зеркало из https://github.com/mozilla/gecko-dev.git
Rename all internal private softoken functions types and symbols from
PK11 or pk11 prefixes to SFTK or sftk prefixes. Bug 286685. r=relyea,wtchang Modified Files: cmd/bltest/blapitest.c lib/pk11wrap/pk11pars.c lib/softoken/dbinit.c lib/softoken/dbmshim.c lib/softoken/fipstest.c lib/softoken/fipstokn.c lib/softoken/pcertdb.c lib/softoken/pk11db.c lib/softoken/pk11pars.h lib/softoken/pkcs11.c lib/softoken/pkcs11c.c lib/softoken/pkcs11i.h lib/softoken/pkcs11u.c lib/softoken/softoken.h lib/softoken/tlsprf.c
This commit is contained in:
Родитель
2028a434ec
Коммит
c03b9d33fe
|
@ -2818,7 +2818,7 @@ int main(int argc, char **argv)
|
|||
|
||||
/* Do FIPS self-test */
|
||||
if (bltest.commands[cmd_FIPS].activated) {
|
||||
CK_RV ckrv = pk11_fipsPowerUpSelfTest();
|
||||
CK_RV ckrv = sftk_fipsPowerUpSelfTest();
|
||||
fprintf(stdout, "CK_RV: %ld.\n", ckrv);
|
||||
return 0;
|
||||
}
|
||||
|
|
|
@ -128,26 +128,26 @@ SECMOD_CreateModule(const char *library, const char *moduleName,
|
|||
if (parameters) {
|
||||
mod->libraryParams = PORT_ArenaStrdup(mod->arena,parameters);
|
||||
}
|
||||
mod->internal = pk11_argHasFlag("flags","internal",nssc);
|
||||
mod->isFIPS = pk11_argHasFlag("flags","FIPS",nssc);
|
||||
mod->isCritical = pk11_argHasFlag("flags","critical",nssc);
|
||||
slotParams = pk11_argGetParamValue("slotParams",nssc);
|
||||
mod->slotInfo = pk11_argParseSlotInfo(mod->arena,slotParams,
|
||||
mod->internal = sftk_argHasFlag("flags","internal",nssc);
|
||||
mod->isFIPS = sftk_argHasFlag("flags","FIPS",nssc);
|
||||
mod->isCritical = sftk_argHasFlag("flags","critical",nssc);
|
||||
slotParams = sftk_argGetParamValue("slotParams",nssc);
|
||||
mod->slotInfo = sftk_argParseSlotInfo(mod->arena,slotParams,
|
||||
&mod->slotInfoCount);
|
||||
if (slotParams) PORT_Free(slotParams);
|
||||
/* new field */
|
||||
mod->trustOrder = pk11_argReadLong("trustOrder",nssc,
|
||||
PK11_DEFAULT_TRUST_ORDER,NULL);
|
||||
mod->trustOrder = sftk_argReadLong("trustOrder",nssc,
|
||||
SFTK_DEFAULT_TRUST_ORDER,NULL);
|
||||
/* new field */
|
||||
mod->cipherOrder = pk11_argReadLong("cipherOrder",nssc,
|
||||
PK11_DEFAULT_CIPHER_ORDER,NULL);
|
||||
mod->cipherOrder = sftk_argReadLong("cipherOrder",nssc,
|
||||
SFTK_DEFAULT_CIPHER_ORDER,NULL);
|
||||
/* new field */
|
||||
mod->isModuleDB = pk11_argHasFlag("flags","moduleDB",nssc);
|
||||
mod->moduleDBOnly = pk11_argHasFlag("flags","moduleDBOnly",nssc);
|
||||
mod->isModuleDB = sftk_argHasFlag("flags","moduleDB",nssc);
|
||||
mod->moduleDBOnly = sftk_argHasFlag("flags","moduleDBOnly",nssc);
|
||||
if (mod->moduleDBOnly) mod->isModuleDB = PR_TRUE;
|
||||
|
||||
ciphers = pk11_argGetParamValue("ciphers",nssc);
|
||||
pk11_argSetNewCipherFlags(&mod->ssl[0],ciphers);
|
||||
ciphers = sftk_argGetParamValue("ciphers",nssc);
|
||||
sftk_argSetNewCipherFlags(&mod->ssl[0],ciphers);
|
||||
if (ciphers) PORT_Free(ciphers);
|
||||
|
||||
secmod_PrivateModuleCount++;
|
||||
|
@ -156,7 +156,7 @@ SECMOD_CreateModule(const char *library, const char *moduleName,
|
|||
}
|
||||
|
||||
static char *
|
||||
pk11_mkModuleSpec(SECMODModule * module)
|
||||
secmod_mkModuleSpec(SECMODModule * module)
|
||||
{
|
||||
char *nss = NULL, *modSpec = NULL, **slotStrings = NULL;
|
||||
int slotCount, i, si;
|
||||
|
@ -189,7 +189,7 @@ pk11_mkModuleSpec(SECMODModule * module)
|
|||
if (module->slots[i]->defaultFlags) {
|
||||
PORT_Assert(si < slotCount);
|
||||
if (si >= slotCount) break;
|
||||
slotStrings[si] = pk11_mkSlotString(module->slots[i]->slotID,
|
||||
slotStrings[si] = sftk_mkSlotString(module->slots[i]->slotID,
|
||||
module->slots[i]->defaultFlags,
|
||||
module->slots[i]->timeout,
|
||||
module->slots[i]->askpw,
|
||||
|
@ -200,7 +200,7 @@ pk11_mkModuleSpec(SECMODModule * module)
|
|||
}
|
||||
} else {
|
||||
for (i=0; i < slotCount; i++) {
|
||||
slotStrings[i] = pk11_mkSlotString(module->slotInfo[i].slotID,
|
||||
