[prev in list] [next in list] [prev in thread] [next in thread] 

List:       mozilla-crypto
Subject:    Re: Finding nickname from CERTCertificate*
From:       Wan-Teh Chang <wtc () netscape ! com>
Date:       2001-07-27 1:34:35
[Download RAW message or body]

Robert Relyea wrote:
>
> When 4.X is released, Certs will be represented by the opaque data
> structure NSSCertificate. Initially we plan to have a small
> compatibility library that allows many of the common calls (those we
> advertise as public in nss.def... as opposed to those we just export in
> nss.def).

I would like to elaborate on the distinction Bob made
between "those we advertise as public in nss.def" and
"those we just export in nss.def".

Not all the functions exported by the NSS shared libraries
are considered public.  It is unfortunate that we have to
export certain internal functions from the core NSS shared
library (libnss3.so or nss3.dll) for the SSL, S/MIME, and
JSS shared libraries.  Some of those symbols we went to the
trouble of prepending double underscore (for example,
____CERT_NewTempCertificate), but we didn't do this consistently,
especially for the new symbols we exported in NSS 3.3 for JSS.

Therefore, it is best to consult the NSS Public Functions
list (the list for NSS 3.2 is at
http://www.mozilla.org/projects/security/pki/nss/ref/nssfunctions.html)
before you consider using a new NSS function in your code.

Wan-Teh

[prev in list] [next in list] [prev in thread] [next in thread]