"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "nss/lib/pk11wrap/pk11pub.h" between
nss-3.61.tar.gz and nss-3.62.tar.gz

About: NSS is a set of libraries, APIs, utilities, and documentation designed to support cross-platform development of security-enabled client and server applications. It provides a complete implementation of the crypto libraries used by Mozilla and other companies.

pk11pub.h  (nss-3.61):pk11pub.h  (nss-3.62)
skipping to change at line 731 skipping to change at line 731
CERTCertList *PK11_ListCerts(PK11CertListType type, void *pwarg); CERTCertList *PK11_ListCerts(PK11CertListType type, void *pwarg);
CERTCertList *PK11_ListCertsInSlot(PK11SlotInfo *slot); CERTCertList *PK11_ListCertsInSlot(PK11SlotInfo *slot);
CERTSignedCrl *PK11_ImportCRL(PK11SlotInfo *slot, SECItem *derCRL, char *url, CERTSignedCrl *PK11_ImportCRL(PK11SlotInfo *slot, SECItem *derCRL, char *url,
int type, void *wincx, PRInt32 importOptions, PLAr enaPool *arena, PRInt32 decodeOptions); int type, void *wincx, PRInt32 importOptions, PLAr enaPool *arena, PRInt32 decodeOptions);
CK_BBOOL PK11_HasAttributeSet(PK11SlotInfo *slot, CK_BBOOL PK11_HasAttributeSet(PK11SlotInfo *slot,
CK_OBJECT_HANDLE id, CK_OBJECT_HANDLE id,
CK_ATTRIBUTE_TYPE type, CK_ATTRIBUTE_TYPE type,
PRBool haslock /* must be set to PR_FALSE */); PRBool haslock /* must be set to PR_FALSE */);
/********************************************************************** /**********************************************************************
* Hybrid Public Key Encryption (draft-05) * Hybrid Public Key Encryption (draft-07)
**********************************************************************/ **********************************************************************/
/* /*
* NOTE: All HPKE functions will fail with SEC_ERROR_INVALID_ALGORITHM * NOTE: All HPKE functions will fail with SEC_ERROR_INVALID_ALGORITHM
* unless NSS is compiled with NSS_ENABLE_DRAFT_HPKE while spec (and * unless NSS is compiled with NSS_ENABLE_DRAFT_HPKE while spec (and
* implementation) is in draft. The eventual RFC number is an input to * implementation) is in draft. The eventual RFC number is an input to
* the key schedule, so applications opting into this MUST be prepared for * the key schedule, so applications opting into this MUST be prepared for
* outputs to change when the implementation is updated or finalized. */ * outputs to change when the implementation is updated or finalized. */
/* Some of the various HPKE arguments would ideally be const, but the /* Some of the various HPKE arguments would ideally be const, but the
* underlying PK11 functions take them as non-const. To avoid lying to * underlying PK11 functions take them as non-const. To avoid lying to
* the application with a cast, this idiosyncrasy is exposed. */ * the application with a cast, this idiosyncrasy is exposed. */
SECStatus PK11_HPKE_ValidateParameters(HpkeKemId kemId, HpkeKdfId kdfId, HpkeAea dId aeadId); SECStatus PK11_HPKE_ValidateParameters(HpkeKemId kemId, HpkeKdfId kdfId, HpkeAea dId aeadId);
HpkeContext *PK11_HPKE_NewContext(HpkeKemId kemId, HpkeKdfId kdfId, HpkeAeadId a eadId, HpkeContext *PK11_HPKE_NewContext(HpkeKemId kemId, HpkeKdfId kdfId, HpkeAeadId a eadId,
PK11SymKey *psk, const SECItem *pskId); PK11SymKey *psk, const SECItem *pskId);
SECStatus PK11_HPKE_Deserialize(const HpkeContext *cx, const PRUint8 *enc, SECStatus PK11_HPKE_Deserialize(const HpkeContext *cx, const PRUint8 *enc,
unsigned int encLen, SECKEYPublicKey **outPubKey ); unsigned int encLen, SECKEYPublicKey **outPubKey );
void PK11_HPKE_DestroyContext(HpkeContext *cx, PRBool freeit); void PK11_HPKE_DestroyContext(HpkeContext *cx, PRBool freeit);
const SECItem *PK11_HPKE_GetEncapPubKey(const HpkeContext *cx);
/* Serialize an initialized receiver context. This only retains the keys and
* associated information necessary to resume Export and Open operations after
* import. Serialization is currently supported for receiver contexts only.
* This is done for two reasons: 1) it avoids having to move the encryption
* sequence number outside of the token (or adding encryption context
* serialization support to softoken), and 2) we don't have to worry about IV
* reuse due to sequence number cloning.
*
* |wrapKey| is required when exporting in FIPS mode. If exported with a
* wrapping key, that same key must be provided to the import function,
* otherwise behavior is undefined.
*
* Even when exported with key wrap, HPKE expects the nonce to also be kept
* secret and that value is not protected by wrapKey. Applications are
* responsible for maintaining the confidentiality of the exported information.
*/
SECStatus PK11_HPKE_ExportContext(const HpkeContext *cx, PK11SymKey *wrapKey, SE
CItem **serialized);
SECStatus PK11_HPKE_ExportSecret(const HpkeContext *cx, const SECItem *info, uns igned int L, SECStatus PK11_HPKE_ExportSecret(const HpkeContext *cx, const SECItem *info, uns igned int L,
PK11SymKey **outKey); PK11SymKey **outKey);
const SECItem *PK11_HPKE_GetEncapPubKey(const HpkeContext *cx);
HpkeContext *PK11_HPKE_ImportContext(const SECItem *serialized, PK11SymKey *wrap
Key);
SECStatus PK11_HPKE_Open(HpkeContext *cx, const SECItem *aad, const SECItem *ct, SECItem **outPt); SECStatus PK11_HPKE_Open(HpkeContext *cx, const SECItem *aad, const SECItem *ct, SECItem **outPt);
SECStatus PK11_HPKE_Seal(HpkeContext *cx, const SECItem *aad, const SECItem *pt, SECItem **outCt); SECStatus PK11_HPKE_Seal(HpkeContext *cx, const SECItem *aad, const SECItem *pt, SECItem **outCt);
SECStatus PK11_HPKE_Serialize(const SECKEYPublicKey *pk, PRUint8 *buf, unsigned int *len, unsigned int maxLen); SECStatus PK11_HPKE_Serialize(const SECKEYPublicKey *pk, PRUint8 *buf, unsigned int *len, unsigned int maxLen);
SECStatus PK11_HPKE_SetupS(HpkeContext *cx, const SECKEYPublicKey *pkE, SECKEYPr ivateKey *skE, SECStatus PK11_HPKE_SetupS(HpkeContext *cx, const SECKEYPublicKey *pkE, SECKEYPr ivateKey *skE,
SECKEYPublicKey *pkR, const SECItem *info); SECKEYPublicKey *pkR, const SECItem *info);
SECStatus PK11_HPKE_SetupR(HpkeContext *cx, const SECKEYPublicKey *pkR, SECKEYPr ivateKey *skR, SECStatus PK11_HPKE_SetupR(HpkeContext *cx, const SECKEYPublicKey *pkR, SECKEYPr ivateKey *skR,
const SECItem *enc, const SECItem *info); const SECItem *enc, const SECItem *info);
/********************************************************************** /**********************************************************************
* Sign/Verify * Sign/Verify
 End of changes. 3 change blocks. 
2 lines changed or deleted 23 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)