439
edits
NSS Shared DB: Difference between revisions
Jump to navigation
Jump to search
→legacy DB support
| Line 279: | Line 279: | ||
# A private interface may be needed to unwrap the private keys, or provide a handle to the password so the keys can be presented in the attribute format. | # A private interface may be needed to unwrap the private keys, or provide a handle to the password so the keys can be presented in the attribute format. | ||
This code would live in its own shared library. Most of the low level cert, CRL, key handling, and translation to PKCS #11 objects and attributes that was part of softoken will moved to this legacy shared library. It will be loaded whenever access to old databases is required. | This code would live in its own shared library, called lgdbm (with the appropriate platform semantics, lgdbm.dll on windows, liblgdbm.so on unix, etc). Most of the low level cert, CRL, key handling, and translation to PKCS #11 objects and attributes that was part of softoken will moved to this legacy shared library. When access to old databased are needed, the lgdbm shared library will be loaded, and the following symbols will be dynamically found: | ||
* legacy_Open - This has the same signature as s_open and returns SDB handles for the legacy database. | |||
* legacy_ReadSecmodDB, legacy_ReleaseSecmodDBData, legacy_DeleteSecmodDB, legacy_AddSecmodDB - These functions provide access to the old secmod databases. | |||
* legacy_Shutdown - This is called when NSS is through with all database support (that is when softoken shuts down). | |||
* legacy_SetCryptFunctions - This is used to set some callbacks that the legacy db can call to decrypt and encrypt password protected records (pkcs8 formatted keys, etc.). This allows the legacy database to translate it's database records to the new format without getting direct access to the keys. | |||
It will be loaded whenever access to old databases is required. | |||
[[Category:NSS]] | [[Category:NSS]] | ||