel;
#ifdef CERT_CACHE
/* see if this search is already cached */
- rvCerts = nssCertificateCache_FindCertificatesBySubject(td->cache,
+ rvCerts = nssCertCache_FindCertsBySubject(td->cache,
subject,
rvOpt,
maximumOpt,
@@ -723,11 +723,11 @@ nssTrustDomain_FindCertificatesBySubject (
return rvCerts;
}
#endif /* CERT_CACHE */
- collection = nssCertificateCollection_Create(td, rvCerts);
+ collection = nssCertCollection_Create(td, rvCerts);
if (!collection) {
- return (NSSCertificate **)NULL;
+ return (NSSCert **)NULL;
}
- nssCertificateArray_Destroy(rvCerts);
+ nssCertArray_Destroy(rvCerts);
slots = nssTrustDomain_GetActiveSlots(td, &updateLevel);
if (!slots) {
goto loser;
@@ -744,7 +744,7 @@ nssTrustDomain_FindCertificatesBySubject (
nssToken_Destroy(token);
goto loser;
}
- instances = nssToken_FindCertificatesBySubject(token,
+ instances = nssToken_FindCertsBySubject(token,
session,
subject,
tokenOnly,
@@ -770,11 +770,11 @@ nssTrustDomain_FindCertificatesBySubject (
}
}
}
- rvCerts = nssPKIObjectCollection_GetCertificates(collection,
+ rvCerts = nssPKIObjectCollection_GetCerts(collection,
rvOpt, maximumOpt,
arenaOpt);
#ifdef CERT_CACHE
- status = nssCertificateCache_AddCertificatesForSubject(td->cache,
+ status = nssCertCache_AddCertsForSubject(td->cache,
subject,
rvCerts,
updateLevel);
@@ -789,27 +789,27 @@ loser:
if (collection) {
nssPKIObjectCollection_Destroy(collection);
}
- return (NSSCertificate **)NULL;
+ return (NSSCert **)NULL;
}
-NSS_IMPLEMENT NSSCertificate **
-NSSTrustDomain_FindCertificatesBySubject (
+NSS_IMPLEMENT NSSCert **
+NSSTrustDomain_FindCertsBySubject (
NSSTrustDomain *td,
NSSDER *subject,
- NSSCertificate *rvOpt[],
+ NSSCert *rvOpt[],
PRUint32 maximumOpt,
NSSArena *arenaOpt
)
{
- return nssTrustDomain_FindCertificatesBySubject(td,
+ return nssTrustDomain_FindCertsBySubject(td,
subject,
rvOpt,
maximumOpt,
arenaOpt);
}
-NSS_IMPLEMENT NSSCertificate *
-nssTrustDomain_FindBestCertificateBySubject (
+NSS_IMPLEMENT NSSCert *
+nssTrustDomain_FindBestCertBySubject (
NSSTrustDomain *td,
NSSDER *subject,
NSSTime time,
@@ -817,24 +817,24 @@ nssTrustDomain_FindBestCertificateBySubject (
NSSPolicies *policiesOpt
)
{
- NSSCertificate **subjectCerts;
- NSSCertificate *rvCert = NULL;
- subjectCerts = nssTrustDomain_FindCertificatesBySubject(td, subject,
+ NSSCert **subjectCerts;
+ NSSCert *rvCert = NULL;
+ subjectCerts = nssTrustDomain_FindCertsBySubject(td, subject,
NULL,
0,
NULL);
if (subjectCerts) {
- rvCert = nssCertificateArray_FindBestCertificate(subjectCerts,
+ rvCert = nssCertArray_FindBestCert(subjectCerts,
time,
usagesOpt,
policiesOpt);
- nssCertificateArray_Destroy(subjectCerts);
+ nssCertArray_Destroy(subjectCerts);
}
return rvCert;
}
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_FindBestCertificateBySubject (
+NSS_IMPLEMENT NSSCert *
+NSSTrustDomain_FindBestCertBySubject (
NSSTrustDomain *td,
NSSDER *subject,
NSSTime time,
@@ -842,15 +842,15 @@ NSSTrustDomain_FindBestCertificateBySubject (
NSSPolicies *policiesOpt
)
{
- return nssTrustDomain_FindBestCertificateBySubject(td,
+ return nssTrustDomain_FindBestCertBySubject(td,
subject,
time,
usagesOpt,
policiesOpt);
}
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_FindBestCertificateByNameComponents (
+NSS_IMPLEMENT NSSCert *
+NSSTrustDomain_FindBestCertByNameComponents (
NSSTrustDomain *td,
NSSUTF8 *nameComponents,
NSSTime time,
@@ -862,11 +862,11 @@ NSSTrustDomain_FindBestCertificateByNameComponents (
return NULL;
}
-NSS_IMPLEMENT NSSCertificate **
-NSSTrustDomain_FindCertificatesByNameComponents (
+NSS_IMPLEMENT NSSCert **
+NSSTrustDomain_FindCertsByNameComponents (
NSSTrustDomain *td,
NSSUTF8 *nameComponents,
- NSSCertificate *rvOpt[],
+ NSSCert *rvOpt[],
PRUint32 maximumOpt, /* 0 for no max */
NSSArena *arenaOpt
)
@@ -875,8 +875,8 @@ NSSTrustDomain_FindCertificatesByNameComponents (
return NULL;
}
-NSS_IMPLEMENT NSSCertificate *
-nssTrustDomain_FindCertificateByIssuerAndSerialNumber (
+NSS_IMPLEMENT NSSCert *
+nssTrustDomain_FindCertByIssuerAndSerialNumber (
NSSTrustDomain *td,
NSSDER *issuer,
NSSDER *serial
@@ -886,12 +886,12 @@ nssTrustDomain_FindCertificateByIssuerAndSerialNumber (
NSSToken *token = NULL;
NSSSlot **slots = NULL;
NSSSlot **slotp;
- NSSCertificate *rvCert = NULL;
+ NSSCert *rvCert = NULL;
nssPKIObjectCollection *collection = NULL;
nssUpdateLevel updateLevel;
#ifdef CERT_CACHE
/* see if this search is already cached */
- rvCert = nssCertificateCache_FindCertificateByIssuerAndSerialNumber(
+ rvCert = nssCertCache_FindCertByIssuerAndSerialNumber(
td->cache,
issuer,
serial,
@@ -915,7 +915,7 @@ nssTrustDomain_FindCertificateByIssuerAndSerialNumber (
nssToken_Destroy(token);
goto loser;
}
- instance = nssToken_FindCertificateByIssuerAndSerialNumber(
+ instance = nssToken_FindCertByIssuerAndSerialNumber(
token,
session,
issuer,
@@ -928,7 +928,7 @@ nssTrustDomain_FindCertificateByIssuerAndSerialNumber (
}
if (instance) {
if (!collection) {
- collection = nssCertificateCollection_Create(td, NULL);
+ collection = nssCertCollection_Create(td, NULL);
if (!collection) {
goto loser;
}
@@ -939,7 +939,7 @@ nssTrustDomain_FindCertificateByIssuerAndSerialNumber (
}
}
if (collection) {
- (void)nssPKIObjectCollection_GetCertificates(collection,
+ (void)nssPKIObjectCollection_GetCerts(collection,
&rvCert, 1, NULL);
nssPKIObjectCollection_Destroy(collection);
if (!rvCert) {
@@ -947,7 +947,7 @@ nssTrustDomain_FindCertificateByIssuerAndSerialNumber (
}
}
#ifdef CERT_CACHE
- status = nssCertificateCache_AddCertificate(td->cache, rvCert,
+ status = nssCertCache_AddCert(td->cache, rvCert,
issuer, serial, updateLevel);
#endif /* CERT_CACHE */
nssSlotArray_Destroy(slots);
@@ -956,42 +956,42 @@ loser:
if (slots) {
nssSlotArray_Destroy(slots);
}
- return (NSSCertificate *)NULL;
+ return (NSSCert *)NULL;
}
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_FindCertificateByIssuerAndSerialNumber (
+NSS_IMPLEMENT NSSCert *
+NSSTrustDomain_FindCertByIssuerAndSerialNumber (
NSSTrustDomain *td,
NSSDER *issuer,
NSSDER *serial
)
{
- return nssTrustDomain_FindCertificateByIssuerAndSerialNumber(td,
+ return nssTrustDomain_FindCertByIssuerAndSerialNumber(td,
issuer,
serial);
}
-NSS_IMPLEMENT NSSCertificate *
-nssTrustDomain_FindCertificateByEncodedCertificate (
+NSS_IMPLEMENT NSSCert *
+nssTrustDomain_FindCertByEncodedCert (
NSSTrustDomain *td,
NSSBER *ber
)
{
- NSSCertificate *rvCert = NULL;
+ NSSCert *rvCert = NULL;
#if 0
PRStatus status;
NSSDER issuer = { 0 };
NSSDER serial = { 0 };
NSSArena *arena = nssArena_Create();
if (!arena) {
- return (NSSCertificate *)NULL;
+ return (NSSCert *)NULL;
}
/* XXX this is not generic... will any cert crack into issuer/serial? */
status = nssPKIX509_GetIssuerAndSerialFromDER(ber, arena, &issuer, &serial);
if (status != PR_SUCCESS) {
goto finish;
}
- rvCert = nssTrustDomain_FindCertificateByIssuerAndSerialNumber(td,
+ rvCert = nssTrustDomain_FindCertByIssuerAndSerialNumber(td,
&issuer,
&serial);
finish:
@@ -1000,20 +1000,20 @@ finish:
return rvCert;
}
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_FindCertificateByEncodedCertificate (
+NSS_IMPLEMENT NSSCert *
+NSSTrustDomain_FindCertByEncodedCert (
NSSTrustDomain *td,
