Merge pull request #1476 from secondlife/marchcat/x-b-merge

Maint X -> Maint B merge

1 files changed, 290 insertions, 290 deletions

diff --git a/indra/newview/llsecapi.h b/indra/newview/llsecapi.h
index d8831fee93..5cc78d09dc 100644
--- a/indra/newview/llsecapi.h
+++ b/indra/newview/llsecapi.h
@@ -1,4 +1,4 @@
-/** 
+/**
  * @file llsecapi.h
  * @brief Security API for services such as certificate handling
  * secure local storage, etc.
@@ -6,21 +6,21 @@
  * $LicenseInfo:firstyear=2009&license=viewerlgpl$
  * Second Life Viewer Source Code
  * Copyright (C) 2010, Linden Research, Inc.
- * 
+ *
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation;
  * version 2.1 of the License only.
- * 
+ *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  * Lesser General Public License for more details.
- * 
+ *
  * You should have received a copy of the GNU Lesser General Public
  * License along with this library; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
- * 
+ *
  * Linden Research, Inc., 945 Battery Street, San Francisco, CA  94111  USA
  * $/LicenseInfo$
  */
@@ -44,12 +44,12 @@
 #define CERT_SUBJECT_NAME "subject_name"
 #define CERT_ISSUER_NAME "issuer_name"
 #define CERT_NAME_CN "commonName"
-		
+
 #define CERT_SUBJECT_NAME_STRING "subject_name_string"
 #define CERT_ISSUER_NAME_STRING "issuer_name_string"
-		
+
 #define CERT_SERIAL_NUMBER "serial_number"
-		
+
 #define CERT_VALID_FROM "valid_from"
 #define CERT_VALID_TO "valid_to"
 #define CERT_SHA1_DIGEST "sha1_digest"
@@ -83,7 +83,7 @@
 #define CERT_AUTHORITY_KEY_IDENTIFIER_NAME "authorityKeyIdentifierName"
 #define CERT_AUTHORITY_KEY_IDENTIFIER_SERIAL "authorityKeyIdentifierSerial"
 
-// validate the current time lies within 
+// validate the current time lies within
 // the validation period of the cert
 #define VALIDATION_POLICY_TIME 1
 
@@ -120,11 +120,11 @@
 
 struct LLProtectedDataException: public LLException
 {
-	LLProtectedDataException(const std::string& msg):
-		LLException(msg)
-	{
-		LL_WARNS("SECAPI") << "Protected Data Error: " << msg << LL_ENDL;
-	}
+    LLProtectedDataException(const std::string& msg):
+        LLException(msg)
+    {
+        LL_WARNS("SECAPI") << "Protected Data Error: " << msg << LL_ENDL;
+    }
 };
 
 // class LLCertificate
@@ -134,25 +134,25 @@ struct LLProtectedDataException: public LLException
 // factory calls
 class LLCertificate : public LLThreadSafeRefCount
 {
-	LOG_CLASS(LLCertificate);
+    LOG_CLASS(LLCertificate);
 public:
-	LLCertificate() {}
-	
-	virtual ~LLCertificate() {}
-	
-	// return a PEM encoded certificate.  The encoding
-	// includes the -----BEGIN CERTIFICATE----- and end certificate elements
-	virtual std::string getPem() const=0; 
-	
-	// return a DER encoded certificate
-	virtual std::vector<U8> getBinary() const=0;  
-	
-	// return an LLSD object containing information about the certificate
-	// such as its name, signature, expiry time, serial number
-	virtual void getLLSD(LLSD& llsd)=0; 
-	
-	// return an openSSL X509 struct for the certificate
-	virtual X509* getOpenSSLX509() const=0;
+    LLCertificate() {}
+
+    virtual ~LLCertificate() {}
+
+    // return a PEM encoded certificate.  The encoding
+    // includes the -----BEGIN CERTIFICATE----- and end certificate elements
+    virtual std::string getPem() const=0;
+
+    // return a DER encoded certificate
+    virtual std::vector<U8> getBinary() const=0;
+
+    // return an LLSD object containing information about the certificate
+    // such as its name, signature, expiry time, serial number
+    virtual void getLLSD(LLSD& llsd)=0;
+
+    // return an openSSL X509 struct for the certificate
+    virtual X509* getOpenSSLX509() const=0;
 
