NSPR functions¶
NSPR is a platform abstraction library that provides a cross-platform API to common OS services. NSS uses NSPR internally as the porting layer. However, a small number of NSPR functions are required for using the certificate verification and SSL functions in NSS. These NSPR functions are listed in this section.
NSPR initialization and shutdown¶
NSPR is automatically initialized by the first NSPR function called by the application. Call
`PR_Cleanup
</en-US/PR_Cleanup>`__ to shut down NSPR and clean up its resources.`
</en-US/PR_Init>`__
Error reporting¶
NSS uses NSPR’s thread-specific error code to report errors. Call
`PR_GetError
</en-US/PR_GetError>`__ to get the error code of the last failed NSS or NSPR
function. Call `PR_SetError
</en-US/PR_SetError>`__ to set the error code, which can be
retrieved with PR_GetError
later.
The NSS functions PORT_GetError
and PORT_SetError
are simply wrappers of PR_GetError
and PR_SetError
.
Calendar time¶
NSS certificate verification functions take a PRTime
parameter that specifies the time
instant at which the validity of the certificate should verified. The NSPR function
`PR_Now
</en-US/PR_Now>`__ returns the current time in PRTime
.
Interval time¶
The NSPR socket I/O functions `PR_Recv
</en-US/PR_Recv>`__ and
`PR_Send
</en-US/PR_Send>`__ (used by the NSS SSL functions) take a PRIntervalTime
timeout parameter. PRIntervalTime
has an abstract, platform-dependent time unit. Call
`PR_SecondsToInterval
</en-US/PR_SecondsToInterval>`__ or PR_MillisecondsToInterval
to
convert a time interval in seconds or milliseconds to PRIntervalTime
.
NSPR I/O layering¶
NSPR file descriptors can be layered, corresponding to the layers in the network stack. The SSL library in NSS implements the SSL protocol as an NSPR I/O layer, which sits on top of another NSPR I/O layer that represents TCP.
You can implement an NSPR I/O layer that wraps your own TCP socket code. The following NSPR functions allow you to create your own NSPR I/O layer and manipulate it.
Wrapping a native file descriptor¶
If your current TCP socket code uses the standard BSD socket API, a lighter-weight method than creating your own NSPR I/O layer is to simply import a native file descriptor into NSPR. This method is convenient and works for most applications.
Socket I/O functions¶
As mentioned above, the SSL library in NSS implements the SSL protocol as an NSPR I/O layer. Users call NSPR socket I/O functions to read from, write to, and shut down an SSL connection, and to close an NSPR file descriptor.