NSSBER *ber
)
{
- return nssTrustDomain_FindCertificateByEncodedCertificate(td, ber);
+ return nssTrustDomain_FindCertByEncodedCert(td, ber);
}
-NSS_IMPLEMENT NSSCertificate **
-nssTrustDomain_FindCertificatesByID (
+NSS_IMPLEMENT NSSCert **
+nssTrustDomain_FindCertsByID (
NSSTrustDomain *td,
NSSItem *id,
- NSSCertificate **rvOpt,
+ NSSCert **rvOpt,
PRUint32 maximumOpt,
NSSArena *arenaOpt
)
@@ -1023,12 +1023,12 @@ nssTrustDomain_FindCertificatesByID (
NSSToken *token = NULL;
NSSSlot **slots = NULL;
NSSSlot **slotp;
- NSSCertificate **rvCerts = NULL;
+ NSSCert **rvCerts = NULL;
nssPKIObjectCollection *collection = NULL;
nssUpdateLevel updateLevel;
- collection = nssCertificateCollection_Create(td, rvCerts);
+ collection = nssCertCollection_Create(td, rvCerts);
if (!collection) {
- return (NSSCertificate **)NULL;
+ return (NSSCert **)NULL;
}
slots = nssTrustDomain_GetActiveSlots(td, &updateLevel);
if (!slots) {
@@ -1046,7 +1046,7 @@ nssTrustDomain_FindCertificatesByID (
nssToken_Destroy(token);
goto loser;
}
- instances = nssToken_FindCertificatesByID(token,
+ instances = nssToken_FindCertsByID(token,
session,
id,
tokenOnly,
@@ -1072,7 +1072,7 @@ nssTrustDomain_FindCertificatesByID (
}
}
}
- rvCerts = nssPKIObjectCollection_GetCertificates(collection,
+ rvCerts = nssPKIObjectCollection_GetCerts(collection,
rvOpt, maximumOpt,
arenaOpt);
/* cache 'em? */
@@ -1086,11 +1086,11 @@ loser:
if (collection) {
nssPKIObjectCollection_Destroy(collection);
}
- return (NSSCertificate **)NULL;
+ return (NSSCert **)NULL;
}
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_FindBestCertificateByEmail (
+NSS_IMPLEMENT NSSCert *
+NSSTrustDomain_FindBestCertByEmail (
NSSTrustDomain *td,
NSSASCII7 *email,
NSSTime time,
@@ -1101,11 +1101,11 @@ NSSTrustDomain_FindBestCertificateByEmail (
return 0;
}
-NSS_IMPLEMENT NSSCertificate **
-nssTrustDomain_FindCertificatesByEmail (
+NSS_IMPLEMENT NSSCert **
+nssTrustDomain_FindCertsByEmail (
NSSTrustDomain *td,
NSSASCII7 *email,
- NSSCertificate *rvOpt[],
+ NSSCert *rvOpt[],
PRUint32 maximumOpt, /* 0 for no max */
NSSArena *arenaOpt
)
@@ -1114,21 +1114,21 @@ nssTrustDomain_FindCertificatesByEmail (
return NULL;
}
-NSS_IMPLEMENT NSSCertificate **
-NSSTrustDomain_FindCertificatesByEmail (
+NSS_IMPLEMENT NSSCert **
+NSSTrustDomain_FindCertsByEmail (
NSSTrustDomain *td,
NSSASCII7 *email,
- NSSCertificate *rvOpt[],
+ NSSCert *rvOpt[],
PRUint32 maximumOpt, /* 0 for no max */
NSSArena *arenaOpt
)
{
- return nssTrustDomain_FindCertificatesByEmail(td, email, rvOpt,
+ return nssTrustDomain_FindCertsByEmail(td, email, rvOpt,
maximumOpt, arenaOpt);
}
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_FindCertificateByOCSPHash (
+NSS_IMPLEMENT NSSCert *
+NSSTrustDomain_FindCertByOCSPHash (
NSSTrustDomain *td,
NSSItem *hash
)
@@ -1137,8 +1137,8 @@ NSSTrustDomain_FindCertificateByOCSPHash (
return NULL;
}
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_FindBestUserCertificate (
+NSS_IMPLEMENT NSSCert *
+NSSTrustDomain_FindBestUserCert (
NSSTrustDomain *td,
NSSTime time,
NSSUsages *usages,
@@ -1151,7 +1151,7 @@ NSSTrustDomain_FindBestUserCertificate (
/* XXX don't keep this */
struct stuff_str {
- NSSCertificate **rv;
+ NSSCert **rv;
PRUint32 rvCount;
PRUint32 rvSize;
PRUint32 rvLimit;
@@ -1159,32 +1159,32 @@ struct stuff_str {
};
static PRStatus
-get_user(NSSCertificate *c, void *arg)
+get_user(NSSCert *c, void *arg)
{
struct stuff_str *stuff = (struct stuff_str *)arg;
- if (nssCertificate_IsPrivateKeyAvailable(c, NULL, NULL)) {
+ if (nssCert_IsPrivateKeyAvailable(c, NULL, NULL)) {
if (stuff->rvSize == 0) {
stuff->rvSize = 2;
- stuff->rv = nss_ZNEWARRAY(stuff->arenaOpt, NSSCertificate *,
+ stuff->rv = nss_ZNEWARRAY(stuff->arenaOpt, NSSCert *,
stuff->rvSize + 1);
if (!stuff->rv) return PR_FAILURE;
} else if (stuff->rvCount == stuff->rvSize && stuff->rvLimit == 0) {
stuff->rvSize *= 2;
- stuff->rv = nss_ZREALLOCARRAY(stuff->rv, NSSCertificate *,
+ stuff->rv = nss_ZREALLOCARRAY(stuff->rv, NSSCert *,
stuff->rvSize + 1);
if (!stuff->rv) return PR_FAILURE;
} else {
return PR_SUCCESS;
}
- stuff->rv[stuff->rvCount++] = nssCertificate_AddRef(c);
+ stuff->rv[stuff->rvCount++] = nssCert_AddRef(c);
}
return PR_SUCCESS;
}
-NSS_IMPLEMENT NSSCertificate **
-nssTrustDomain_FindUserCertificates (
+NSS_IMPLEMENT NSSCert **
+nssTrustDomain_FindUserCerts (
NSSTrustDomain *td,
- NSSCertificate **rvOpt,
+ NSSCert **rvOpt,
PRUint32 rvLimit,
NSSArena *arenaOpt
)
@@ -1197,27 +1197,27 @@ nssTrustDomain_FindUserCertificates (
stuff.rvSize = rvOpt ? rvLimit : 0;
stuff.rvLimit = rvLimit;
stuff.arenaOpt = arenaOpt;
- status = nssTrustDomain_TraverseCertificates(td, get_user, &stuff);
+ status = nssTrustDomain_TraverseCerts(td, get_user, &stuff);
if (status && *status == PR_FAILURE) {
- nssCertificateArray_Destroy(stuff.rv);
+ nssCertArray_Destroy(stuff.rv);
stuff.rv = NULL;
}
return stuff.rv;
}
-NSS_IMPLEMENT NSSCertificate **
-NSSTrustDomain_FindUserCertificates (
+NSS_IMPLEMENT NSSCert **
+NSSTrustDomain_FindUserCerts (
NSSTrustDomain *td,
- NSSCertificate **rvOpt,
+ NSSCert **rvOpt,
PRUint32 rvLimit,
NSSArena *arenaOpt
)
{
- return nssTrustDomain_FindUserCertificates(td, rvOpt, rvLimit, arenaOpt);
+ return nssTrustDomain_FindUserCerts(td, rvOpt, rvLimit, arenaOpt);
}
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_FindBestUserCertificateForSSLClientAuth (
+NSS_IMPLEMENT NSSCert *
+NSSTrustDomain_FindBestUserCertForSSLClientAuth (
NSSTrustDomain *td,
NSSUTF8 *sslHostOpt,
NSSDER *rootCAsOpt[], /* null pointer for none */
@@ -1230,15 +1230,15 @@ NSSTrustDomain_FindBestUserCertificateForSSLClientAuth (
return NULL;
}
-NSS_IMPLEMENT NSSCertificate **
-NSSTrustDomain_FindUserCertificatesForSSLClientAuth (
+NSS_IMPLEMENT NSSCert **
+NSSTrustDomain_FindUserCertsForSSLClientAuth (
NSSTrustDomain *td,
NSSUTF8 *sslHostOpt,
NSSDER *rootCAsOpt[], /* null pointer for none */
PRUint32 rootCAsMaxOpt, /* zero means list is null-terminated */
const NSSAlgNParam *apOpt,
NSSPolicies *policiesOpt,
- NSSCertificate **rvOpt,
+ NSSCert **rvOpt,
PRUint32 rvLimit, /* zero for no limit */
NSSArena *arenaOpt
)
@@ -1247,8 +1247,8 @@ NSSTrustDomain_FindUserCertificatesForSSLClientAuth (
return NULL;
}
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_FindBestUserCertificateForEmailSigning (
+NSS_IMPLEMENT NSSCert *
+NSSTrustDomain_FindBestUserCertForEmailSigning (
NSSTrustDomain *td,
NSSASCII7 *signerOpt,
NSSASCII7 *recipientOpt,
@@ -1261,15 +1261,15 @@ NSSTrustDomain_FindBestUserCertificateForEmailSigning (
return NULL;
}
-NSS_IMPLEMENT NSSCertificate **
-NSSTrustDomain_FindUserCertificatesForEmailSigning (
+NSS_IMPLEMENT NSSCert **
+NSSTrustDomain_FindUserCertsForEmailSigning (
NSSTrustDomain *td,
NSSASCII7 *signerOpt,
NSSASCII7 *recipientOpt,
/* anything more here? */
const NSSAlgNParam *apOpt,
NSSPolicies *policiesOpt,
- NSSCertificate **rvOpt,
+ NSSCert **rvOpt,
PRUint32 rvLimit, /* zero for no limit */
NSSArena *arenaOpt
)
@@ -1286,9 +1286,9 @@ collector(nssCryptokiObject *instance, void *arg)
}
NSS_IMPLEMENT PRStatus *
-nssTrustDomain_TraverseCertificates (
+nssTrustDomain_TraverseCerts (
NSSTrustDomain *td,
- PRStatus (*callback)(NSSCertificate *c, void *arg),