slotStrings[i] = sftk_mkSlotString(module->slotInfo[i].slotID,
|
||||
module->slotInfo[i].defaultFlags,
|
||||
module->slotInfo[i].timeout,
|
||||
module->slotInfo[i].askpw,
|
||||
|
@ -210,10 +210,10 @@ pk11_mkModuleSpec(SECMODModule * module)
|
|||
}
|
||||
|
||||
SECMOD_ReleaseReadLock(moduleLock);
|
||||
nss = pk11_mkNSS(slotStrings,slotCount,module->internal, module->isFIPS,
|
||||
nss = sftk_mkNSS(slotStrings,slotCount,module->internal, module->isFIPS,
|
||||
module->isModuleDB, module->moduleDBOnly, module->isCritical,
|
||||
module->trustOrder,module->cipherOrder,module->ssl[0],module->ssl[1]);
|
||||
modSpec= pk11_mkNewModuleSpec(module->dllName,module->commonName,
|
||||
modSpec= sftk_mkNewModuleSpec(module->dllName,module->commonName,
|
||||
module->libraryParams,nss);
|
||||
PORT_Free(slotStrings);
|
||||
PR_smprintf_free(nss);
|
||||
|
@ -244,7 +244,7 @@ SECMOD_AddPermDB(SECMODModule *module)
|
|||
|
||||
func = (SECMODModuleDBFunc) module->parent->moduleDBFunc;
|
||||
if (func) {
|
||||
moduleSpec = pk11_mkModuleSpec(module);
|
||||
moduleSpec = secmod_mkModuleSpec(module);
|
||||
retString = (*func)(SECMOD_MODULE_DB_FUNCTION_ADD,
|
||||
module->parent->libraryParams,moduleSpec);
|
||||
PORT_Free(moduleSpec);
|
||||
|
@ -264,7 +264,7 @@ SECMOD_DeletePermDB(SECMODModule *module)
|
|||
|
||||
func = (SECMODModuleDBFunc) module->parent->moduleDBFunc;
|
||||
if (func) {
|
||||
moduleSpec = pk11_mkModuleSpec(module);
|
||||
moduleSpec = secmod_mkModuleSpec(module);
|
||||
retString = (*func)(SECMOD_MODULE_DB_FUNCTION_DEL,
|
||||
module->parent->libraryParams,moduleSpec);
|
||||
PORT_Free(moduleSpec);
|
||||
|
@ -300,7 +300,7 @@ SECMOD_LoadModule(char *modulespec,SECMODModule *parent, PRBool recurse)
|
|||
/* initialize the underlying module structures */
|
||||
SECMOD_Init();
|
||||
|
||||
status = pk11_argParseModuleSpec(modulespec, &library, &moduleName,
|
||||
status = sftk_argParseModuleSpec(modulespec, &library, &moduleName,
|
||||
¶meters, &nss);
|
||||
if (status != SECSuccess) {
|
||||
goto loser;
|
||||
|
|
|
@ -36,7 +36,7 @@
|
|||
* the terms of any one of the MPL, the GPL or the LGPL.
|
||||
*
|
||||
* ***** END LICENSE BLOCK ***** */
|
||||
/* $Id: dbinit.c,v 1.24 2005/01/04 18:20:00 wtchang%redhat.com Exp $ */
|
||||
/* $Id: dbinit.c,v 1.25 2005/03/29 18:21:18 nelsonb%netscape.com Exp $ */
|
||||
|
||||
#include <ctype.h>
|
||||
#include "seccomon.h"
|
||||
|
@ -50,7 +50,7 @@
|
|||
#include "pkcs11i.h"
|
||||
|
||||
static char *
|
||||
pk11_certdb_name_cb(void *arg, int dbVersion)
|
||||
sftk_certdb_name_cb(void *arg, int dbVersion)
|
||||
{
|
||||
const char *configdir = (const char *)arg;
|
||||
const char *dbver;
|
||||
|
@ -87,7 +87,7 @@ pk11_certdb_name_cb(void *arg, int dbVersion)
|
|||
}
|
||||
|
||||
static char *
|
||||
pk11_keydb_name_cb(void *arg, int dbVersion)
|
||||
sftk_keydb_name_cb(void *arg, int dbVersion)
|
||||
{
|
||||
const char *configdir = (const char *)arg;
|
||||
const char *dbver;
|
||||
|
@ -119,7 +119,7 @@ pk11_keydb_name_cb(void *arg, int dbVersion)
|
|||
}
|
||||
|
||||
const char *
|
||||
pk11_EvaluateConfigDir(const char *configdir,char **appName)
|
||||
sftk_EvaluateConfigDir(const char *configdir,char **appName)
|
||||
{
|
||||
if (PORT_Strncmp(configdir, MULTIACCESS, sizeof(MULTIACCESS)-1) == 0) {
|
||||
char *cdir;
|
||||
|
@ -142,7 +142,7 @@ pk11_EvaluateConfigDir(const char *configdir,char **appName)
|
|||
}
|
||||
|
||||
static CK_RV
|
||||
pk11_OpenCertDB(const char * configdir, const char *prefix, PRBool readOnly,
|
||||
sftk_OpenCertDB(const char * configdir, const char *prefix, PRBool readOnly,
|
||||
NSSLOWCERTCertDBHandle **certdbPtr)
|
||||
{
|
||||
NSSLOWCERTCertDBHandle *certdb = NULL;
|
||||
|
@ -155,7 +155,7 @@ pk11_OpenCertDB(const char * configdir, const char *prefix, PRBool readOnly,
|
|||
prefix = "";
|
||||
}
|
||||
|
||||
configdir = pk11_EvaluateConfigDir(configdir, &appName);
|
||||
