NSPR is a platform abstraction library that provides a cross-platform API to common OS services. NSS uses NSPR internally as the porting layer. However, a small number of NSPR functions are required for using the certificate verification and SSL functions in NSS. These NSPR functions are listed in this section.
NSPR initialization and shutdown
NSPR is automatically initialized by the first NSPR function called by the application. Call
PR_Cleanup to shut down NSPR and clean up its resources.
NSS uses NSPR's thread-specific error code to report errors. Call
PR_GetError to get the error code of the last failed NSS or NSPR function. Call
PR_SetError to set the error code, which can be retrieved with
The NSS functions
PORT_SetError are simply wrappers of
NSS certificate verification functions take a
PRTime parameter that specifies the time instant at which the validity of the certificate should verified. The NSPR function
PR_Now returns the current time in
The NSPR socket I/O functions
PR_Send (used by the NSS SSL functions) take a
PRIntervalTime timeout parameter.
PRIntervalTime has an abstract, platform-dependent time unit. Call
PR_MillisecondsToInterval to convert a time interval in seconds or milliseconds to
NSPR I/O layering
NSPR file descriptors can be layered, corresponding to the layers in the network stack. The SSL library in NSS implements the SSL protocol as an NSPR I/O layer, which sits on top of another NSPR I/O layer that represents TCP.
You can implement an NSPR I/O layer that wraps your own TCP socket code. The following NSPR functions allow you to create your own NSPR I/O layer and manipulate it.
Wrapping a native file descriptor
If your current TCP socket code uses the standard BSD socket API, a lighter-weight method than creating your own NSPR I/O layer is to simply import a native file descriptor into NSPR. This method is convenient and works for most applications.
Socket I/O functions
As mentioned above, the SSL library in NSS implements the SSL protocol as an NSPR I/O layer. Users call NSPR socket I/O functions to read from, write to, and shut down an SSL connection, and to close an NSPR file descriptor.