+ PRStatus (*callback)(NSSCert *c, void *arg),
void *arg
)
{
@@ -1300,7 +1300,7 @@ nssTrustDomain_TraverseCertificates (
nssPKIObjectCallback pkiCallback;
nssUpdateLevel updateLevel;
/* XXX cache ??? probably use query callback below */
- collection = nssCertificateCollection_Create(td, NULL);
+ collection = nssCertCollection_Create(td, NULL);
if (!collection) {
return (PRStatus *)NULL;
}
@@ -1323,7 +1323,7 @@ nssTrustDomain_TraverseCertificates (
goto loser;
}
/* perform the traversal */
- status = nssToken_TraverseCertificates(token,
+ status = nssToken_TraverseCerts(token,
session,
tokenOnly,
collector,
@@ -1355,28 +1355,28 @@ loser:
}
NSS_IMPLEMENT PRStatus *
-NSSTrustDomain_TraverseCertificates (
+NSSTrustDomain_TraverseCerts (
NSSTrustDomain *td,
- PRStatus (*callback)(NSSCertificate *c, void *arg),
+ PRStatus (*callback)(NSSCert *c, void *arg),
void *arg
)
{
- return nssTrustDomain_TraverseCertificates(td, callback, arg);
+ return nssTrustDomain_TraverseCerts(td, callback, arg);
}
NSS_IMPLEMENT nssTrust *
-nssTrustDomain_FindTrustForCertificate (
+nssTrustDomain_FindTrustForCert (
NSSTrustDomain *td,
- NSSCertificate *c
+ NSSCert *c
)
{
PRStatus status;
NSSSlot **slots;
NSSSlot **slotp;
NSSToken *token;
- NSSDER *encoding = nssCertificate_GetEncoding(c);
- NSSDER *issuer = nssCertificate_GetIssuer(c);
- NSSDER *serial = nssCertificate_GetSerialNumber(c);
+ NSSDER *encoding = nssCert_GetEncoding(c);
+ NSSDER *issuer = nssCert_GetIssuer(c);
+ NSSDER *serial = nssCert_GetSerialNumber(c);
nssTokenSearchType tokenOnly = nssTokenSearchType_TokenOnly;
nssCryptokiObject *to = NULL;
nssPKIObject *pkio = NULL;
@@ -1394,7 +1394,7 @@ nssTrustDomain_FindTrustForCertificate (
if (!session) {
continue;
}
- to = nssToken_FindTrustForCertificate(token, session,
+ to = nssToken_FindTrustForCert(token, session,
encoding,
issuer,
serial,
@@ -1562,8 +1562,8 @@ nssTrustDomain_FindSourceToken (
return source;
}
-NSS_IMPLEMENT NSSSymmetricKey *
-nssTrustDomain_GenerateSymmetricKey (
+NSS_IMPLEMENT NSSSymKey *
+nssTrustDomain_GenerateSymKey (
NSSTrustDomain *td,
const NSSAlgNParam *ap,
PRUint32 keysize,
@@ -1583,11 +1583,11 @@ nssTrustDomain_GenerateSymmetricKey (
creator.nickname = NULL /*nicknameOpt*/;
creator.properties = 0 /*properties*/;
creator.operations = 0 /*operations*/;
- return nssPKIObjectCreator_GenerateSymmetricKey(&creator, keysize);
+ return nssPKIObjectCreator_GenerateSymKey(&creator, keysize);
}
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSTrustDomain_GenerateSymmetricKey (
+NSS_IMPLEMENT NSSSymKey *
+NSSTrustDomain_GenerateSymKey (
NSSTrustDomain *td,
const NSSAlgNParam *ap,
PRUint32 keysize,
@@ -1595,12 +1595,12 @@ NSSTrustDomain_GenerateSymmetricKey (
NSSCallback *uhhOpt
)
{
- return nssTrustDomain_GenerateSymmetricKey(td, ap, keysize,
+ return nssTrustDomain_GenerateSymKey(td, ap, keysize,
destination, uhhOpt);
}
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSTrustDomain_GenerateSymmetricKeyFromPassword (
+NSS_IMPLEMENT NSSSymKey *
+NSSTrustDomain_GenerateSymKeyFromPassword (
NSSTrustDomain *td,
const NSSAlgNParam *ap,
NSSUTF8 *passwordOpt, /* if null, prompt */
@@ -1612,8 +1612,8 @@ NSSTrustDomain_GenerateSymmetricKeyFromPassword (
return NULL;
}
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSTrustDomain_FindSymmetricKeyByAlgorithmAndKeyID (
+NSS_IMPLEMENT NSSSymKey *
+NSSTrustDomain_FindSymKeyByAlgorithmAndKeyID (
NSSTrustDomain *td,
NSSOID *algorithm,
NSSItem *keyID,
diff --git a/security/nss/lib/pki/volatiledomain.c b/security/nss/lib/pki/volatiledomain.c
index 1e674ec2f..7dd8ea35d 100644
--- a/security/nss/lib/pki/volatiledomain.c
+++ b/security/nss/lib/pki/volatiledomain.c
@@ -117,10 +117,10 @@ nssVolatileDomain_Destroy (
PRStatus status = PR_SUCCESS;
PZ_DestroyLock(vd->objectLock);
nssTokenSessionHash_Destroy(vd->tokenSessionHash);
- nssCertificateArray_Destroy((NSSCertificate **)vd->certs.array);
+ nssCertArray_Destroy((NSSCert **)vd->certs.array);
nssPublicKeyArray_Destroy((NSSPublicKey **)vd->bkeys.array);
nssPrivateKeyArray_Destroy((NSSPrivateKey **)vd->vkeys.array);
- nssSymmetricKeyArray_Destroy((NSSSymmetricKey **)vd->mkeys.array);
+ nssSymKeyArray_Destroy((NSSSymKey **)vd->mkeys.array);
status |= nssArena_Destroy(vd->arena);
return status;
}
@@ -200,9 +200,9 @@ NSSVolatileDomain_GetTrustDomain (
}
NSS_IMPLEMENT PRStatus
-nssVolatileDomain_ImportCertificate (
+nssVolatileDomain_ImportCert (
NSSVolatileDomain *vd,
- NSSCertificate *c
+ NSSCert *c
)
{
PZ_Lock(vd->objectLock);
@@ -210,13 +210,13 @@ nssVolatileDomain_ImportCertificate (
if (vd->certs.size == 0) {
/* need to alloc new array */
vd->certs.array = (void **)nss_ZNEWARRAY(vd->arena,
- NSSCertificate *,
+ NSSCert *,
DEFAULT_ARRAY_SIZE);
} else {
/* array is full, realloc */
vd->certs.size *= 2;
vd->certs.array = (void **)nss_ZREALLOCARRAY(vd->certs.array,
- NSSCertificate *,
+ NSSCert *,
vd->certs.size);
}
if (!vd->certs.array) {
@@ -224,59 +224,59 @@ nssVolatileDomain_ImportCertificate (
return PR_FAILURE;
}
}
- vd->certs.array[vd->certs.count++] = (void *)nssCertificate_AddRef(c);
+ vd->certs.array[vd->certs.count++] = (void *)nssCert_AddRef(c);
PZ_Unlock(vd->objectLock);
- nssCertificate_SetVolatileDomain(c, vd);
+ nssCert_SetVolatileDomain(c, vd);
return PR_SUCCESS;
}
NSS_IMPLEMENT PRStatus
-NSSVolatileDomain_ImportCertificate (
+NSSVolatileDomain_ImportCert (
NSSVolatileDomain *vd,
- NSSCertificate *c
+ NSSCert *c
)
{
- return nssVolatileDomain_ImportCertificate(vd, c);
+ return nssVolatileDomain_ImportCert(vd, c);
}
-NSS_IMPLEMENT NSSCertificate *
-nssVolatileDomain_ImportEncodedCertificate (
+NSS_IMPLEMENT NSSCert *
+nssVolatileDomain_ImportEncodedCert (
NSSVolatileDomain *vd,
NSSBER *ber,
NSSUTF8 *nickOpt
)
{
- NSSCertificate *c;
+ NSSCert *c;
- c = nssCertificate_Decode(ber);
+ c = nssCert_Decode(ber);
if (!c) {
- return (NSSCertificate *)NULL;
+ return (NSSCert *)NULL;
}
if (nickOpt) {
- nssCertificate_SetNickname(c, NULL, nickOpt);
+ nssCert_SetNickname(c, NULL, nickOpt);
}
- if (nssVolatileDomain_ImportCertificate(vd, c) == PR_FAILURE) {
- nssCertificate_Destroy(c);
- return (NSSCertificate *)NULL;
+ if (nssVolatileDomain_ImportCert(vd, c) == PR_FAILURE) {
+ nssCert_Destroy(c);
+ return (NSSCert *)NULL;
}
return c;
}
-NSS_IMPLEMENT NSSCertificate *
-NSSVolatileDomain_ImportEncodedCertificate (
+NSS_IMPLEMENT NSSCert *
+NSSVolatileDomain_ImportEncodedCert (
NSSVolatileDomain *vd,
NSSBER *ber,
NSSUTF8 *nickOpt
)
{
- return nssVolatileDomain_ImportEncodedCertificate(vd, ber, nickOpt);
+ return nssVolatileDomain_ImportEncodedCert(vd, ber, nickOpt);
}
NSS_IMPLEMENT PRStatus
-NSSVolatileDomain_ImportEncodedCertificateChain (
+NSSVolatileDomain_ImportEncodedCertChain (
NSSVolatileDomain *vd,
NSSBER *ber,
- NSSCertificateType certType
+ NSSCertType certType
)
{
nss_SetError(NSS_ERROR_NOT_FOUND);
@@ -329,12 +329,12 @@ nssVolatileDomain_ImportSMIMEProfile (
{
PRStatus nssrv;
if (!vd->certStore) {
- vd->certStore = nssCertificateStore_Create(vd->arena);
+ vd->certStore = nssCertStore_Create(vd->arena);
if (!vd->certStore) {
return PR_FAILURE;
}
}
- nssrv = nssCertificateStore_AddSMIMEProfile(vd->certStore, profile);
