# In this file, every section corresponds to a header file.
# A corresponding binding file will be created in $OUT_DIR.

[nss_ssl]
types = [
    "HpkeSymmetricSuite",
    "PRCList",
    "PRUint16",
    "PRUint64",
    "PRUint8",
    "SECStatus",
    "SSLAeadContext",
    "SSLExtensionHandler",
    "SSLExtensionType",
    "SSLExtensionWriter",
    "SSLHelloRetryRequestAction",
    "SSLHelloRetryRequestCallback",
    "SSLNamedGroup",
    "SSLProtocolVariant",
    "SSLRecordWriteCallback",
    "SSLResumptionTokenCallback",
    "SSLResumptionTokenInfo",
    "SSLSecretCallback",
    "SSLSignatureScheme",
    "SSLTimeFunc",
]
functions = [
    "SSL_AlertSentCallback",
    "SSL_AuthCertificateComplete",
    "SSL_AuthCertificateHook",
    "SSL_CipherPrefSet",
    "SSL_ConfigServerCert",
    "SSL_ConfigServerSessionIDCache",
    "SSL_DestroyResumptionTokenInfo",
    "SSL_GetChannelInfo",
    "SSL_GetExperimentalAPI",
    "SSL_GetImplementedCiphers",
    "SSL_GetNextProto",
    "SSL_GetNumImplementedCiphers",
    "SSL_GetPreliminaryChannelInfo",
    "SSL_GetResumptionTokenInfo",
    "SSL_ForceHandshake",
    "SSL_ImportFD",
    "SSL_NamedGroupConfig",
    "SSL_OptionSet",
    "SSL_OptionGetDefault",
    "SSL_PeerCertificate",
    "SSL_PeerCertificateChain",
    "SSL_PeerSignedCertTimestamps",
    "SSL_PeerStapledOCSPResponses",
    "SSL_ResetHandshake",
    "SSL_SetNextProtoNego",
    "SSL_SetURL",
    "SSL_VersionRangeSet",
]
enums = [
    "HpkeAeadId",
    "HpkeKdfId",
    "SSLAuthType",
    "SSLCipherAlgorithm",
    "SSLCompressionMethod",
    "SSLContentType",
    "SSLExtensionType",
    "SSLHandshakeType",
    "SSLHelloRetryRequestAction",
    "SSLKEAType",
    "SSLMACAlgorithm",
    "SSLNamedGroup",
    "SSLNextProtoState",
    "SSLProtocolVariant",
    "SSLSecretDirection",
    "SSLSignatureScheme",
    "SECStatus",
]
variables = [
    "SSL_LIBRARY_VERSION_TLS_\\d_\\d",
    "SSL_NumImplementedCiphers",
    "ssl_preinfo_.*",
]
opaque = [
    "CERTCertificate",
    "PK11SymKey",
    "PLArenaPool",
    "PRFileDesc",
    "SECKEYPrivateKey",
    "SECKEYPublicKey",
    "SSLExtraServerCertData",
]

[nss_sslopt]
variables = [
    "SSL_REQUEST_CERTIFICATE",
    "SSL_REQUIRE_CERTIFICATE",
    "SSL_NO_LOCKS",
    "SSL_ENABLE_SESSION_TICKETS",
    "SSL_ENABLE_OCSP_STAPLING",
    "SSL_ENABLE_ALPN",
    "SSL_ENABLE_EXTENDED_MASTER_SECRET",
    "SSL_ENABLE_SIGNED_CERT_TIMESTAMPS",
    "SSL_ENABLE_0RTT_DATA",
    "SSL_RECORD_SIZE_LIMIT",
    "SSL_ENABLE_TLS13_COMPAT_MODE",
    "SSL_ENABLE_HELLO_DOWNGRADE_CHECK",
    "SSL_SUPPRESS_END_OF_EARLY_DATA",
]

[nss_ciphers]
variables = ["TLS_.*"]
exclude = [
    ".*_(?:EXPORT(?:1024)?|anon|DES|RC4)_.*",
    ".*_(?:MD5|NULL_SHA)",
]

[nss_secerr]
types = ["SECErrorCodes"]
enums = ["SECErrorCodes"]

[nss_sslerr]
types = ["SSLErrorCodes"]
enums = ["SSLErrorCodes"]