 };
 
@@ -162,81 +162,81 @@ public:
 
 class LLCertificateVector : public LLThreadSafeRefCount
 {
-	
+
 public:
-	
-	LLCertificateVector() {};
-	virtual ~LLCertificateVector() {};
-	
-	// base iterator implementation class, providing
-	// the functionality needed for the iterator class.
-	class iterator_impl : public LLThreadSafeRefCount
-	{
-	public:
-		iterator_impl() {};
-		virtual ~iterator_impl() {};
-		virtual void seek(bool incr)=0;
-		virtual LLPointer<iterator_impl> clone() const=0;
-		virtual bool equals(const LLPointer<iterator_impl>& _iter) const=0;
-		virtual LLPointer<LLCertificate> get()=0;
-	};
-	
-	// iterator class
-	class iterator
-	{
-	public:
-		iterator(LLPointer<iterator_impl> impl) : mImpl(impl) {}
-		iterator() : mImpl(NULL) {}
-		iterator(const iterator& _iter) {mImpl = _iter.mImpl->clone(); }
-		~iterator() {}
-		iterator& operator++() { if(mImpl.notNull()) mImpl->seek(true); return *this;}
-		iterator& operator--() { if(mImpl.notNull()) mImpl->seek(false); return *this;}
-		
-		iterator operator++(int) { iterator result = *this; if(mImpl.notNull()) mImpl->seek(true); return result;}
-		iterator operator--(int) { iterator result = *this; if(mImpl.notNull()) mImpl->seek(false); return result;}
-		LLPointer<LLCertificate> operator*() { return mImpl->get(); }		
-		
-		LLPointer<iterator_impl> mImpl;
-	protected:
-		friend bool operator==(const LLCertificateVector::iterator& _lhs, const LLCertificateVector::iterator& _rhs);
-		bool equals(const iterator& _iter) const { return mImpl->equals(_iter.mImpl); }
-	};
-	
-	// numeric indexer
-	virtual LLPointer<LLCertificate> operator[](int)=0;
-	
-	// Iteration
-	virtual iterator begin()=0;
-	
-	virtual iterator end()=0;
-	
-	// find a cert given params
-	virtual iterator find(const LLSD& params) =0;
-	
-	// return the number of certs in the store
-	virtual int size() const = 0;	
-	
-	// append the cert to the store.  if a copy of the cert already exists in the store, it is removed first
-	virtual void  add(LLPointer<LLCertificate> cert)=0;
-	
-	// insert the cert to the store.  if a copy of the cert already exists in the store, it is removed first
-	virtual void  insert(iterator location, LLPointer<LLCertificate> cert)=0;	
-	
-	// remove a certificate from the store
-	virtual LLPointer<LLCertificate> erase(iterator cert)=0;	
+
+    LLCertificateVector() {};
+    virtual ~LLCertificateVector() {};
+
+    // base iterator implementation class, providing
+    // the functionality needed for the iterator class.
+    class iterator_impl : public LLThreadSafeRefCount
+    {
+    public:
+        iterator_impl() {};
+        virtual ~iterator_impl() {};
+        virtual void seek(bool incr)=0;
+        virtual LLPointer<iterator_impl> clone() const=0;
+        virtual bool equals(const LLPointer<iterator_impl>& _iter) const=0;
+        virtual LLPointer<LLCertificate> get()=0;
+    };
+
+    // iterator class
+    class iterator
+    {
+    public:
+        iterator(LLPointer<iterator_impl> impl) : mImpl(impl) {}
+        iterator() : mImpl(NULL) {}
+        iterator(const iterator& _iter) {mImpl = _iter.mImpl->clone(); }
+        ~iterator() {}
+        iterator& operator++() { if(mImpl.notNull()) mImpl->seek(true); return *this;}
+        iterator& operator--() { if(mImpl.notNull()) mImpl->seek(false); return *this;}
+
+        iterator operator++(int) { iterator result = *this; if(mImpl.notNull()) mImpl->seek(true); return result;}
+        iterator operator--(int) { iterator result = *this; if(mImpl.notNull()) mImpl->seek(false); return result;}
+        LLPointer<LLCertificate> operator*() { return mImpl->get(); }
+
+        LLPointer<iterator_impl> mImpl;
+    protected:
+        friend bool operator==(const LLCertificateVector::iterator& _lhs, const LLCertificateVector::iterator& _rhs);
+        bool equals(const iterator& _iter) const { return mImpl->equals(_iter.mImpl); }
+    };
+
+    // numeric indexer
+    virtual LLPointer<LLCertificate> operator[](int)=0;
+
+    // Iteration
+    virtual iterator begin()=0;
+
+    virtual iterator end()=0;
+
+    // find a cert given params
+    virtual iterator find(const LLSD& params) =0;
+
+    // return the number of certs in the store
+    virtual int size() const = 0;
+
+    // append the cert to the store.  if a copy of the cert already exists in the store, it is removed first
+    virtual void  add(LLPointer<LLCertificate> cert)=0;
+
+    // insert the cert to the store.  if a copy of the cert already exists in the store, it is removed first
+    virtual void  insert(iterator location, LLPointer<LLCertificate> cert)=0;
+
+    // remove a certificate from the store
+    virtual LLPointer<LLCertificate> erase(iterator cert)=0;
 };
 