+ nssrv = nssCertStore_AddSMIMEProfile(vd->certStore, profile);
#if 0
if (nssrv == PR_SUCCESS) {
profile->object.cryptoContext = vd;
@@ -345,7 +345,7 @@ nssVolatileDomain_ImportSMIMEProfile (
#endif
struct cert_array_str {
- NSSCertificate **array;
+ NSSCert **array;
PRUint32 count;
PRUint32 size;
PRBool grow;
@@ -362,7 +362,7 @@ struct cert_array_str {
(cert_array)->mark = NULL;
static PRStatus
-add_to_cert_array(struct cert_array_str *car, NSSCertificate *c)
+add_to_cert_array(struct cert_array_str *car, NSSCert *c)
{
if (!car->array) {
if (car->arenaOpt) {
@@ -374,26 +374,26 @@ add_to_cert_array(struct cert_array_str *car, NSSCertificate *c)
if (!car->size) {
car->size = DEFAULT_RETURN_ARRAY;
}
- car->array = nss_ZNEWARRAY(car->arenaOpt, NSSCertificate *,
+ car->array = nss_ZNEWARRAY(car->arenaOpt, NSSCert *,
car->size + 1);
} else if (car->count == car->size) {
if (!car->grow) {
return PR_FAILURE; /* this will terminate the loop */
}
car->size *= 2;
- car->array = nss_ZREALLOCARRAY(car->array, NSSCertificate *,
+ car->array = nss_ZREALLOCARRAY(car->array, NSSCert *,
car->size + 1);
}
if (!car->array) {
return PR_FAILURE;
}
- car->array[car->count++] = nssCertificate_AddRef(c);
+ car->array[car->count++] = nssCert_AddRef(c);
return PR_SUCCESS;
}
-static NSSCertificate **
+static NSSCert **
finish_cert_array(struct cert_array_str *car, PRStatus status,
- NSSCertificate **tdCerts)
+ NSSCert **tdCerts)
{
if (status == PR_FAILURE) {
if (!car->grow) {
@@ -409,7 +409,7 @@ finish_cert_array(struct cert_array_str *car, PRStatus status,
car->array = NULL;
} else if (car->mark) {
if (tdCerts) {
- car->array = nssCertificateArray_Join(car->array, tdCerts);
+ car->array = nssCertArray_Join(car->array, tdCerts);
}
nssArena_Unmark(car->arenaOpt, car->mark);
}
@@ -417,27 +417,27 @@ finish_cert_array(struct cert_array_str *car, PRStatus status,
return car->array;
}
-NSS_IMPLEMENT NSSCertificate **
-nssVolatileDomain_FindCertificatesByNickname (
+NSS_IMPLEMENT NSSCert **
+nssVolatileDomain_FindCertsByNickname (
NSSVolatileDomain *vd,
NSSUTF8 *name,
- NSSCertificate **rvOpt,
+ NSSCert **rvOpt,
PRUint32 maximumOpt,
NSSArena *arenaOpt
)
{
PRStatus status;
PRUint32 i;
- NSSCertificate **certs, **tdCerts;
+ NSSCert **certs, **tdCerts;
NSSUTF8 *cNick;
struct cert_array_str cert_array;
INIT_CERT_ARRAY(&cert_array, rvOpt, maximumOpt, arenaOpt);
PZ_Lock(vd->objectLock);
- certs = (NSSCertificate **)vd->certs.array;
+ certs = (NSSCert **)vd->certs.array;
for (i=0; i<vd->certs.count; i++) {
- cNick = nssCertificate_GetNickname(certs[i], NULL);
+ cNick = nssCert_GetNickname(certs[i], NULL);
if (nssUTF8_Equal(name, cNick, NULL)) {
status = add_to_cert_array(&cert_array, certs[i]);
if (status == PR_FAILURE) {
@@ -447,28 +447,28 @@ nssVolatileDomain_FindCertificatesByNickname (
}
PZ_Unlock(vd->objectLock);
- tdCerts = nssTrustDomain_FindCertificatesByNickname(vd->td, name,
+ tdCerts = nssTrustDomain_FindCertsByNickname(vd->td, name,
rvOpt ? rvOpt + cert_array.count : NULL,
maximumOpt - cert_array.count, arenaOpt);
return finish_cert_array(&cert_array, status, tdCerts);
}
-NSS_IMPLEMENT NSSCertificate **
-NSSVolatileDomain_FindCertificatesByNickname (
+NSS_IMPLEMENT NSSCert **
+NSSVolatileDomain_FindCertsByNickname (
NSSVolatileDomain *vd,
NSSUTF8 *name,
- NSSCertificate *rvOpt[],
+ NSSCert *rvOpt[],
PRUint32 maximumOpt, /* 0 for no max */
NSSArena *arenaOpt
)
{
- return nssVolatileDomain_FindCertificatesByNickname(vd, name, rvOpt,
+ return nssVolatileDomain_FindCertsByNickname(vd, name, rvOpt,
maximumOpt, arenaOpt);
}
-NSS_IMPLEMENT NSSCertificate *
-nssVolatileDomain_FindBestCertificateByNickname (
+NSS_IMPLEMENT NSSCert *
+nssVolatileDomain_FindBestCertByNickname (
NSSVolatileDomain *vd,
NSSUTF8 *name,
NSSTime time, /* NULL for "now" */
@@ -476,23 +476,23 @@ nssVolatileDomain_FindBestCertificateByNickname (
NSSPolicies *policiesOpt /* NULL for none */
)
{
- NSSCertificate **certs;
- NSSCertificate *rvCert = NULL;
+ NSSCert **certs;
+ NSSCert *rvCert = NULL;
/* search the volatile (and trust) domain by nickname */
- certs = nssVolatileDomain_FindCertificatesByNickname(vd, name,
+ certs = nssVolatileDomain_FindCertsByNickname(vd, name,
NULL, 0, NULL);
if (certs) {
/* find the best one */
- rvCert = nssCertificateArray_FindBestCertificate(certs, time,
+ rvCert = nssCertArray_FindBestCert(certs, time,
usages, policiesOpt);
- nssCertificateArray_Destroy(certs);
+ nssCertArray_Destroy(certs);
}
return rvCert;
}
-NSS_IMPLEMENT NSSCertificate *
-NSSVolatileDomain_FindBestCertificateByNickname (
+NSS_IMPLEMENT NSSCert *
+NSSVolatileDomain_FindBestCertByNickname (
NSSVolatileDomain *vd,
NSSUTF8 *name,
NSSTime time, /* NULL for "now" */
@@ -500,76 +500,76 @@ NSSVolatileDomain_FindBestCertificateByNickname (
NSSPolicies *policiesOpt /* NULL for none */
)
{
- return nssVolatileDomain_FindBestCertificateByNickname(vd, name,
+ return nssVolatileDomain_FindBestCertByNickname(vd, name,
time, usages,
policiesOpt);
}
-NSS_IMPLEMENT NSSCertificate *
-nssVolatileDomain_FindCertificateByIssuerAndSerialNumber (
+NSS_IMPLEMENT NSSCert *
+nssVolatileDomain_FindCertByIssuerAndSerialNumber (
NSSVolatileDomain *vd,
NSSDER *issuer,
NSSDER *serial
)
{
PRUint32 i;
- NSSCertificate **certs;
+ NSSCert **certs;
NSSDER *cIssuer, *cSerial;
- NSSCertificate *rvCert = NULL;
+ NSSCert *rvCert = NULL;
PZ_Lock(vd->objectLock);
- certs = (NSSCertificate **)vd->certs.array;
+ certs = (NSSCert **)vd->certs.array;
for (i=0; i<vd->certs.count; i++) {
- cIssuer = nssCertificate_GetIssuer(certs[i]);
- cSerial = nssCertificate_GetSerialNumber(certs[i]);
+ cIssuer = nssCert_GetIssuer(certs[i]);
+ cSerial = nssCert_GetSerialNumber(certs[i]);
if (nssItem_Equal(cIssuer, issuer, NULL) &&
nssItem_Equal(cSerial, serial, NULL))
{
- rvCert = nssCertificate_AddRef(certs[i]);
+ rvCert = nssCert_AddRef(certs[i]);
break;
}
}
PZ_Unlock(vd->objectLock);
if (!rvCert) {
- rvCert = nssTrustDomain_FindCertificateByIssuerAndSerialNumber(vd->td,
+ rvCert = nssTrustDomain_FindCertByIssuerAndSerialNumber(vd->td,
issuer, serial);
}
return rvCert;
}
-NSS_IMPLEMENT NSSCertificate *
-NSSVolatileDomain_FindCertificateByIssuerAndSerialNumber (
+NSS_IMPLEMENT NSSCert *
+NSSVolatileDomain_FindCertByIssuerAndSerialNumber (
NSSVolatileDomain *vd,
NSSDER *issuer,
NSSDER *serial
)
{
- return nssVolatileDomain_FindCertificateByIssuerAndSerialNumber(vd,
+ return nssVolatileDomain_FindCertByIssuerAndSerialNumber(vd,
issuer,
serial);
}
-NSS_IMPLEMENT NSSCertificate **
-nssVolatileDomain_FindCertificatesBySubject (
+NSS_IMPLEMENT NSSCert **
+nssVolatileDomain_FindCertsBySubject (
NSSVolatileDomain *vd,
NSSDER *subject,
- NSSCertificate *rvOpt[],
+ NSSCert *rvOpt[],
PRUint32 maximumOpt, /* 0 for no max */
NSSArena *arenaOpt
)
{
PRStatus status;
PRUint32 i;
- NSSCertificate **certs, **tdCerts;
+ NSSCert **certs, **tdCerts;
NSSDER *certSubject;
struct cert_array_str cert_array;
INIT_CERT_ARRAY(&cert_array, rvOpt, maximumOpt, arenaOpt);
PZ_Lock(vd->objectLock);
- certs = (NSSCertificate **)vd->certs.array;
+ certs = (NSSCert **)vd->certs.array;
for (i=0; i<vd->certs.count; i++) {
- certSubject = nssCertificate_GetSubject(certs[i]);