[nss_init]
functions = [
    "NSS_Initialize",
    "NSS_IsInitialized",
    "NSS_NoDB_Init",
    "NSS_SetDomesticPolicy",
    "NSS_Shutdown",
    "NSS_VersionCheck",
]
variables = [
    "NSS_INIT_READONLY",
    "SECMOD_DB",
]

[nss_p11]
types = [
    "CERTCertList",
    "CERTCertListNode",
    "CK_CHACHA20_PARAMS",
    "CK_ATTRIBUTE_TYPE",
    "CK_FLAGS",
    "CK_MECHANISM_TYPE",
    "HpkeAeadId",
    "HpkeKdfId",
    "HpkeKemId",
    "SECItem",
    "SECItemArray",
]
functions = [
    "CERT_DestroyCertificate",
    "CERT_DestroyCertList",
    "CERT_GetCertificateDer",
    "PK11_CipherOp",
    "PK11_CreateContextBySymKey",
    "PK11_DestroyContext",
    "PK11_Encrypt",
    "PK11_ExtractKeyValue",
    "PK11_FindCertFromNickname",
    "PK11_FindKeyByAnyCert",
    "PK11_FreeSlot",
    "PK11_FreeSymKey",
    "PK11_GenerateKeyPairWithOpFlags",
    "PK11_GenerateRandom",
    "PK11_GetBlockSize",
    "PK11_GetInternalSlot",
    "PK11_GetKeyData",
    "PK11_GetMechanism",
    "PK11_HPKE_Serialize",
    "PK11_ImportDataKey",
    "PK11_ReadRawAttribute",
    "PK11_ReferenceSymKey",
    "SECITEM_FreeItem",
    "SECKEY_CopyPrivateKey",
    "SECKEY_CopyPublicKey",
    "SECKEY_DestroyPrivateKey",
    "SECKEY_DestroyPublicKey",
    "SECOID_FindOIDByTag",
]
enums = [
    "HpkeAeadId",
    "HpkeKdfId",
    "HpkeKemId",
    "PK11ObjectType",
    "PK11Origin",
    "SECItemType",
    "SECOidTag",
]
opaque = [
    "CERTCertificate",
    "PK11Context",
    "PK11SlotInfo",
    "PK11SymKey",
    "SECKEYPrivateKey",
    "SECKEYPublicKey",
]
variables = [
    "CKA_DERIVE",
    "CKA_ENCRYPT",
    "CKA_VALUE",
    "CKF_DERIVE",
    "CKM_AES_ECB",
    "CKM_AES_GCM",
    "CKM_CHACHA20",
    "CKM_CHACHA20_POLY1305",
    "CKM_EC_KEY_PAIR_GEN",
    "CKM_HKDF_DERIVE",
    "CKM_INVALID_MECHANISM",
    "PK11_ATTR_INSENSITIVE",
    "PK11_ATTR_PRIVATE",
    "PK11_ATTR_PUBLIC",
    "PK11_ATTR_SENSITIVE",
    "PK11_ATTR_SESSION",
    "SEC_ASN1_OBJECT_ID",
]

[nspr_err]
# NSPR doesn't use an enum for errors, so we have to pull in everything in the header file.
# Specifying no types, functions, or variables does that, but then exclude some.
exclude = [
    "nspr_.*",
    "PR_MAX_ERROR",
    "ERROR_TABLE_BASE_nspr"
]

[nspr_error]
functions = [
    "PR_ErrorToName",
    "PR_ErrorToString",
    "PR_GetError",
    "PR_SetError",
]
variables = [
    "PR_LANGUAGE_I_DEFAULT",
]

[nspr_io]
types = ["PRIOMethods"]
functions = [
    "PR_Close",
    "PR_CreateIOLayerStub",
    "PR_GetUniqueIdentity",
]
variables = [
    "PR_AF_INET",
]
# opaque is for the stuff we don't plan to use, but we need for function signatures.
opaque = [
    "PRFileInfo",
    "PRFileInfo64",
    "PRFilePrivate",
    "PRIOVec",
    "PRSendFileData",
]
enums = [
    "PRDescType",
    "PRStatus",
    "PRSeekWhence",
    "PRSockOption",
    "PRTransmitFileFlags",
]

[nspr_time]
types = ["PRTime"]
functions = ["PR_Now"]

[mozpkix]
cplusplus = true
types = ["mozilla::pkix::ErrorCode"]
enums = ["mozilla::pkix::ErrorCode"]