configdir = sftk_EvaluateConfigDir(configdir, &appName);
|
||||
|
||||
name = PR_smprintf("%s" PATH_SEPARATOR "%s",configdir,prefix);
|
||||
if (name == NULL) goto loser;
|
||||
|
@ -166,7 +166,7 @@ pk11_OpenCertDB(const char * configdir, const char *prefix, PRBool readOnly,
|
|||
|
||||
/* fix when we get the DB in */
|
||||
rv = nsslowcert_OpenCertDB(certdb, readOnly, appName, prefix,
|
||||
pk11_certdb_name_cb, (void *)name, PR_FALSE);
|
||||
sftk_certdb_name_cb, (void *)name, PR_FALSE);
|
||||
if (rv == SECSuccess) {
|
||||
crv = CKR_OK;
|
||||
*certdbPtr = certdb;
|
||||
|
@ -180,7 +180,7 @@ loser:
|
|||
}
|
||||
|
||||
static CK_RV
|
||||
pk11_OpenKeyDB(const char * configdir, const char *prefix, PRBool readOnly,
|
||||
sftk_OpenKeyDB(const char * configdir, const char *prefix, PRBool readOnly,
|
||||
NSSLOWKEYDBHandle **keydbPtr)
|
||||
{
|
||||
NSSLOWKEYDBHandle *keydb;
|
||||
|
@ -190,13 +190,13 @@ pk11_OpenKeyDB(const char * configdir, const char *prefix, PRBool readOnly,
|
|||
if (prefix == NULL) {
|
||||
prefix = "";
|
||||
}
|
||||
configdir = pk11_EvaluateConfigDir(configdir, &appName);
|
||||
configdir = sftk_EvaluateConfigDir(configdir, &appName);
|
||||
|
||||
name = PR_smprintf("%s" PATH_SEPARATOR "%s",configdir,prefix);
|
||||
if (name == NULL)
|
||||
return CKR_HOST_MEMORY;
|
||||
keydb = nsslowkey_OpenKeyDB(readOnly, appName, prefix,
|
||||
pk11_keydb_name_cb, (void *)name);
|
||||
sftk_keydb_name_cb, (void *)name);
|
||||
PR_smprintf_free(name);
|
||||
if (appName) PORT_Free(appName);
|
||||
if (keydb == NULL)
|
||||
|
@ -225,7 +225,7 @@ pk11_OpenKeyDB(const char * configdir, const char *prefix, PRBool readOnly,
|
|||
* be opened.
|
||||
*/
|
||||
CK_RV
|
||||
pk11_DBInit(const char *configdir, const char *certPrefix,
|
||||
sftk_DBInit(const char *configdir, const char *certPrefix,
|
||||
const char *keyPrefix, PRBool readOnly,
|
||||
PRBool noCertDB, PRBool noKeyDB, PRBool forceOpen,
|
||||
NSSLOWCERTCertDBHandle **certdbPtr, NSSLOWKEYDBHandle **keydbPtr)
|
||||
|
@ -234,7 +234,7 @@ pk11_DBInit(const char *configdir, const char *certPrefix,
|
|||
|
||||
|
||||
if (!noCertDB) {
|
||||
crv = pk11_OpenCertDB(configdir, certPrefix, readOnly, certdbPtr);
|
||||
crv = sftk_OpenCertDB(configdir, certPrefix, readOnly, certdbPtr);
|
||||
if (crv != CKR_OK) {
|
||||
if (!forceOpen) goto loser;
|
||||
crv = CKR_OK;
|
||||
|
@ -242,7 +242,7 @@ pk11_DBInit(const char *configdir, const char *certPrefix,
|
|||
}
|
||||
if (!noKeyDB) {
|
||||
|
||||
crv = pk11_OpenKeyDB(configdir, keyPrefix, readOnly, keydbPtr);
|
||||
crv = sftk_OpenKeyDB(configdir, keyPrefix, readOnly, keydbPtr);
|
||||
if (crv != CKR_OK) {
|
||||
if (!forceOpen) goto loser;
|
||||
crv = CKR_OK;
|
||||
|
@ -256,7 +256,7 @@ loser:
|
|||
|
||||
|
||||
void
|
||||
pk11_DBShutdown(NSSLOWCERTCertDBHandle *certHandle,
|
||||
sftk_DBShutdown(NSSLOWCERTCertDBHandle *certHandle,
|
||||
NSSLOWKEYDBHandle *keyHandle)
|
||||
{
|
||||
if (certHandle) {
|
||||
|
@ -270,8 +270,8 @@ pk11_DBShutdown(NSSLOWCERTCertDBHandle *certHandle,
|
|||
}
|
||||
|
||||
static int rdbmapflags(int flags);
|
||||
static rdbfunc pk11_rdbfunc = NULL;
|
||||
static rdbstatusfunc pk11_rdbstatusfunc = NULL;
|
||||
static rdbfunc sftk_rdbfunc = NULL;
|
||||
static rdbstatusfunc sftk_rdbstatusfunc = NULL;
|
||||
|
||||
/* NOTE: SHLIB_SUFFIX is defined on the command line */
|
||||
#define RDBLIB SHLIB_PREFIX"rdb."SHLIB_SUFFIX
|
||||
|
@ -282,10 +282,10 @@ DB * rdbopen(const char *appName, const char *prefix,
|
|||
PRLibrary *lib;
|
||||
DB *db;
|
||||
|
||||
if (pk11_rdbfunc) {
|
||||
db = (*pk11_rdbfunc)(appName,prefix,type,rdbmapflags(flags));
|
||||
if (!db && status && pk11_rdbstatusfunc) {
|
||||
*status = (*pk11_rdbstatusfunc)();
|
||||
if (sftk_rdbfunc) {
|
||||
db = (*sftk_rdbfunc)(appName,prefix,type,rdbmapflags(flags));
|
||||
if (!db && status && sftk_rdbstatusfunc) {
|
||||
*status = (*sftk_rdbstatusfunc)();
|
||||
}
|
||||
return db;
|
||||