+ certSubject = nssCert_GetSubject(certs[i]);
if (nssItem_Equal(certSubject, subject, NULL)) {
status = add_to_cert_array(&cert_array, certs[i]);
if (status == PR_FAILURE) {
@@ -579,29 +579,29 @@ nssVolatileDomain_FindCertificatesBySubject (
}
PZ_Unlock(vd->objectLock);
- tdCerts = nssTrustDomain_FindCertificatesBySubject(vd->td, subject,
+ tdCerts = nssTrustDomain_FindCertsBySubject(vd->td, subject,
rvOpt ? rvOpt + cert_array.count : NULL,
maximumOpt - cert_array.count, arenaOpt);
return finish_cert_array(&cert_array, status, tdCerts);
}
-NSS_IMPLEMENT NSSCertificate **
-NSSVolatileDomain_FindCertificatesBySubject (
+NSS_IMPLEMENT NSSCert **
+NSSVolatileDomain_FindCertsBySubject (
NSSVolatileDomain *vd,
NSSDER *subject,
- NSSCertificate *rvOpt[],
+ NSSCert *rvOpt[],
PRUint32 maximumOpt, /* 0 for no max */
NSSArena *arenaOpt
)
{
- return nssVolatileDomain_FindCertificatesBySubject(vd, subject,
+ return nssVolatileDomain_FindCertsBySubject(vd, subject,
rvOpt, maximumOpt,
arenaOpt);
}
-NSS_IMPLEMENT NSSCertificate *
-nssVolatileDomain_FindBestCertificateBySubject (
+NSS_IMPLEMENT NSSCert *
+nssVolatileDomain_FindBestCertBySubject (
NSSVolatileDomain *vd,
NSSDER *subject,
NSSTime time,
@@ -609,23 +609,23 @@ nssVolatileDomain_FindBestCertificateBySubject (
NSSPolicies *policiesOpt
)
{
- NSSCertificate **certs;
- NSSCertificate *rvCert = NULL;
+ NSSCert **certs;
+ NSSCert *rvCert = NULL;
/* search the volatile (and trust) domain by subject */
- certs = nssVolatileDomain_FindCertificatesBySubject(vd, subject,
+ certs = nssVolatileDomain_FindCertsBySubject(vd, subject,
NULL, 0, NULL);
if (certs) {
/* find the best one */
- rvCert = nssCertificateArray_FindBestCertificate(certs, time,
+ rvCert = nssCertArray_FindBestCert(certs, time,
usages, policiesOpt);
- nssCertificateArray_Destroy(certs);
+ nssCertArray_Destroy(certs);
}
return rvCert;
}
-NSS_IMPLEMENT NSSCertificate *
-NSSVolatileDomain_FindBestCertificateBySubject (
+NSS_IMPLEMENT NSSCert *
+NSSVolatileDomain_FindBestCertBySubject (
NSSVolatileDomain *vd,
NSSDER *subject,
NSSTime time,
@@ -633,69 +633,69 @@ NSSVolatileDomain_FindBestCertificateBySubject (
NSSPolicies *policiesOpt
)
{
- return nssVolatileDomain_FindBestCertificateBySubject(vd, subject,
+ return nssVolatileDomain_FindBestCertBySubject(vd, subject,
time, usages, policiesOpt);
}
-NSS_IMPLEMENT NSSCertificate *
-nssVolatileDomain_FindCertificateByEncodedCertificate (
+NSS_IMPLEMENT NSSCert *
+nssVolatileDomain_FindCertByEncodedCert (
NSSVolatileDomain *vd,
NSSBER *encodedCert
)
{
PRUint32 i;
NSSBER *certEnc;
- NSSCertificate **certs;
- NSSCertificate *rvCert = NULL;
+ NSSCert **certs;
+ NSSCert *rvCert = NULL;
PZ_Lock(vd->objectLock);
- certs = (NSSCertificate **)vd->certs.array;
+ certs = (NSSCert **)vd->certs.array;
for (i=0; i<vd->certs.count; i++) {
- certEnc = nssCertificate_GetEncoding(certs[i]);
+ certEnc = nssCert_GetEncoding(certs[i]);
if (nssItem_Equal(certEnc, encodedCert, NULL)) {
- rvCert = nssCertificate_AddRef(certs[i]);
+ rvCert = nssCert_AddRef(certs[i]);
break;
}
}
PZ_Unlock(vd->objectLock);
if (!rvCert) {
- rvCert = nssTrustDomain_FindCertificateByEncodedCertificate(vd->td,
+ rvCert = nssTrustDomain_FindCertByEncodedCert(vd->td,
encodedCert);
}
return rvCert;
}
-NSS_IMPLEMENT NSSCertificate *
-NSSVolatileDomain_FindCertificateByEncodedCertificate (
+NSS_IMPLEMENT NSSCert *
+NSSVolatileDomain_FindCertByEncodedCert (
NSSVolatileDomain *vd,
NSSBER *encodedCert
)
{
- return nssVolatileDomain_FindCertificateByEncodedCertificate(vd,
+ return nssVolatileDomain_FindCertByEncodedCert(vd,
encodedCert);
}
-NSS_IMPLEMENT NSSCertificate **
-nssVolatileDomain_FindCertificatesByEmail (
+NSS_IMPLEMENT NSSCert **
+nssVolatileDomain_FindCertsByEmail (
NSSVolatileDomain *vd,
NSSASCII7 *email,
- NSSCertificate *rvOpt[],
+ NSSCert *rvOpt[],
PRUint32 maximumOpt, /* 0 for no max */
NSSArena *arenaOpt
)
{
PRStatus status;
PRUint32 i;
- NSSCertificate **certs, **tdCerts;
+ NSSCert **certs, **tdCerts;
NSSASCII7 *cEmail;
struct cert_array_str cert_array;
INIT_CERT_ARRAY(&cert_array, rvOpt, maximumOpt, arenaOpt);
PZ_Lock(vd->objectLock);
- certs = (NSSCertificate **)vd->certs.array;
+ certs = (NSSCert **)vd->certs.array;
for (i=0; i<vd->certs.count; i++) {
- cEmail = nssCertificate_GetEmailAddress(certs[i]);
+ cEmail = nssCert_GetEmailAddress(certs[i]);
if (nssUTF8_Equal(cEmail, email, NULL)) {
status = add_to_cert_array(&cert_array, certs[i]);
if (status == PR_FAILURE) {
@@ -705,28 +705,28 @@ nssVolatileDomain_FindCertificatesByEmail (
}
PZ_Unlock(vd->objectLock);
- tdCerts = nssTrustDomain_FindCertificatesByEmail(vd->td, email,
+ tdCerts = nssTrustDomain_FindCertsByEmail(vd->td, email,
rvOpt ? rvOpt + cert_array.count : NULL,
maximumOpt - cert_array.count, arenaOpt);
return finish_cert_array(&cert_array, status, tdCerts);
}
-NSS_IMPLEMENT NSSCertificate **
-NSSVolatileDomain_FindCertificatesByEmail (
+NSS_IMPLEMENT NSSCert **
+NSSVolatileDomain_FindCertsByEmail (
NSSVolatileDomain *vd,
NSSASCII7 *email,
- NSSCertificate *rvOpt[],
+ NSSCert *rvOpt[],
PRUint32 maximumOpt, /* 0 for no max */
NSSArena *arenaOpt
)
{
- return nssVolatileDomain_FindCertificatesByEmail(vd, email, rvOpt,
+ return nssVolatileDomain_FindCertsByEmail(vd, email, rvOpt,
maximumOpt, arenaOpt);
}
-NSS_IMPLEMENT NSSCertificate *
-nssVolatileDomain_FindBestCertificateByEmail (
+NSS_IMPLEMENT NSSCert *
+nssVolatileDomain_FindBestCertByEmail (
NSSVolatileDomain *vd,
NSSASCII7 *email,
NSSTime time,
@@ -734,23 +734,23 @@ nssVolatileDomain_FindBestCertificateByEmail (
NSSPolicies *policiesOpt
)
{
- NSSCertificate **certs;
- NSSCertificate *rvCert = NULL;
+ NSSCert **certs;
+ NSSCert *rvCert = NULL;
/* search the volatile domain by email */
- certs = nssVolatileDomain_FindCertificatesByEmail(vd, email,
+ certs = nssVolatileDomain_FindCertsByEmail(vd, email,
NULL, 0, NULL);
if (certs) {
/* find the best one */
- rvCert = nssCertificateArray_FindBestCertificate(certs, time,
+ rvCert = nssCertArray_FindBestCert(certs, time,
usages, policiesOpt);
- nssCertificateArray_Destroy(certs);
+ nssCertArray_Destroy(certs);
}
return rvCert;
}
-NSS_IMPLEMENT NSSCertificate *
-NSSVolatileDomain_FindBestCertificateByEmail (
+NSS_IMPLEMENT NSSCert *
+NSSVolatileDomain_FindBestCertByEmail (
NSSVolatileDomain *vd,
NSSASCII7 *email,
NSSTime time,
@@ -758,12 +758,12 @@ NSSVolatileDomain_FindBestCertificateByEmail (
NSSPolicies *policiesOpt
)
{
- return nssVolatileDomain_FindBestCertificateByEmail(vd, email,
+ return nssVolatileDomain_FindBestCertByEmail(vd, email,
time, usages, policiesOpt);
}
-NSS_IMPLEMENT NSSCertificate *
-NSSVolatileDomain_FindBestUserCertificate (
+NSS_IMPLEMENT NSSCert *
+NSSVolatileDomain_FindBestUserCert (
NSSVolatileDomain *vd,
NSSTime time,
NSSUsages *usages,
@@ -774,13 +774,13 @@ NSSVolatileDomain_FindBestUserCertificate (
return NULL;
}
-NSS_IMPLEMENT NSSCertificate **
-NSSVolatileDomain_FindUserCertificates (
+NSS_IMPLEMENT NSSCert **
+NSSVolatileDomain_FindUserCerts (
NSSVolatileDomain *vd,
NSSTime time,
NSSUsages *usagesOpt,
NSSPolicies *policiesOpt,
- NSSCertificate **rvOpt,
+ NSSCert **rvOpt,
PRUint32 rvLimit, /* zero for no limit */
NSSArena *arenaOpt
)