 // class LLCertificateChain
-// Class representing a chain of certificates in order, with the 
+// Class representing a chain of certificates in order, with the
 // first element being the child cert.
 class LLCertificateChain : virtual public LLCertificateVector
-{	
-	
+{
+
 public:
-	LLCertificateChain() {}
-	
-	virtual ~LLCertificateChain() {}
-	
+    LLCertificateChain() {}
+
+    virtual ~LLCertificateChain() {}
+
 };
 
 // class LLCertificateStore
@@ -246,24 +246,24 @@ public:
 //
 class LLCertificateStore : virtual public LLCertificateVector
 {
-	
+
 public:
-	
-	LLCertificateStore() {}
-	virtual ~LLCertificateStore() {}
-	
-	// persist the store
-	virtual void save()=0;
-	
-	// return the store id
-	virtual std::string storeId() const=0;
-	
-	// validate a certificate chain given the params.
-	// Will throw exceptions on error
-	
-	virtual void validate(int validation_policy,
-						  LLPointer<LLCertificateChain> cert_chain,
-						  const LLSD& validation_params) =0;
+
+    LLCertificateStore() {}
+    virtual ~LLCertificateStore() {}
+
+    // persist the store
+    virtual void save()=0;
+
+    // return the store id
+    virtual std::string storeId() const=0;
+
+    // validate a certificate chain given the params.
+    // Will throw exceptions on error
+
+    virtual void validate(int validation_policy,
+                          LLPointer<LLCertificateChain> cert_chain,
+                          const LLSD& validation_params) =0;
 
     // Clear cache if any
     virtual void clearSertCache()=0;
@@ -273,12 +273,12 @@ public:
 inline
 bool operator==(const LLCertificateVector::iterator& _lhs, const LLCertificateVector::iterator& _rhs)
 {
-	return _lhs.equals(_rhs);
+    return _lhs.equals(_rhs);
 }
 inline
 bool operator!=(const LLCertificateVector::iterator& _lhs, const LLCertificateVector::iterator& _rhs)
 {
-	return !(_lhs == _rhs);
+    return !(_lhs == _rhs);
 }
 