}
|
||||
|
@ -300,12 +300,12 @@ DB * rdbopen(const char *appName, const char *prefix,
|
|||
}
|
||||
|
||||
/* get the entry points */
|
||||
pk11_rdbstatusfunc = (rdbstatusfunc) PR_FindSymbol(lib,"rdbstatus");
|
||||
pk11_rdbfunc = (rdbfunc) PR_FindSymbol(lib,"rdbopen");
|
||||
if (pk11_rdbfunc) {
|
||||
db = (*pk11_rdbfunc)(appName,prefix,type,rdbmapflags(flags));
|
||||
if (!db && status && pk11_rdbstatusfunc) {
|
||||
*status = (*pk11_rdbstatusfunc)();
|
||||
sftk_rdbstatusfunc = (rdbstatusfunc) PR_FindSymbol(lib,"rdbstatus");
|
||||
sftk_rdbfunc = (rdbfunc) PR_FindSymbol(lib,"rdbopen");
|
||||
if (sftk_rdbfunc) {
|
||||
db = (*sftk_rdbfunc)(appName,prefix,type,rdbmapflags(flags));
|
||||
if (!db && status && sftk_rdbstatusfunc) {
|
||||
*status = (*sftk_rdbstatusfunc)();
|
||||
}
|
||||
return db;
|
||||
}
|
||||
|
@ -385,7 +385,7 @@ db_InitComplete(DB *db)
|
|||
/* we should have addes a version number to the RDBS structure. Since we
|
||||
* didn't, we detect that we have and 'extended' structure if the rdbstatus
|
||||
* func exists */
|
||||
if (!pk11_rdbstatusfunc) {
|
||||
if (!sftk_rdbstatusfunc) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
|
|
@ -37,7 +37,7 @@
|
|||
/*
|
||||
* Berkeley DB 1.85 Shim code to handle blobs.
|
||||
*
|
||||
* $Id: dbmshim.c,v 1.10 2004/04/25 15:03:16 gerv%gerv.net Exp $
|
||||
* $Id: dbmshim.c,v 1.11 2005/03/29 18:21:18 nelsonb%netscape.com Exp $
|
||||
*/
|
||||
#include "mcom_db.h"
|
||||
#include "secitem.h"
|
||||
|
@ -45,7 +45,7 @@
|
|||
#include "prprf.h"
|
||||
#include "cdbhdl.h"
|
||||
|
||||
/* Call to PK11_FreeSlot below */
|
||||
/* Call to SFTK_FreeSlot below */
|
||||
|
||||
#include "pcertt.h"
|
||||
#include "secasn1.h"
|
||||
|
|
|
@ -36,7 +36,7 @@
|
|||
* the terms of any one of the MPL, the GPL or the LGPL.
|
||||
*
|
||||
* ***** END LICENSE BLOCK ***** */
|
||||
/* $Id: fipstest.c,v 1.7 2004/04/27 23:04:38 gerv%gerv.net Exp $ */
|
||||
/* $Id: fipstest.c,v 1.8 2005/03/29 18:21:18 nelsonb%netscape.com Exp $ */
|
||||
|
||||
#include "softoken.h" /* Required for RC2-ECB, RC2-CBC, RC4, DES-ECB, */
|
||||
/* DES-CBC, DES3-ECB, DES3-CBC, RSA */
|
||||
|
@ -107,7 +107,7 @@
|
|||
#define FIPS_DSA_BASE_LENGTH 64 /* 512-bits */
|
||||
|
||||
static CK_RV
|
||||
pk11_fips_RC2_PowerUpSelfTest( void )
|
||||
sftk_fips_RC2_PowerUpSelfTest( void )
|
||||
{
|
||||
/* RC2 Known Key (40-bits). */
|
||||
static const PRUint8 rc2_known_key[] = { "RSARC" };
|
||||
|
@ -238,7 +238,7 @@ pk11_fips_RC2_PowerUpSelfTest( void )
|
|||
|
||||
|
||||
static CK_RV
|
||||
pk11_fips_RC4_PowerUpSelfTest( void )
|
||||
sftk_fips_RC4_PowerUpSelfTest( void )
|
||||
{
|
||||
/* RC4 Known Key (40-bits). */
|
||||
static const PRUint8 rc4_known_key[] = { "RSARC" };
|
||||
|
@ -307,7 +307,7 @@ pk11_fips_RC4_PowerUpSelfTest( void )
|
|||
|
||||
|
||||
static CK_RV
|
||||
pk11_fips_DES_PowerUpSelfTest( void )
|
||||
sftk_fips_DES_PowerUpSelfTest( void )
|
||||
{
|
||||
/* DES Known Key (56-bits). */
|
||||
static const PRUint8 des_known_key[] = { "ANSI DES" };
|
||||
|
@ -434,7 +434,7 @@ pk11_fips_DES_PowerUpSelfTest( void )
|
|||
|
||||
|
||||
static CK_RV
|
||||
pk11_fips_DES3_PowerUpSelfTest( void )
|
||||
sftk_fips_DES3_PowerUpSelfTest( void )
|
||||
{
|
||||
/* DES3 Known Key (56-bits). */
|
||||
static const PRUint8 des3_known_key[] = { "ANSI Triple-DES Key Data" };
|
||||
|
@ -563,7 +563,7 @@ pk11_fips_DES3_PowerUpSelfTest( void )
|
|||
|
||||
|
||||
static CK_RV
|
||||
pk11_fips_MD2_PowerUpSelfTest( void )
|
||||
sftk_fips_MD2_PowerUpSelfTest( void )
|
||||
{
|
||||
/* MD2 Known Hash Message (512-bits). */
|
||||
static const PRUint8 md2_known_hash_message[] = {
|
||||
|
@ -608,7 +608,7 @@ pk11_fips_MD2_PowerUpSelfTest( void )
|
|||
|
||||
|
||||
static CK_RV
|
||||
pk11_fips_MD5_PowerUpSelfTest( void )
|
||||
sftk_fips_MD5_PowerUpSelfTest( void )
|
||||
{
|
||||
/* MD5 Known Hash Message (512-bits). */
|
||||
static const PRUint8 md5_known_hash_message[] = {