@@ -789,8 +789,8 @@ NSSVolatileDomain_FindUserCertificates (
return NULL;
}
-NSS_IMPLEMENT NSSCertificate *
-NSSVolatileDomain_FindBestUserCertificateForSSLClientAuth (
+NSS_IMPLEMENT NSSCert *
+NSSVolatileDomain_FindBestUserCertForSSLClientAuth (
NSSVolatileDomain *vd,
NSSUTF8 *sslHostOpt,
NSSDER *rootCAsOpt[], /* null pointer for none */
@@ -803,15 +803,15 @@ NSSVolatileDomain_FindBestUserCertificateForSSLClientAuth (
return NULL;
}
-NSS_IMPLEMENT NSSCertificate **
-NSSVolatileDomain_FindUserCertificatesForSSLClientAuth (
+NSS_IMPLEMENT NSSCert **
+NSSVolatileDomain_FindUserCertsForSSLClientAuth (
NSSVolatileDomain *vd,
NSSUTF8 *sslHostOpt,
NSSDER *rootCAsOpt[], /* null pointer for none */
PRUint32 rootCAsMaxOpt, /* zero means list is null-terminated */
const NSSAlgNParam *apOpt,
NSSPolicies *policiesOpt,
- NSSCertificate **rvOpt,
+ NSSCert **rvOpt,
PRUint32 rvLimit, /* zero for no limit */
NSSArena *arenaOpt
)
@@ -820,8 +820,8 @@ NSSVolatileDomain_FindUserCertificatesForSSLClientAuth (
return NULL;
}
-NSS_IMPLEMENT NSSCertificate *
-NSSVolatileDomain_FindBestUserCertificateForEmailSigning (
+NSS_IMPLEMENT NSSCert *
+NSSVolatileDomain_FindBestUserCertForEmailSigning (
NSSVolatileDomain *vd,
NSSASCII7 *signerOpt,
NSSASCII7 *recipientOpt,
@@ -834,15 +834,15 @@ NSSVolatileDomain_FindBestUserCertificateForEmailSigning (
return NULL;
}
-NSS_IMPLEMENT NSSCertificate *
-NSSVolatileDomain_FindUserCertificatesForEmailSigning (
+NSS_IMPLEMENT NSSCert *
+NSSVolatileDomain_FindUserCertsForEmailSigning (
NSSVolatileDomain *vd,
NSSASCII7 *signerOpt, /* fgmr or a more general name? */
NSSASCII7 *recipientOpt,
/* anything more here? */
const NSSAlgNParam *apOpt,
NSSPolicies *policiesOpt,
- NSSCertificate **rvOpt,
+ NSSCert **rvOpt,
PRUint32 rvLimit, /* zero for no limit */
NSSArena *arenaOpt
)
@@ -897,8 +897,8 @@ NSSVolatileDomain_GenerateKeyPair (
destination, uhhOpt);
}
-NSS_IMPLEMENT NSSSymmetricKey *
-nssVolatileDomain_GenerateSymmetricKey (
+NSS_IMPLEMENT NSSSymKey *
+nssVolatileDomain_GenerateSymKey (
NSSVolatileDomain *vd,
const NSSAlgNParam *ap,
PRUint32 keysize,
@@ -917,7 +917,7 @@ nssVolatileDomain_GenerateSymmetricKey (
creator.session = nssTokenSessionHash_GetSession(vd->tokenSessionHash,
destination, PR_FALSE);
if (!creator.session) {
- return (NSSSymmetricKey *)NULL;
+ return (NSSSymKey *)NULL;
}
creator.persistent = PR_FALSE;
creator.ap = ap;
@@ -925,11 +925,11 @@ nssVolatileDomain_GenerateSymmetricKey (
creator.nickname = nicknameOpt;
creator.properties = properties;
creator.operations = operations;
- return nssPKIObjectCreator_GenerateSymmetricKey(&creator, keysize);
+ return nssPKIObjectCreator_GenerateSymKey(&creator, keysize);
}
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSVolatileDomain_GenerateSymmetricKey (
+NSS_IMPLEMENT NSSSymKey *
+NSSVolatileDomain_GenerateSymKey (
NSSVolatileDomain *vd,
const NSSAlgNParam *ap,
PRUint32 keysize,
@@ -940,14 +940,14 @@ NSSVolatileDomain_GenerateSymmetricKey (
NSSCallback *uhhOpt
)
{
- return nssVolatileDomain_GenerateSymmetricKey(vd, ap, keysize,
+ return nssVolatileDomain_GenerateSymKey(vd, ap, keysize,
labelOpt,
operations, properties,
destination, uhhOpt);
}
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSVolatileDomain_GenerateSymmetricKeyFromPassword (
+NSS_IMPLEMENT NSSSymKey *
+NSSVolatileDomain_GenerateSymKeyFromPassword (
NSSVolatileDomain *vd,
const NSSAlgNParam *ap,
NSSUTF8 *passwordOpt, /* if null, prompt */
@@ -959,8 +959,8 @@ NSSVolatileDomain_GenerateSymmetricKeyFromPassword (
return NULL;
}
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSVolatileDomain_FindSymmetricKeyByAlgorithmAndKeyID (
+NSS_IMPLEMENT NSSSymKey *
+NSSVolatileDomain_FindSymKeyByAlgorithmAndKeyID (
NSSVolatileDomain *vd,
NSSOID *algorithm,
NSSItem *keyID,
@@ -972,27 +972,27 @@ NSSVolatileDomain_FindSymmetricKeyByAlgorithmAndKeyID (
}
/* XXX at a lower layer, or with OID? */
-static NSSSymmetricKeyType
+static NSSSymKeyType
get_sym_key_type(const NSSOID *symKeyAlg)
{
switch (nssOID_GetTag(symKeyAlg)) {
case NSS_OID_DES_ECB:
case NSS_OID_DES_CBC:
case NSS_OID_DES_MAC:
- return NSSSymmetricKeyType_DES;
+ return NSSSymKeyType_DES;
case NSS_OID_DES_EDE3_CBC:
- return NSSSymmetricKeyType_TripleDES;
+ return NSSSymKeyType_TripleDES;
case NSS_OID_RC2_CBC:
- return NSSSymmetricKeyType_RC2;
+ return NSSSymKeyType_RC2;
case NSS_OID_RC4:
- return NSSSymmetricKeyType_RC4;
+ return NSSSymKeyType_RC4;
default:
- return NSSSymmetricKeyType_Unknown;
+ return NSSSymKeyType_Unknown;
}
}
-NSS_IMPLEMENT NSSSymmetricKey *
-nssVolatileDomain_UnwrapSymmetricKey (
+NSS_IMPLEMENT NSSSymKey *
+nssVolatileDomain_UnwrapSymKey (
NSSVolatileDomain *vd,
const NSSAlgNParam *ap,
NSSPrivateKey *wrapKey,
@@ -1004,23 +1004,23 @@ nssVolatileDomain_UnwrapSymmetricKey (
)
{
nssCryptokiObject *vko, *mko;
- NSSSymmetricKey *mkey = NULL;
- NSSSymmetricKeyType keyType = get_sym_key_type(targetKeyAlg);
+ NSSSymKey *mkey = NULL;
+ NSSSymKeyType keyType = get_sym_key_type(targetKeyAlg);
/* find a token to do it on */
vko = nssPrivateKey_FindInstanceForAlgorithm(wrapKey, ap);
if (!vko) {
- return (NSSSymmetricKey *)NULL;
+ return (NSSSymKey *)NULL;
}
/* do the unwrap for a session object */
- mko = nssToken_UnwrapSymmetricKey(vko->token, vko->session, ap, vko,
+ mko = nssToken_UnwrapSymKey(vko->token, vko->session, ap, vko,
wrappedKey, PR_FALSE,
operations, properties, keyType);
/* done with the private key */
nssCryptokiObject_Destroy(vko);
/* create a new symkey in the volatile domain */
if (mko) {
- mkey = nssSymmetricKey_CreateFromInstance(mko, vd->td, vd);
+ mkey = nssSymKey_CreateFromInstance(mko, vd->td, vd);
if (!mkey) {
nssCryptokiObject_Destroy(mko);
}
@@ -1028,8 +1028,8 @@ nssVolatileDomain_UnwrapSymmetricKey (
return mkey;
}
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSVolatileDomain_UnwrapSymmetricKey (
+NSS_IMPLEMENT NSSSymKey *
+NSSVolatileDomain_UnwrapSymKey (
NSSVolatileDomain *vd,
const NSSAlgNParam *ap,
NSSPrivateKey *wrapKey,
@@ -1040,14 +1040,14 @@ NSSVolatileDomain_UnwrapSymmetricKey (
NSSProperties properties
)
{
- return nssVolatileDomain_UnwrapSymmetricKey(vd, ap, wrapKey,
+ return nssVolatileDomain_UnwrapSymKey(vd, ap, wrapKey,
wrappedKey, targetKeyAlg,
uhhOpt, operations,
properties);
}
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSVolatileDomain_DeriveSymmetricKey (
+NSS_IMPLEMENT NSSSymKey *
+NSSVolatileDomain_DeriveSymKey (
NSSVolatileDomain *vd,
NSSPublicKey *bk,
const NSSAlgNParam *apOpt,
@@ -1063,10 +1063,10 @@ NSSVolatileDomain_DeriveSymmetricKey (
#if 0
NSS_IMPLEMENT NSSItem *
-nssVolatileDomain_WrapSymmetricKey (
+nssVolatileDomain_WrapSymKey (
NSSVolatileDomain *vd,
const NSSAlgNParam *apOpt,
- NSSSymmetricKey *keyToWrap,
+ NSSSymKey *keyToWrap,
NSSCallback *uhhOpt,
NSSItem *rvOpt,
NSSArena *arenaOpt
@@ -1078,7 +1078,7 @@ nssVolatileDomain_WrapSymmetricKey (
return (NSSItem *)NULL;
}
/* set the context's symkey to the key to wrap */
- vd->mk = nssSymmetricKey_AddRef(keyToWrap);
+ vd->mk = nssSymKey_AddRef(keyToWrap);
/* initialize the context with the symkey first */
if (prepare_context_symmetric_key(vd, ap) == PR_FAILURE) {
/* didn't find a token that could do the operation */
