19 DISABLE_GCC_WARNING(
"-Wstrict-prototypes")
27 ENABLE_GCC_WARNING(
"-Wstrict-prototypes")
30 crypto_nss_get_version_str(
void)
32 return NSS_GetVersion();
35 crypto_nss_get_header_version_str(
void)
53 crypto_nss_early_init(
int nss_only)
56 PR_Init(PR_USER_THREAD, PR_PRIORITY_NORMAL, 0);
63 if (NSS_NoDB_Init(NULL) == SECFailure) {
64 log_err(
LD_CRYPTO,
"Unable to initialize NSS.");
65 crypto_nss_log_errors(
LOG_ERR,
"initializing NSS");
66 tor_assert_unreached();
69 if (NSS_SetDomesticPolicy() == SECFailure) {
70 log_err(
LD_CRYPTO,
"Unable to set NSS cipher policy.");
71 crypto_nss_log_errors(
LOG_ERR,
"setting cipher policy");
72 tor_assert_unreached();
77 SECStatus rv = NSS_OptionSet(NSS_RSA_MIN_KEY_SIZE, 1024);
78 if (rv != SECSuccess) {
79 log_err(
LD_CRYPTO,
"Unable to set NSS min RSA key size");
80 crypto_nss_log_errors(
LOG_ERR,
"setting cipher option.");
81 tor_assert_unreached();
86 crypto_nss_log_errors(
int severity,
const char *doing)
88 PRErrorCode code = PR_GetError();
89 const char *
string = PORT_ErrorToString(code);
90 const char *
name = PORT_ErrorToName(code);
93 string =
"<unrecognized>";
100 name, doing,
string);
107 crypto_nss_late_init(
void)
115 crypto_nss_global_cleanup(
void)
123 crypto_nss_prefork(
void)
129 crypto_nss_postfork(
void)
131 crypto_nss_early_init(1);
static char * nss_password_func_always_fail(PK11SlotInfo *slot, PRBool retry, void *arg)
Headers for crypto_nss_mgt.c.
void tor_log(int severity, log_domain_mask_t domain, const char *format,...)
int tor_snprintf(char *str, size_t size, const char *format,...)
Macros to manage assertions, fatal and non-fatal.