|
||||
|
@ -641,7 +641,7 @@ pk11_fips_MD5_PowerUpSelfTest( void )
|
|||
|
||||
|
||||
static CK_RV
|
||||
pk11_fips_SHA1_PowerUpSelfTest( void )
|
||||
sftk_fips_SHA1_PowerUpSelfTest( void )
|
||||
{
|
||||
/* SHA-1 Known Hash Message (512-bits). */
|
||||
static const PRUint8 sha1_known_hash_message[] = {
|
||||
|
@ -675,7 +675,7 @@ pk11_fips_SHA1_PowerUpSelfTest( void )
|
|||
|
||||
|
||||
static CK_RV
|
||||
pk11_fips_RSA_PowerUpSelfTest( void )
|
||||
sftk_fips_RSA_PowerUpSelfTest( void )
|
||||
{
|
||||
/* RSA Known Modulus used in both Public/Private Key Values (520-bits). */
|
||||
static const PRUint8 rsa_modulus[FIPS_RSA_MODULUS_LENGTH] = {
|
||||
|
@ -913,7 +913,7 @@ rsa_loser:
|
|||
|
||||
|
||||
static CK_RV
|
||||
pk11_fips_DSA_PowerUpSelfTest( void )
|
||||
sftk_fips_DSA_PowerUpSelfTest( void )
|
||||
{
|
||||
/* DSA Known P (512-bits), Q (160-bits), and G (512-bits) Values. */
|
||||
static const PRUint8 dsa_P[] = {
|
||||
|
@ -1032,60 +1032,60 @@ pk11_fips_DSA_PowerUpSelfTest( void )
|
|||
|
||||
|
||||
CK_RV
|
||||
pk11_fipsPowerUpSelfTest( void )
|
||||
sftk_fipsPowerUpSelfTest( void )
|
||||
{
|
||||
CK_RV rv;
|
||||
|
||||
/* RC2 Power-Up SelfTest(s). */
|
||||
rv = pk11_fips_RC2_PowerUpSelfTest();
|
||||
rv = sftk_fips_RC2_PowerUpSelfTest();
|
||||
|
||||
if( rv != CKR_OK )
|
||||
return rv;
|
||||
|
||||
/* RC4 Power-Up SelfTest(s). */
|
||||
rv = pk11_fips_RC4_PowerUpSelfTest();
|
||||
rv = sftk_fips_RC4_PowerUpSelfTest();
|
||||
|
||||
if( rv != CKR_OK )
|
||||
return rv;
|
||||
|
||||
/* DES Power-Up SelfTest(s). */
|
||||
rv = pk11_fips_DES_PowerUpSelfTest();
|
||||
rv = sftk_fips_DES_PowerUpSelfTest();
|
||||
|
||||
if( rv != CKR_OK )
|
||||
return rv;
|
||||
|
||||
/* DES3 Power-Up SelfTest(s). */
|
||||
rv = pk11_fips_DES3_PowerUpSelfTest();
|
||||
rv = sftk_fips_DES3_PowerUpSelfTest();
|
||||
|
||||
if( rv != CKR_OK )
|
||||
return rv;
|
||||
|
||||
/* MD2 Power-Up SelfTest(s). */
|
||||
rv = pk11_fips_MD2_PowerUpSelfTest();
|
||||
rv = sftk_fips_MD2_PowerUpSelfTest();
|
||||
|
||||
if( rv != CKR_OK )
|
||||
return rv;
|
||||
|
||||
/* MD5 Power-Up SelfTest(s). */
|
||||
rv = pk11_fips_MD5_PowerUpSelfTest();
|
||||
rv = sftk_fips_MD5_PowerUpSelfTest();
|
||||
|
||||
if( rv != CKR_OK )
|
||||
return rv;
|
||||
|
||||
/* SHA-1 Power-Up SelfTest(s). */
|
||||
rv = pk11_fips_SHA1_PowerUpSelfTest();
|
||||
rv = sftk_fips_SHA1_PowerUpSelfTest();
|
||||
|
||||
if( rv != CKR_OK )
|
||||
return rv;
|
||||
|
||||
/* RSA Power-Up SelfTest(s). */
|
||||
rv = pk11_fips_RSA_PowerUpSelfTest();
|
||||
rv = sftk_fips_RSA_PowerUpSelfTest();
|
||||
|
||||
if( rv != CKR_OK )
|
||||
return rv;
|
||||
|
||||
/* DSA Power-Up SelfTest(s). */
|
||||
rv = pk11_fips_DSA_PowerUpSelfTest();
|
||||
rv = sftk_fips_DSA_PowerUpSelfTest();
|
||||
|
||||
if( rv != CKR_OK )
|
||||
return rv;
|
||||
|
|
|
@ -64,7 +64,7 @@ static PRBool isLoggedIn = PR_FALSE;
|
|||
static PRBool fatalError = PR_FALSE;
|
||||
|
||||
/* Fips required checks before any useful crypto graphic services */
|
||||
static CK_RV pk11_fipsCheck(void) {
|
||||
static CK_RV sftk_fipsCheck(void) {
|
||||
if (isLoggedIn != PR_TRUE)
|
||||
return CKR_USER_NOT_LOGGED_IN;
|
||||
if (fatalError)
|
||||
|
@ -73,11 +73,11 @@ static CK_RV pk11_fipsCheck(void) {
|
|||
}
|
||||
|
||||
|
||||
#define PK11_FIPSCHECK() \
|
||||
#define SFTK_FIPSCHECK() \
|
||||
CK_RV rv; \
|
||||
if ((rv = pk11_fipsCheck()) != CKR_OK) return rv;
|
||||
if ((rv = sftk_fipsCheck()) != CKR_OK) return rv;
|
||||
|
||||
#define PK11_FIPSFATALCHECK() \
|
||||
#define SFTK_FIPSFATALCHECK() \
|
||||
if (fatalError) return CKR_DEVICE_ERROR;
|
||||
|
||||
|
||||
|
@ -118,7 +118,7 @@ fc_getAttribute(CK_ATTRIBUTE_PTR pTemplate,
|
|||
#include "pkcs11f.h"
|
||||
|
||||
/* ------------- build the CK_CRYPTO_TABLE ------------------------- */
|
||||
static CK_FUNCTION_LIST pk11_fipsTable = {
|
||||
static CK_FUNCTION_LIST sftk_fipsTable = {