@@ -1095,10 +1095,10 @@ nssVolatileDomain_WrapSymmetricKey (
}
NSS_IMPLEMENT NSSItem *
-NSSVolatileDomain_WrapSymmetricKey (
+NSSVolatileDomain_WrapSymKey (
NSSVolatileDomain *vd,
const NSSAlgNParam *apOpt,
- NSSSymmetricKey *keyToWrap,
+ NSSSymKey *keyToWrap,
NSSCallback *uhhOpt,
NSSItem *rvOpt,
NSSArena *arenaOpt
@@ -1108,7 +1108,7 @@ NSSVolatileDomain_WrapSymmetricKey (
nss_SetError(NSS_ERROR_INVALID_CRYPTO_CONTEXT);
return (NSSItem *)NULL;
}
- return nssVolatileDomain_WrapSymmetricKey(vd, apOpt, keyToWrap,
+ return nssVolatileDomain_WrapSymKey(vd, apOpt, keyToWrap,
uhhOpt, rvOpt, arenaOpt);
}
#endif
diff --git a/security/nss/lib/pkix/src/pkiglue.c b/security/nss/lib/pkix/src/pkiglue.c
index 4f358a067..b8a1161de 100644
--- a/security/nss/lib/pkix/src/pkiglue.c
+++ b/security/nss/lib/pkix/src/pkiglue.c
@@ -706,7 +706,7 @@ static PRStatus
verify_signature (
NSSPKIXCertificate *cert,
NSSPKIXCertificate *issuerCert,
- NSSCertificate *issuer
+ NSSCert *issuer
)
{
PRStatus status;
@@ -750,7 +750,7 @@ verify_signature (
return PR_FAILURE;
}
- verifyKey = NSSCertificate_GetPublicKey(issuer);
+ verifyKey = NSSCert_GetPublicKey(issuer);
if (!verifyKey) {
return PR_FAILURE;
}
@@ -774,7 +774,7 @@ verify_signature (
static PRStatus
pkix_ValidateChainLink (
void *cert,
- NSSCertificate *issuer,
+ NSSCert *issuer,
void *vData
)
{
@@ -786,7 +786,7 @@ pkix_ValidateChainLink (
nss_HoldErrorStack();
- pkixIssuer = (NSSPKIXCertificate *)NSSCertificate_GetDecoding(issuer);
+ pkixIssuer = (NSSPKIXCertificate *)NSSCert_GetDecoding(issuer);
if (!pkixIssuer) {
goto loser;
}
@@ -836,7 +836,7 @@ pkix_Destroy (
nss_ResumeErrorStack();
}
-NSSCertificateMethods g_pkix_methods;
+NSSCertMethods g_pkix_methods;
NSS_IMPLEMENT PRStatus
NSS_EnablePKIXCertificates (
@@ -860,6 +860,5 @@ NSS_EnablePKIXCertificates (
g_pkix_methods.freeChainValidationData = pkix_FreeChainValidationData;
g_pkix_methods.destroy = pkix_Destroy;
- return NSS_SetDefaultCertificateHandler(NSSCertificateType_PKIX,
- &g_pkix_methods);
+ return NSS_SetDefaultCertHandler(NSSCertType_PKIX, &g_pkix_methods);
}
diff --git a/security/nss/lib/ssl/prelib.c b/security/nss/lib/ssl/prelib.c
index 5a3005c78..d510c8dbe 100644
--- a/security/nss/lib/ssl/prelib.c
+++ b/security/nss/lib/ssl/prelib.c
@@ -59,7 +59,7 @@ static unsigned char fromHex(char x) {
PEHeader *SSL_PreencryptedStreamToFile(PRFileDesc *fd, PEHeader *inHeader,
int *headerSize)
{
- NSSSymmetricKey *key, *tek, *Ks;
+ NSSSymKey *key, *tek, *Ks;
sslSocket *ss;
NSSToken **tokens;
NSSToken *token;
@@ -125,7 +125,7 @@ PEHeader *SSL_PreencryptedStreamToFile(PRFileDesc *fd, PEHeader *inHeader,
}
/* get the token and the serial number */
- tokens = NSSSymmetricKey_GetTokens(tek, NULL);
+ tokens = NSSSymKey_GetTokens(tek, NULL);
if (tokens == NULL) {
PORT_Free(header);
return NULL;
@@ -150,21 +150,21 @@ PEHeader *SSL_PreencryptedStreamToFile(PRFileDesc *fd, PEHeader *inHeader,
skipjack = NSSOID_CreateFromTag(NSS_OID_FORTEZZA_SKIPJACK);
if (!skipjack) {
PORT_Free(header);
- NSSSymmetricKey_Destroy(Ks);
+ NSSSymKey_Destroy(Ks);
return NULL;
}
skipjackWrap = NSSAlgNParam_CreateWrap(NULL,
NSSAlgorithmType_Skipjack, NULL);
if (!skipjackWrap) {
PORT_Free(header);
- NSSSymmetricKey_Destroy(Ks);
+ NSSSymKey_Destroy(Ks);
return NULL;
}
/* unwrap the key with the TEK */
item.data = inHeader->u.fortezza.key;
item.size = sizeof(inHeader->u.fortezza.key);
- key = NSSSymmetricKey_UnwrapSymmetricKey(tek,
+ key = NSSSymKey_UnwrapSymKey(tek,
skipjackWrap,
&item,
skipjack,
@@ -175,7 +175,7 @@ PEHeader *SSL_PreencryptedStreamToFile(PRFileDesc *fd, PEHeader *inHeader,
#endif
if (key == NULL) {
PORT_Free(header);
- NSSSymmetricKey_Destroy(Ks);
+ NSSSymKey_Destroy(Ks);
NSSAlgNParam_Destroy(skipjackWrap);
return NULL;
}
@@ -183,13 +183,13 @@ PEHeader *SSL_PreencryptedStreamToFile(PRFileDesc *fd, PEHeader *inHeader,
/* rewrap with the local Ks */
item.data = header->u.fortezza.key;
item.size = sizeof(header->u.fortezza.key);
- rv = NSSSymmetricKey_Wrap(Ks, skipjackWrap, key,
+ rv = NSSSymKey_Wrap(Ks, skipjackWrap, key,
ss->pinCallback, &item, NULL);
#if 0
rv = PK11_WrapSymKey(CKM_SKIPJACK_WRAP, NULL, Ks, key, &item);
#endif
- NSSSymmetricKey_Destroy(Ks);
- NSSSymmetricKey_Destroy(key);
+ NSSSymKey_Destroy(Ks);
+ NSSSymKey_Destroy(key);
NSSAlgNParam_Destroy(skipjackWrap);
if (rv != SECSuccess) {
PORT_Free(header);
@@ -218,7 +218,7 @@ PEHeader *SSL_PreencryptedStreamToFile(PRFileDesc *fd, PEHeader *inHeader,
PEHeader *SSL_PreencryptedFileToStream(PRFileDesc *fd, PEHeader *header,
int *headerSize)
{
- NSSSymmetricKey *key, *tek, *Ks;
+ NSSSymKey *key, *tek, *Ks;
sslSocket *ss;
NSSToken **tokens;
NSSToken *token;
@@ -252,7 +252,7 @@ PEHeader *SSL_PreencryptedFileToStream(PRFileDesc *fd, PEHeader *header,
slot = PK11_GetSlotFromKey(tek);
/* get the token and the serial number */
- tokens = NSSSymmetricKey_GetTokens(tek, NULL);
+ tokens = NSSSymKey_GetTokens(tek, NULL);
if (tokens == NULL) {
return NULL;
}
@@ -267,13 +267,13 @@ PEHeader *SSL_PreencryptedFileToStream(PRFileDesc *fd, PEHeader *header,
/* set up the algorithms */
skipjack = NSSOID_CreateFromTag(NSS_OID_FORTEZZA_SKIPJACK);
if (!skipjack) {
- NSSSymmetricKey_Destroy(Ks);
+ NSSSymKey_Destroy(Ks);
return NULL;
}
skipjackWrap = NSSAlgNParam_CreateWrap(NULL,
NSSAlgorithmType_Skipjack, NULL);
if (!skipjackWrap) {
- NSSSymmetricKey_Destroy(Ks);
+ NSSSymKey_Destroy(Ks);
return NULL;
}
@@ -281,7 +281,7 @@ PEHeader *SSL_PreencryptedFileToStream(PRFileDesc *fd, PEHeader *header,
item.data = header->u.fortezza.key;
item.size = sizeof(header->u.fortezza.key);
/* rewrap the key with the TEK */
- key = NSSSymmetricKey_UnwrapSymmetricKey(Ks, skipjackWrap,
+ key = NSSSymKey_UnwrapSymKey(Ks, skipjackWrap,
&item, skipjack,
NSSOperations_DECRYPT, 0);
#if 0
@@ -289,17 +289,17 @@ PEHeader *SSL_PreencryptedFileToStream(PRFileDesc *fd, PEHeader *header,
NULL, &item, CKM_SKIPJACK_CBC64, CKA_DECRYPT, 0);
#endif
if (key == NULL) {
- NSSSymmetricKey_Destroy(Ks);
+ NSSSymKey_Destroy(Ks);
return NULL;
}
- rv = NSSSymmetricKey_Wrap(tek, skipjackWrap, key,
+ rv = NSSSymKey_Wrap(tek, skipjackWrap, key,
ss->pinCallback, &item, NULL);
#if 0
rv = PK11_WrapSymKey(CKM_SKIPJACK_WRAP, NULL, tek, key, &item);
#endif
- NSSSymmetricKey_Destroy(Ks);
- NSSSymmetricKey_Destroy(key);
+ NSSSymKey_Destroy(Ks);
+ NSSSymKey_Destroy(key);
if (rv != SECSuccess) {
return NULL;
}
diff --git a/security/nss/lib/ssl/ssl3con.c b/security/nss/lib/ssl/ssl3con.c
index 14ddcf132..c89df8dce 100644
--- a/security/nss/lib/ssl/ssl3con.c
+++ b/security/nss/lib/ssl/ssl3con.c
@@ -296,7 +296,7 @@ static const ssl3BulkCipherDef bulk_cipher_defs[] = {
AES,
s_aes_ap, 16, 16, type_block, 16,16, kg_strong},
{ cipher_aes_256,
- NSSSymmetricKeyType_AES,
+ NSSSymKeyType_AES,
s_aes_ap, 32, 32, type_block, 16,16, kg_strong},
#endif
{ cipher_missing,
@@ -1043,7 +1043,7 @@ static void
ssl3_CleanupKeyMaterial(ssl3KeyMaterial *mat)
{
if (mat->write_key != NULL) {
- NSSSymmetricKey_Destroy(mat->write_key);
+ NSSSymKey_Destroy(mat->write_key);
mat->write_key = NULL;
}
#if 0
@@ -1074,7 +1074,7 @@ ssl3_DestroyCipherSpec(ssl3CipherSpec *spec)
spec->decodeContext = NULL;
}
if (spec->master_secret != NULL) {