 
@@ -290,43 +290,43 @@ bool operator!=(const LLCertificateVector::iterator& _lhs, const LLCertificateVe
 // LLCredential - interface for credentials providing the following functionality:
 // * Persistence of credential information based on grid (for saving username/password)
 // * Serialization to an OGP identifier/authenticator pair
-// 
+//
 class LLCredential  : public LLThreadSafeRefCount
 {
 public:
-	
-	LLCredential() {}
-	
-	LLCredential(const std::string& grid)
-	{
-		mGrid = grid;
-		mIdentifier = LLSD::emptyMap();
-		mAuthenticator = LLSD::emptyMap();
-	}
-	
-	virtual ~LLCredential() {}
-	
-	virtual void setCredentialData(const LLSD& identifier, const LLSD& authenticator) 
-	{ 
-		mIdentifier = identifier;
-		mAuthenticator = authenticator;
-	}
-	virtual LLSD getIdentifier() { return mIdentifier; }
-	virtual void identifierType(std::string& idType);
-	virtual LLSD getAuthenticator() { return mAuthenticator; }
-	virtual void authenticatorType(std::string& authType);
-	virtual LLSD getLoginParams();
-	virtual std::string getGrid() { return mGrid; }
-	
-
-	virtual void clearAuthenticator() { mAuthenticator = LLSD(); } 
-	virtual std::string userID() const { return std::string("unknown");}
-	virtual std::string asString() const { return std::string("unknown");}
-	operator std::string() const { return asString(); }
+
+    LLCredential() {}
+
+    LLCredential(const std::string& grid)
+    {
+        mGrid = grid;
+        mIdentifier = LLSD::emptyMap();
+        mAuthenticator = LLSD::emptyMap();
+    }
+
+    virtual ~LLCredential() {}
+
+    virtual void setCredentialData(const LLSD& identifier, const LLSD& authenticator)
+    {
+        mIdentifier = identifier;
+        mAuthenticator = authenticator;
+    }
+    virtual LLSD getIdentifier() { return mIdentifier; }
+    virtual void identifierType(std::string& idType);
+    virtual LLSD getAuthenticator() { return mAuthenticator; }
+    virtual void authenticatorType(std::string& authType);
+    virtual LLSD getLoginParams();
+    virtual std::string getGrid() { return mGrid; }
+
+
+    virtual void clearAuthenticator() { mAuthenticator = LLSD(); }
+    virtual std::string userID() const { return std::string("unknown");}
+    virtual std::string asString() const { return std::string("unknown");}
+    operator std::string() const { return asString(); }
 protected:
-	LLSD mIdentifier;
-	LLSD mAuthenticator;
-	std::string mGrid;
+    LLSD mIdentifier;
+    LLSD mAuthenticator;
+    std::string mGrid;
 };
 
 std::ostream& operator <<(std::ostream& s, const LLCredential& cred);
@@ -338,10 +338,10 @@ class LLCertException: public LLException
 {
 public:
     LLCertException(const LLSD& cert_data, const std::string& msg);
-	virtual ~LLCertException() throw() {}
-	LLSD getCertData() const { return mCertData; }
+    virtual ~LLCertException() throw() {}
+    LLSD getCertData() const { return mCertData; }
 protected:
-	LLSD mCertData;
+    LLSD mCertData;
 };
 
 class LLAllocationCertException : public LLCertException
@@ -357,78 +357,78 @@ protected:
 class LLInvalidCertificate : public LLCertException
 {
 public:
-	LLInvalidCertificate(const LLSD& cert_data) : LLCertException(cert_data, "CertInvalid")
-	{
-	}
-	virtual ~LLInvalidCertificate() throw() {}
+    LLInvalidCertificate(const LLSD& cert_data) : LLCertException(cert_data, "CertInvalid")
+    {
+    }
+    virtual ~LLInvalidCertificate() throw() {}
 protected:
 };
 