|
||||
{ 1, 10 },
|
||||
|
||||
#undef CK_NEED_ARG_LIST
|
||||
|
@ -149,7 +149,7 @@ fips_login_if_key_object(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject)
|
|||
rv = NSC_GetAttributeValue(hSession, hObject, &class, 1);
|
||||
if (rv == CKR_OK) {
|
||||
if ((objClass == CKO_PRIVATE_KEY) || (objClass == CKO_SECRET_KEY)) {
|
||||
rv = pk11_fipsCheck();
|
||||
rv = sftk_fipsCheck();
|
||||
}
|
||||
}
|
||||
return rv;
|
||||
|
@ -163,7 +163,7 @@ fips_login_if_key_object(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject)
|
|||
**********************************************************************/
|
||||
/* return the function list */
|
||||
CK_RV FC_GetFunctionList(CK_FUNCTION_LIST_PTR *pFunctionList) {
|
||||
*pFunctionList = &pk11_fipsTable;
|
||||
*pFunctionList = &sftk_fipsTable;
|
||||
return CKR_OK;
|
||||
}
|
||||
|
||||
|
@ -180,7 +180,7 @@ CK_RV FC_Initialize(CK_VOID_PTR pReserved) {
|
|||
|
||||
crv = nsc_CommonInitialize(pReserved, PR_TRUE);
|
||||
|
||||
/* not an 'else' rv can be set by either PK11_LowInit or PK11_SlotInit*/
|
||||
/* not an 'else' rv can be set by either SFTK_LowInit or SFTK_SlotInit*/
|
||||
if (crv != CKR_OK) {
|
||||
fatalError = PR_TRUE;
|
||||
return crv;
|
||||
|
@ -188,7 +188,7 @@ CK_RV FC_Initialize(CK_VOID_PTR pReserved) {
|
|||
|
||||
fatalError = PR_FALSE; /* any error has been reset */
|
||||
|
||||
crv = pk11_fipsPowerUpSelfTest();
|
||||
crv = sftk_fipsPowerUpSelfTest();
|
||||
if (crv != CKR_OK) {
|
||||
nsc_CommonFinalize(NULL, PR_TRUE);
|
||||
fatalError = PR_TRUE;
|
||||
|
@ -252,7 +252,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
/*FC_GetMechanismList obtains a list of mechanism types supported by a token.*/
|
||||
CK_RV FC_GetMechanismList(CK_SLOT_ID slotID,
|
||||
CK_MECHANISM_TYPE_PTR pMechanismList, CK_ULONG_PTR pusCount) {
|
||||
PK11_FIPSFATALCHECK();
|
||||
SFTK_FIPSFATALCHECK();
|
||||
if (slotID == FIPS_SLOT_ID) slotID = NETSCAPE_SLOT_ID;
|
||||
/* FIPS Slot supports all functions */
|
||||
return NSC_GetMechanismList(slotID,pMechanismList,pusCount);
|
||||
|
@ -263,7 +263,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
* possibly supported by a token. */
|
||||
CK_RV FC_GetMechanismInfo(CK_SLOT_ID slotID, CK_MECHANISM_TYPE type,
|
||||
CK_MECHANISM_INFO_PTR pInfo) {
|
||||
PK11_FIPSFATALCHECK();
|
||||
SFTK_FIPSFATALCHECK();
|
||||
if (slotID == FIPS_SLOT_ID) slotID = NETSCAPE_SLOT_ID;
|
||||
/* FIPS Slot supports all functions */
|
||||
return NSC_GetMechanismInfo(slotID,type,pInfo);
|
||||
|
@ -289,14 +289,14 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
CK_RV FC_SetPIN(CK_SESSION_HANDLE hSession, CK_CHAR_PTR pOldPin,
|
||||
CK_ULONG usOldLen, CK_CHAR_PTR pNewPin, CK_ULONG usNewLen) {
|
||||
CK_RV rv;
|
||||
if ((rv = pk11_fipsCheck()) != CKR_OK) return rv;
|
||||
if ((rv = sftk_fipsCheck()) != CKR_OK) return rv;
|
||||
return NSC_SetPIN(hSession,pOldPin,usOldLen,pNewPin,usNewLen);
|
||||
}
|
||||
|
||||
/* FC_OpenSession opens a session between an application and a token. */
|
||||
CK_RV FC_OpenSession(CK_SLOT_ID slotID, CK_FLAGS flags,
|
||||
CK_VOID_PTR pApplication,CK_NOTIFY Notify,CK_SESSION_HANDLE_PTR phSession) {
|
||||
PK11_FIPSFATALCHECK();
|
||||
SFTK_FIPSFATALCHECK();
|
||||
return NSC_OpenSession(slotID,flags,pApplication,Notify,phSession);
|
||||
}
|
||||
|
||||
|
@ -317,7 +317,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
CK_RV FC_GetSessionInfo(CK_SESSION_HANDLE hSession,
|
||||
CK_SESSION_INFO_PTR pInfo) {
|
||||
CK_RV rv;
|
||||
PK11_FIPSFATALCHECK();
|
||||
SFTK_FIPSFATALCHECK();
|
||||
|
||||
rv = NSC_GetSessionInfo(hSession,pInfo);
|
||||
if (rv == CKR_OK) {
|
||||
|
@ -335,7 +335,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
CK_RV FC_Login(CK_SESSION_HANDLE hSession, CK_USER_TYPE userType,
|
||||
CK_CHAR_PTR pPin, CK_ULONG usPinLen) {
|
||||
CK_RV rv;
|
||||
PK11_FIPSFATALCHECK();
|
||||
SFTK_FIPSFATALCHECK();
|
||||
