NSS reference
From MDC
[edit] Initial Notes
- We are migrating the SSL Reference from www.mozilla.org. If you are inclined to help with this migration, your help would be very much appreciated.
- The proposed chapters below are based on the chapters of the SSL Reference and the categories of functions in NSS Public Functions.
- Should a particular page require the use of an underscore, please see the documentation for the Title Override Extension.
[edit] Building and installing NSS
[edit] Overview of an NSS application
Based on "Overview of an SSL Application" in the SSL Reference.
[edit] Getting started with NSS
Based on "Getting Started With SSL" in the SSL Reference.
[edit] Data types
Based on "Selected SSL Types and Structures" in the SSL Reference.
[edit] Utility functions
Based on "Utility Functions" in NSS Public Functions.
[edit] Certificate functions
Based on Certificate Functions in the SSL Reference and "Certificate Functions" in NSS Public Functions.
- Validating Certificates
- Manipulating Certificates
- CERT_DupCertificate
- CERT_DestroyCertificate
- SEC_DeletePermCertificate
- __CERT_ClosePermCertDB
- Getting Certificate Information
- Comparing SecItem Objects
[edit] Key functions
Based on Key Functions in the SSL Reference.
[edit] Digital signatures
This API consists of the routines used to perform signature generation and the routines used to perform signature verification.
[edit] Encryption/decryption
[edit] Hashing
[edit] Key generation
Generate keys, key pairs, and domain parameters.
[edit] Random number generation
This API consists of the two routines used for pseudorandom number generation -- PK11_GenerateRandomOnSlot and PK11_GenerateRandom -- and the two routines used for seeding pseudorandom number generation -- PK11_SeedRandom and PK11_RandomUpdate.
[edit] PKCS #11 functions
Based on PKCS #11 Functions in the SSL Reference and "Crypto Functions" in NSS Public Functions.
- SECMOD_LoadUserModule
- SECMOD_UnloadUserModule
- SECMOD_CloseUserDB
- SECMOD_OpenUserDB
- PK11_FindCertFromNickname
- PK11_FindKeyByAnyCert
- PK11_GetSlotName
- PK11_GetTokenName
- PK11_IsHW
- PK11_IsPresent
- PK11_IsReadOnly
- PK11_SetPasswordFunc
[edit] SSL Functions
Based on "SSL Functions" in the SSL Reference and "SSL Functions" and "Deprecated SSL Functions" in NSS Public Functions.
- SSL_ConfigServerSessionIDCache
- SSL_ClearSessionCache
[edit] S/MIME
Based on the S/MIME Reference (which only has one written chapter) and "S/MIME Functions" in NSS Public Functions.
[edit] PKCS #7 functions
Based on "PKCS #7 Functions" in NSS Public Functions.
[edit] PKCS #5 functions
Password-based encryption
- SEC_PKCS5GetIV
- SEC_PKCS5CreateAlgorithmID
- SEC_PKCS5GetCryptoAlgorithm
- SEC_PKCS5GetKeyLength
- SEC_PKCS5GetPBEAlgorithm
- SEC_PKCS5IsAlgorithmPBEAlg
[edit] PKCS #12 functions
Based on "PKCS #12 Functions" in NSS Public Functions. Used to exchange data such as private keys and certificates between two parties.
- SEC_PKCS12CreateExportContext
- SEC_PKCS12CreatePasswordPrivSafe
- SEC_PKCS12CreateUnencryptedSafe
- SEC_PKCS12AddCertAndKey
- SEC_PKCS12AddPasswordIntegrity
- SEC_PKCS12EnableCipher
- SEC_PKCS12Encode
- SEC_PKCS12DestroyExportContext
- SEC_PKCS12DecoderStart
- SEC_PKCS12DecoderImportBags
- SEC_PKCS12DecoderUpdate
- SEC_PKCS12DecoderFinish
- SEC_PKCS12DecoderValidateBags
- SEC_PKCS12DecoderVerify
- SEC_PKCS12DecoderGetCerts
- SEC_PKCS12DecoderSetTargetTokenCAs
- SEC_PKCS12DecoderIterateInit
- SEC_PKCS12DecoderIterateNext
- SEC_PKCS12IsEncryptionAllowed
- SEC_PKCS12SetPreferredCipher
[edit] Error codes
Based on "NSS and SSL Error Codes" in the SSL Reference.
[edit] NSS Environment variables
[edit] NSS cryptographic module
[edit] NSS Tech Notes
NSS Tech Notes NSS Memory allocation
[edit] Tools
Based on NSS Tools documentation on www.mozilla.org.