 class LLCertValidationTrustException : public LLCertException
 {
 public:
-	LLCertValidationTrustException(const LLSD& cert_data) : LLCertException(cert_data, "CertUntrusted")
-	{
-	}
-	virtual ~LLCertValidationTrustException() throw() {}
+    LLCertValidationTrustException(const LLSD& cert_data) : LLCertException(cert_data, "CertUntrusted")
+    {
+    }
+    virtual ~LLCertValidationTrustException() throw() {}
 protected:
 };
 
 class LLCertValidationHostnameException : public LLCertException
 {
 public:
-	LLCertValidationHostnameException(std::string hostname,
-									  const LLSD& cert_data) : LLCertException(cert_data, "CertInvalidHostname")
-	{
-		mHostname = hostname;
-	}
-	virtual ~LLCertValidationHostnameException() throw() {}
-	std::string getHostname() { return mHostname; }
+    LLCertValidationHostnameException(std::string hostname,
+                                      const LLSD& cert_data) : LLCertException(cert_data, "CertInvalidHostname")
+    {
+        mHostname = hostname;
+    }
+    virtual ~LLCertValidationHostnameException() throw() {}
+    std::string getHostname() { return mHostname; }
 protected:
-	std::string mHostname;
+    std::string mHostname;
 };
 
 class LLCertValidationExpirationException : public LLCertException
 {
 public:
-	LLCertValidationExpirationException(const LLSD& cert_data,
-										LLDate current_time) : LLCertException(cert_data, "CertExpired")
-	{
-		mTime = current_time;
-	}
-	virtual ~LLCertValidationExpirationException() throw() {}
-	LLDate GetTime() { return mTime; }
+    LLCertValidationExpirationException(const LLSD& cert_data,
+                                        LLDate current_time) : LLCertException(cert_data, "CertExpired")
+    {
+        mTime = current_time;
+    }
+    virtual ~LLCertValidationExpirationException() throw() {}
+    LLDate GetTime() { return mTime; }
 protected:
-	LLDate mTime;
+    LLDate mTime;
 };
 
 class LLCertKeyUsageValidationException : public LLCertException
 {
 public:
-	LLCertKeyUsageValidationException(const LLSD& cert_data) : LLCertException(cert_data, "CertKeyUsage")
-	{
-	}
-	virtual ~LLCertKeyUsageValidationException() throw() {}
+    LLCertKeyUsageValidationException(const LLSD& cert_data) : LLCertException(cert_data, "CertKeyUsage")
+    {
+    }
+    virtual ~LLCertKeyUsageValidationException() throw() {}
 protected:
 };
 
 class LLCertBasicConstraintsValidationException : public LLCertException
 {
 public:
-	LLCertBasicConstraintsValidationException(const LLSD& cert_data) : LLCertException(cert_data, "CertBasicConstraints")
-	{
-	}
-	virtual ~LLCertBasicConstraintsValidationException() throw() {}
+    LLCertBasicConstraintsValidationException(const LLSD& cert_data) : LLCertException(cert_data, "CertBasicConstraints")
+    {
+    }
+    virtual ~LLCertBasicConstraintsValidationException() throw() {}
 protected:
 };
 
 class LLCertValidationInvalidSignatureException : public LLCertException
 {
 public:
-	LLCertValidationInvalidSignatureException(const LLSD& cert_data) : LLCertException(cert_data, "CertInvalidSignature")
-	{
-	}
-	virtual ~LLCertValidationInvalidSignatureException() throw() {}
+    LLCertValidationInvalidSignatureException(const LLSD& cert_data) : LLCertException(cert_data, "CertInvalidSignature")
+    {
+    }
+    virtual ~LLCertValidationInvalidSignatureException() throw() {}
 protected:
 };
 
