Add NSS low-level bindings for dealing with primary password

This adds two low-level bindings to NSS for dealing with the primary password: * `PK11_NeedLogin`: for checking wheather a primary password is set * `PK11_CheckUserPassword`: for authorization with primary password Additionally the following two low-level NSS bindings are added to deal with key persistence: * `PK11_NeedUserInit` * `PK11_SetSymKeyNickname`
mozilla · Jan 6, 2025 · 3baf862 · 3baf862
1 parent 660d056
commit 3baf862
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 0 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,8 @@
 # v136.0 (In progress)
 
+### `rc_crypto`
+- New low level bindings for dealing with primary password.
+
 [Full Changelog](In progress)
 
 # v135.0 (_2025-01-06_)

diff --git a/components/support/rc_crypto/nss/nss_sys/src/bindings/pk11pub.rs b/components/support/rc_crypto/nss/nss_sys/src/bindings/pk11pub.rs
@@ -9,6 +9,9 @@ extern "C" {
     pub fn PK11_FreeSlot(slot: *mut PK11SlotInfo);
     pub fn PK11_GetInternalSlot() -> *mut PK11SlotInfo;
     pub fn PK11_GetInternalKeySlot() -> *mut PK11SlotInfo;
+    pub fn PK11_NeedUserInit(slot: *mut PK11SlotInfo) -> PRBool;
+    pub fn PK11_NeedLogin(slot: *mut PK11SlotInfo) -> PRBool;
+    pub fn PK11_CheckUserPassword(slot: *mut PK11SlotInfo, password: *const c_char) -> SECStatus;
     pub fn PK11_GenerateRandom(data: *mut c_uchar, len: c_int) -> SECStatus;
     pub fn PK11_FreeSymKey(key: *mut PK11SymKey);
     pub fn PK11_InitPin(
@@ -41,6 +44,7 @@ extern "C" {
         isPerm: PRBool,
         wincx: *mut c_void,
     ) -> *mut PK11SymKey;
+    pub fn PK11_SetSymKeyNickname(key: *mut PK11SymKey, name: *const c_char) -> SECStatus;
     pub fn PK11_Derive(
         baseKey: *mut PK11SymKey,
         mechanism: CK_MECHANISM_TYPE,