rv = NSC_Login(hSession,userType,pPin,usPinLen);
|
||||
if (rv == CKR_OK)
|
||||
isLoggedIn = PR_TRUE;
|
||||
|
@ -344,7 +344,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
isLoggedIn = PR_TRUE;
|
||||
|
||||
/* Provide FIPS PUB 140-1 power-up self-tests on demand. */
|
||||
rv = pk11_fipsPowerUpSelfTest();
|
||||
rv = sftk_fipsPowerUpSelfTest();
|
||||
if (rv == CKR_OK)
|
||||
return CKR_USER_ALREADY_LOGGED_IN;
|
||||
else
|
||||
|
@ -355,7 +355,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
|
||||
/* FC_Logout logs a user out from a token. */
|
||||
CK_RV FC_Logout(CK_SESSION_HANDLE hSession) {
|
||||
PK11_FIPSCHECK();
|
||||
SFTK_FIPSCHECK();
|
||||
|
||||
rv = NSC_Logout(hSession);
|
||||
isLoggedIn = PR_FALSE;
|
||||
|
@ -368,7 +368,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
|
||||
CK_OBJECT_HANDLE_PTR phObject) {
|
||||
CK_OBJECT_CLASS * classptr;
|
||||
PK11_FIPSCHECK();
|
||||
SFTK_FIPSCHECK();
|
||||
classptr = (CK_OBJECT_CLASS *)fc_getAttribute(pTemplate,ulCount,CKA_CLASS);
|
||||
if (classptr == NULL) return CKR_TEMPLATE_INCOMPLETE;
|
||||
|
||||
|
@ -388,7 +388,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG usCount,
|
||||
CK_OBJECT_HANDLE_PTR phNewObject) {
|
||||
CK_RV rv;
|
||||
PK11_FIPSFATALCHECK();
|
||||
SFTK_FIPSFATALCHECK();
|
||||
rv = fips_login_if_key_object(hSession, hObject);
|
||||
if (rv != CKR_OK) {
|
||||
return rv;
|
||||
|
@ -401,7 +401,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
CK_RV FC_DestroyObject(CK_SESSION_HANDLE hSession,
|
||||
CK_OBJECT_HANDLE hObject) {
|
||||
CK_RV rv;
|
||||
PK11_FIPSFATALCHECK();
|
||||
SFTK_FIPSFATALCHECK();
|
||||
rv = fips_login_if_key_object(hSession, hObject);
|
||||
if (rv != CKR_OK) {
|
||||
return rv;
|
||||
|
@ -414,7 +414,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
CK_RV FC_GetObjectSize(CK_SESSION_HANDLE hSession,
|
||||
CK_OBJECT_HANDLE hObject, CK_ULONG_PTR pusSize) {
|
||||
CK_RV rv;
|
||||
PK11_FIPSFATALCHECK();
|
||||
SFTK_FIPSFATALCHECK();
|
||||
rv = fips_login_if_key_object(hSession, hObject);
|
||||
if (rv != CKR_OK) {
|
||||
return rv;
|
||||
|
@ -427,7 +427,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
CK_RV FC_GetAttributeValue(CK_SESSION_HANDLE hSession,
|
||||
CK_OBJECT_HANDLE hObject,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG usCount) {
|
||||
CK_RV rv;
|
||||
PK11_FIPSFATALCHECK();
|
||||
SFTK_FIPSFATALCHECK();
|
||||
rv = fips_login_if_key_object(hSession, hObject);
|
||||
if (rv != CKR_OK) {
|
||||
return rv;
|
||||
|
@ -440,7 +440,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
CK_RV FC_SetAttributeValue (CK_SESSION_HANDLE hSession,
|
||||
CK_OBJECT_HANDLE hObject,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG usCount) {
|
||||
CK_RV rv;
|
||||
PK11_FIPSFATALCHECK();
|
||||
SFTK_FIPSFATALCHECK();
|
||||
rv = fips_login_if_key_object(hSession, hObject);
|
||||
if (rv != CKR_OK) {
|
||||
return rv;
|
||||
|
@ -459,7 +459,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
CK_RV rv;
|
||||
PRBool needLogin = PR_FALSE;
|
||||
|
||||
PK11_FIPSFATALCHECK();
|
||||
SFTK_FIPSFATALCHECK();
|
||||
|
||||
for (i=0; i < usCount; i++) {
|
||||
CK_OBJECT_CLASS class;
|
||||
|
@ -479,7 +479,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
}
|
||||
}
|
||||
if (needLogin) {
|
||||
if ((rv = pk11_fipsCheck()) != CKR_OK) return rv;
|
||||
if ((rv = sftk_fipsCheck()) != CKR_OK) return rv;
|
||||
}
|
||||
return NSC_FindObjectsInit(hSession,pTemplate,usCount);
|
||||
}
|
||||
|
@ -491,7 +491,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
CK_OBJECT_HANDLE_PTR phObject,CK_ULONG usMaxObjectCount,
|
||||
CK_ULONG_PTR pusObjectCount) {
|
||||
/* let publically readable object be found */
|
||||
PK11_FIPSFATALCHECK();
|
||||
SFTK_FIPSFATALCHECK();
|
||||
return NSC_FindObjects(hSession,phObject,usMaxObjectCount,
|
||||
pusObjectCount);
|
||||
}
|
||||
|
@ -504,7 +504,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