@@ -437,115 +437,115 @@ protected:
 class LLSecAPIHandler : public LLThreadSafeRefCount
 {
 public:
-	
-	
-	LLSecAPIHandler() {}
-	virtual ~LLSecAPIHandler() {}
-	
-	// initialize the SecAPIHandler
-	virtual void init() {};
-	
-	// instantiate a certificate from a pem string
-	virtual LLPointer<LLCertificate> getCertificate(const std::string& pem_cert)=0;
-	
-	
-	
-	// instiate a certificate from an openssl X509 structure
-	virtual LLPointer<LLCertificate> getCertificate(X509* openssl_cert)=0;
-	
-	// instantiate a chain from an X509_STORE_CTX
-	virtual LLPointer<LLCertificateChain> getCertificateChain(X509_STORE_CTX* chain)=0;
-	
-	// instantiate a cert store given it's id.  if a persisted version
-	// exists, it'll be loaded.  If not, one will be created (but not
-	// persisted)
-	virtual LLPointer<LLCertificateStore> getCertificateStore(const std::string& store_id)=0;
-	
-	// persist data in a protected store
-	virtual void setProtectedData(const std::string& data_type,
-								  const std::string& data_id,
-								  const LLSD& data)=0;
-	
-	// retrieve protected data
-	virtual LLSD getProtectedData(const std::string& data_type,
-								  const std::string& data_id)=0;
-	
-	// delete a protected data item from the store
-	virtual void deleteProtectedData(const std::string& data_type,
-									 const std::string& data_id)=0;
-
-	// persist data in a protected store's map
-	virtual void addToProtectedMap(const std::string& data_type,
-								   const std::string& data_id,
-								   const std::string& map_elem,
-								   const LLSD& data)=0;
-
-	// remove data from protected store's map
-	virtual void removeFromProtectedMap(const std::string& data_type,
-										const std::string& data_id,
-										const std::string& map_elem)=0;
-
-	// ensure protected store's map is written to storage
-	virtual void syncProtectedMap() = 0;
+
+
+    LLSecAPIHandler() {}
+    virtual ~LLSecAPIHandler() {}
+
+    // initialize the SecAPIHandler
+    virtual void init() {};
+
+    // instantiate a certificate from a pem string
+    virtual LLPointer<LLCertificate> getCertificate(const std::string& pem_cert)=0;
+
+
+
+    // instiate a certificate from an openssl X509 structure
+    virtual LLPointer<LLCertificate> getCertificate(X509* openssl_cert)=0;
+
+    // instantiate a chain from an X509_STORE_CTX
+    virtual LLPointer<LLCertificateChain> getCertificateChain(X509_STORE_CTX* chain)=0;
+
+    // instantiate a cert store given it's id.  if a persisted version
+    // exists, it'll be loaded.  If not, one will be created (but not
+    // persisted)
+    virtual LLPointer<LLCertificateStore> getCertificateStore(const std::string& store_id)=0;
+
+    // persist data in a protected store
+    virtual void setProtectedData(const std::string& data_type,
+                                  const std::string& data_id,
+                                  const LLSD& data)=0;
+
+    // retrieve protected data
+    virtual LLSD getProtectedData(const std::string& data_type,
+                                  const std::string& data_id)=0;
+
+    // delete a protected data item from the store
+    virtual void deleteProtectedData(const std::string& data_type,
+                                     const std::string& data_id)=0;
+
+    // persist data in a protected store's map
+    virtual void addToProtectedMap(const std::string& data_type,
+                                   const std::string& data_id,
+                                   const std::string& map_elem,
+                                   const LLSD& data)=0;
+
+    // remove data from protected store's map
+    virtual void removeFromProtectedMap(const std::string& data_type,
+                                        const std::string& data_id,
+                                        const std::string& map_elem)=0;
+
+    // ensure protected store's map is written to storage
+    virtual void syncProtectedMap() = 0;
 