- NSSSymmetricKey_Destroy(spec->master_secret);
+ NSSSymKey_Destroy(spec->master_secret);
spec->master_secret = NULL;
}
ssl3_CleanupKeyMaterial(&spec->client);
@@ -1968,14 +1968,14 @@ ssl3_HandleChangeCipherSpecs(sslSocket *ss, sslBuffer *buf)
(it)->size = sizeof(buf);
static PRStatus
-ssl3_DeriveMasterSecret(sslSocket *ss, NSSSymmetricKey *pmsOpt);
+ssl3_DeriveMasterSecret(sslSocket *ss, NSSSymKey *pmsOpt);
{
PRBool isTLS = (PRBool)(kea_def->tls_keygen ||
(pwSpec->version > SSL_LIBRARY_VERSION_3_0));
PRBool isDH = (PRBool) (ss->ssl3->hs.kea_def->exchKeyType == ssl_kea_dh);
NSSAlgNParam *msDerive = NULL;
- NSSSymmetricKey *ms = ssl->ssl3->pwSpec->master_secret;
- NSSSymmetricKey *fpms = NULL;
+ NSSSymKey *ms = ssl->ssl3->pwSpec->master_secret;
+ NSSSymKey *fpms = NULL;
NSSSSLMSParameters msParams;
PRStatus status;
@@ -1997,31 +1997,31 @@ ssl3_DeriveMasterSecret(sslSocket *ss, NSSSymmetricKey *pmsOpt);
if (pmsOpt) {
/* generating master secret from existing pre-master secret */
- ms = NSSSymmetricKey_DeriveSymmetricKey(pmsOpt, msDerive,
- NSSSymmetricKeyType_SSLMS,
+ ms = NSSSymKey_DeriveSymKey(pmsOpt, msDerive,
+ NSSSymKeyType_SSLMS,
0, keyOps, NULL);
if (ms && !isDH && ss->detectRollBack) {
SSL3ProtocolVersion client_version;
client_version = pms_version.major << 8 | pms_version.minor;
if (client_version != ss->clientHelloVersion) {
/* Destroy it. Version roll-back detected. */
- NSSSymmetricKey_Destroy(ms);
+ NSSSymKey_Destroy(ms);
ms = NULL;
}
}
if (!ms) {
/* Generate a faux master secret in the same slot as the old one. */
NSSToken *pmsToken;
- (void)NSSSymmetricKey_GetTokens(pmsOpt, &pmsToken, 1, &status);
+ (void)NSSSymKey_GetTokens(pmsOpt, &pmsToken, 1, &status);
if (status == PR_FAILURE) {
goto loser;
}
fpms = ssl3_GenerateRSAPMS(ss, pwSpec, pmsToken);
if (fpms) {
- ms = NSSSymmetricKey_DeriveSymmetricKey(fpms, msDerive,
- NSSSymmetricKeyType_SSLMS,
+ ms = NSSSymKey_DeriveSymKey(fpms, msDerive,
+ NSSSymKeyType_SSLMS,
0, keyOps, NULL);
- NSSSymmetricKey_Destroy(fpms);
+ NSSSymKey_Destroy(fpms);
}
NSSToken_Destroy(pmsToken);
}
@@ -2033,11 +2033,11 @@ ssl3_DeriveMasterSecret(sslSocket *ss, NSSSymmetricKey *pmsOpt);
/* generate a faux master secret in the internal slot */
fpms = ssl3_GenerateRSAPMS(ss, pwSpec, internal);
if (fpms) {
- ms = NSSSymmetricKey_DeriveSymmetricKey(fpms, msDerive,
- NSSSymmetricKeyType_SSLMS,
+ ms = NSSSymKey_DeriveSymKey(fpms, msDerive,
+ NSSSymKeyType_SSLMS,
0, keyOps, NULL);
if (ms) {
- NSSSymmetricKey_Destroy(fpms);
+ NSSSymKey_Destroy(fpms);
} else {
ms = fpms;
}
@@ -2068,7 +2068,7 @@ loser:
* ssl3_InitPendingCipherSpec does that.
*/
static PRStatus
-ssl3_GenerateSessionKeys(sslSocket *ss, NSSSymmetricKey *pmsOpt)
+ssl3_GenerateSessionKeys(sslSocket *ss, NSSSymKey *pmsOpt)
{
ssl3CipherSpec * pwSpec = ss->ssl3->pwSpec;
const ssl3BulkCipherDef *cipher_def = pwSpec->cipher_def;
@@ -2077,11 +2077,11 @@ ssl3_GenerateSessionKeys(sslSocket *ss, NSSSymmetricKey *pmsOpt)
PRBool skipKeysAndIVs = (PRBool)((cipher_def->calg == calg_fortezza) ||
(cipher_def->calg == calg_null));
SSLCipherAlgorithm calg;
- NSSSymmetricKeyType bulkKeyType;
+ NSSSymKeyType bulkKeyType;
NSSSSLSessionKeyParameters skParams = { 0 };
NSSAlgNParam *skDerive = NULL;
NSSOperations keyOps;
- NSSSymmetricKey *sessionKeys[4];
+ NSSSymKey *sessionKeys[4];
PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
PORT_Assert( ssl_HaveSpecWriteLock(ss));
@@ -2121,7 +2121,7 @@ ssl3_GenerateSessionKeys(sslSocket *ss, NSSSymmetricKey *pmsOpt)
goto loser;
}
- status = nssSymmetricKey_DeriveSSLSessionKeys(pwSpec->masterSecret,
+ status = nssSymKey_DeriveSSLSessionKeys(pwSpec->masterSecret,
skDerive, bulkKeyType,
NSSOperations_ENCRYPT,
0, keySize, sessionKeys);
@@ -2131,16 +2131,16 @@ ssl3_GenerateSessionKeys(sslSocket *ss, NSSSymmetricKey *pmsOpt)
}
pwSpec->client.write_mac_cx =
- NSSSymmetricKey_CreateCryptoContext(sessionKeys[0], , );
+ NSSSymKey_CreateCryptoContext(sessionKeys[0], , );
pwSpec->server.write_mac_cx =
- NSSSymmetricKey_CreateCryptoContext(sessionKeys[1], , );
+ NSSSymKey_CreateCryptoContext(sessionKeys[1], , );
pwSpec->client.write_cx =
- NSSSymmetricKey_CreateCryptoContext(sessionKeys[2], , );
+ NSSSymKey_CreateCryptoContext(sessionKeys[2], , );
pwSpec->server.write_cx =
- NSSSymmetricKey_CreateCryptoContext(sessionKeys[3], , );
+ NSSSymKey_CreateCryptoContext(sessionKeys[3], , );
NSSAlgNParam_Destroy(skDerive);
@@ -6122,11 +6122,11 @@ fortezza_loser:
* ssl3_HandleRSAClientKeyExchange() (below)
* Caller must hold the SpecWriteLock, the SSL3HandshakeLock
*/
-static NSSSymmetricKey *
+static NSSSymKey *
ssl3_GenerateRSAPMS(sslSocket *ss, ssl3CipherSpec *spec,
NSSToken *serverKeyToken)
{
- NSSSymmetricKey * pms = NULL;
+ NSSSymKey * pms = NULL;
NSSToken * token = serverKeyToken;
const NSSAlgNParam *pmsAlg = ssl3_GetPMSAlg(ss->clientHelloVersion);
@@ -6153,14 +6153,14 @@ ssl3_GenerateRSAPMS(sslSocket *ss, ssl3CipherSpec *spec,
return (NSSCryptoContext *)NULL;
}
- pms = NSSCryptoContext_GenerateSymmetricKey(pmsCx, NULL, 0, token, NULL);
+ pms = NSSCryptoContext_GenerateSymKey(pmsCx, NULL, 0, token, NULL);
if (!pms) {
ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
NSSCryptoContext_Destroy(pmsCx);
return (NSSCryptoContext *)NULL;
}
- NSSSymmetricKey_Destroy(pms); /* part of context */
+ NSSSymKey_Destroy(pms); /* part of context */
if (!serverKeyToken) {
NSSToken_Destroy(token);
}
@@ -6185,7 +6185,7 @@ ssl3_HandleRSAClientKeyExchange(sslSocket *ss,
PRUint32 length,
NSSPrivateKey *serverKey)
{
- NSSSymmetricKey *pms;
+ NSSSymKey *pms;
NSSCryptoContext *pmsCx;
SECStatus rv;
NSSItem enc_pms;
@@ -6210,7 +6210,7 @@ ssl3_HandleRSAClientKeyExchange(sslSocket *ss,
/*
* decrypt pms out of the incoming buffer
*/
- pms = NSSPrivateKey_UnwrapSymmetricKey(serverKey, rsaUnwrap,
+ pms = NSSPrivateKey_UnwrapSymKey(serverKey, rsaUnwrap,
&emc_pms, NULL);
if (pms) {
/* XXX
@@ -6218,12 +6218,12 @@ ssl3_HandleRSAClientKeyExchange(sslSocket *ss,
PK11_GetKeyData(pms)->data,
PK11_GetKeyData(pms)->size));
*/
- pmsCx = NSSSymmetricKey_CreateCryptoContext(pms, NULL, NULL);
+ pmsCx = NSSSymKey_CreateCryptoContext(pms, NULL, NULL);
if (!pmsCx) {
ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
return SECFailure;
}
- NSSSymmetricKey_Destroy(pms); /* context has it */
+ NSSSymKey_Destroy(pms); /* context has it */
} else {
/* unwrap failed. Generate a bogus pre-master secret and carry on. */
NSSToken *token = NSSPrivateKey_GetAToken(serverKey);
diff --git a/security/nss/lib/ssl/sslimpl.h b/security/nss/lib/ssl/sslimpl.h
index 2f5164ec8..d4d4443f7 100644
--- a/security/nss/lib/ssl/sslimpl.h
+++ b/security/nss/lib/ssl/sslimpl.h
@@ -389,8 +389,8 @@ typedef struct {
typedef struct {
SSL3Opaque write_iv[MAX_IV_LENGTH];
- NSSSymmetricKey *write_key;
- /* NSSSymmetricKey *write_mac_key; */
+ NSSSymKey *write_key;
+ /* NSSSymKey *write_mac_key; */
NSSCryptoContext *write_mac_context;
} ssl3KeyMaterial;
@@ -417,7 +417,7 @@ typedef struct {
SSLCipher decode;
void * decodeContext;
SSLDestroy destroy;
- NSSSymmetricKey * master_secret;
+ NSSSymKey * master_secret;
ssl3KeyMaterial client;
ssl3KeyMaterial server;
SSL3SequenceNumber write_seq_num;
View Lorry Controller Status