 public:
-	virtual LLPointer<LLCredential> createCredential(const std::string& grid,
-													 const LLSD& identifier, 
-													 const LLSD& authenticator)=0;
-	
-	virtual LLPointer<LLCredential> loadCredential(const std::string& grid)=0;
-	
-	virtual void saveCredential(LLPointer<LLCredential> cred, bool save_authenticator)=0;
-	
-	virtual void deleteCredential(LLPointer<LLCredential> cred)=0;
-
-	// has map of credentials declared as specific storage
-	virtual bool hasCredentialMap(const std::string& storage,
-								  const std::string& grid)=0;
-
-	// returns true if map is empty or does not exist
-	virtual bool emptyCredentialMap(const std::string& storage,
-									const std::string& grid)=0;
-
-	// load map of credentials from specific storage
-	typedef std::map<std::string, LLPointer<LLCredential> > credential_map_t;
-	virtual void loadCredentialMap(const std::string& storage,
-								   const std::string& grid,
-								   credential_map_t& credential_map)=0;
-
-	// load single username from map of credentials from specific storage
-	virtual LLPointer<LLCredential> loadFromCredentialMap(const std::string& storage,
-														  const std::string& grid,
-														  const std::string& userid)=0;
-
-	// add item to map of credentials from specific storage
-	virtual void addToCredentialMap(const std::string& storage,
-									LLPointer<LLCredential> cred,
-									bool save_authenticator)=0;
-
-	// remove item from map of credentials from specific storage
-	virtual void removeFromCredentialMap(const std::string& storage,
-										 LLPointer<LLCredential> cred)=0;
-
-	// remove item from map of credentials from specific storage
-	virtual void removeFromCredentialMap(const std::string& storage,
-										 const std::string& grid,
-										 const std::string& userid)=0;
-
-	virtual void removeCredentialMap(const std::string& storage,
-									 const std::string& grid)=0;
-	
+    virtual LLPointer<LLCredential> createCredential(const std::string& grid,
+                                                     const LLSD& identifier,
+                                                     const LLSD& authenticator)=0;
+
+    virtual LLPointer<LLCredential> loadCredential(const std::string& grid)=0;
+
+    virtual void saveCredential(LLPointer<LLCredential> cred, bool save_authenticator)=0;
+
+    virtual void deleteCredential(LLPointer<LLCredential> cred)=0;
+
+    // has map of credentials declared as specific storage
+    virtual bool hasCredentialMap(const std::string& storage,
+                                  const std::string& grid)=0;
+
+    // returns true if map is empty or does not exist
+    virtual bool emptyCredentialMap(const std::string& storage,
+                                    const std::string& grid)=0;
+
+    // load map of credentials from specific storage
+    typedef std::map<std::string, LLPointer<LLCredential> > credential_map_t;
+    virtual void loadCredentialMap(const std::string& storage,
+                                   const std::string& grid,
+                                   credential_map_t& credential_map)=0;
+
+    // load single username from map of credentials from specific storage
+    virtual LLPointer<LLCredential> loadFromCredentialMap(const std::string& storage,
+                                                          const std::string& grid,
+                                                          const std::string& userid)=0;
+
+    // add item to map of credentials from specific storage
+    virtual void addToCredentialMap(const std::string& storage,
+                                    LLPointer<LLCredential> cred,
+                                    bool save_authenticator)=0;
+
+    // remove item from map of credentials from specific storage
+    virtual void removeFromCredentialMap(const std::string& storage,
+                                         LLPointer<LLCredential> cred)=0;
+
+    // remove item from map of credentials from specific storage
+    virtual void removeFromCredentialMap(const std::string& storage,
+                                         const std::string& grid,
+                                         const std::string& userid)=0;
+
+    virtual void removeCredentialMap(const std::string& storage,
+                                     const std::string& grid)=0;
+
 };
 
 void initializeSecHandler();
 
 void clearSecHandler();
-				
+
 // retrieve a security api depending on the api type
 LLPointer<LLSecAPIHandler> getSecHandler(const std::string& handler_type);
 
-void registerSecHandler(const std::string& handler_type, 
-						LLPointer<LLSecAPIHandler>& handler);
+void registerSecHandler(const std::string& handler_type,
+                        LLPointer<LLSecAPIHandler>& handler);
 
 extern LLPointer<LLSecAPIHandler> gSecAPIHandler;