/* FC_EncryptInit initializes an encryption operation. */
|
||||
CK_RV FC_EncryptInit(CK_SESSION_HANDLE hSession,
|
||||
CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) {
|
||||
PK11_FIPSCHECK();
|
||||
SFTK_FIPSCHECK();
|
||||
return NSC_EncryptInit(hSession,pMechanism,hKey);
|
||||
}
|
||||
|
||||
|
@ -512,7 +512,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
CK_RV FC_Encrypt (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
|
||||
CK_ULONG usDataLen, CK_BYTE_PTR pEncryptedData,
|
||||
CK_ULONG_PTR pusEncryptedDataLen) {
|
||||
PK11_FIPSCHECK();
|
||||
SFTK_FIPSCHECK();
|
||||
return NSC_Encrypt(hSession,pData,usDataLen,pEncryptedData,
|
||||
pusEncryptedDataLen);
|
||||
}
|
||||
|
@ -522,7 +522,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
CK_RV FC_EncryptUpdate(CK_SESSION_HANDLE hSession,
|
||||
CK_BYTE_PTR pPart, CK_ULONG usPartLen, CK_BYTE_PTR pEncryptedPart,
|
||||
CK_ULONG_PTR pusEncryptedPartLen) {
|
||||
PK11_FIPSCHECK();
|
||||
SFTK_FIPSCHECK();
|
||||
return NSC_EncryptUpdate(hSession,pPart,usPartLen,pEncryptedPart,
|
||||
pusEncryptedPartLen);
|
||||
}
|
||||
|
@ -532,7 +532,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
CK_RV FC_EncryptFinal(CK_SESSION_HANDLE hSession,
|
||||
CK_BYTE_PTR pLastEncryptedPart, CK_ULONG_PTR pusLastEncryptedPartLen) {
|
||||
|
||||
PK11_FIPSCHECK();
|
||||
SFTK_FIPSCHECK();
|
||||
return NSC_EncryptFinal(hSession,pLastEncryptedPart,
|
||||
pusLastEncryptedPartLen);
|
||||
}
|
||||
|
@ -545,7 +545,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
/* FC_DecryptInit initializes a decryption operation. */
|
||||
CK_RV FC_DecryptInit( CK_SESSION_HANDLE hSession,
|
||||
CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) {
|
||||
PK11_FIPSCHECK();
|
||||
SFTK_FIPSCHECK();
|
||||
return NSC_DecryptInit(hSession,pMechanism,hKey);
|
||||
}
|
||||
|
||||
|
@ -553,7 +553,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
CK_RV FC_Decrypt(CK_SESSION_HANDLE hSession,
|
||||
CK_BYTE_PTR pEncryptedData,CK_ULONG usEncryptedDataLen,CK_BYTE_PTR pData,
|
||||
CK_ULONG_PTR pusDataLen) {
|
||||
PK11_FIPSCHECK();
|
||||
SFTK_FIPSCHECK();
|
||||
return NSC_Decrypt(hSession,pEncryptedData,usEncryptedDataLen,pData,
|
||||
pusDataLen);
|
||||
}
|
||||
|
@ -563,7 +563,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
CK_RV FC_DecryptUpdate(CK_SESSION_HANDLE hSession,
|
||||
CK_BYTE_PTR pEncryptedPart, CK_ULONG usEncryptedPartLen,
|
||||
CK_BYTE_PTR pPart, CK_ULONG_PTR pusPartLen) {
|
||||
PK11_FIPSCHECK();
|
||||
SFTK_FIPSCHECK();
|
||||
return NSC_DecryptUpdate(hSession,pEncryptedPart,usEncryptedPartLen,
|
||||
pPart,pusPartLen);
|
||||
}
|
||||
|
@ -572,7 +572,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
/* FC_DecryptFinal finishes a multiple-part decryption operation. */
|
||||
CK_RV FC_DecryptFinal(CK_SESSION_HANDLE hSession,
|
||||
CK_BYTE_PTR pLastPart, CK_ULONG_PTR pusLastPartLen) {
|
||||
PK11_FIPSCHECK();
|
||||
SFTK_FIPSCHECK();
|
||||
return NSC_DecryptFinal(hSession,pLastPart,pusLastPartLen);
|
||||
}
|
||||
|
||||
|
@ -584,7 +584,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
/* FC_DigestInit initializes a message-digesting operation. */
|
||||
CK_RV FC_DigestInit(CK_SESSION_HANDLE hSession,
|
||||
CK_MECHANISM_PTR pMechanism) {
|
||||
PK11_FIPSFATALCHECK();
|
||||
SFTK_FIPSFATALCHECK();
|
||||
return NSC_DigestInit(hSession, pMechanism);
|
||||
}
|
||||
|
||||
|
@ -593,7 +593,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
CK_RV FC_Digest(CK_SESSION_HANDLE hSession,
|
||||
CK_BYTE_PTR pData, CK_ULONG usDataLen, CK_BYTE_PTR pDigest,
|
||||
CK_ULONG_PTR pusDigestLen) {
|
||||
PK11_FIPSFATALCHECK();
|
||||
SFTK_FIPSFATALCHECK();
|
||||
return NSC_Digest(hSession,pData,usDataLen,pDigest,pusDigestLen);
|
||||
}
|
||||
|
||||
|
@ -601,7 +601,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
/* FC_DigestUpdate continues a multiple-part message-digesting operation. */
|
||||
CK_RV FC_DigestUpdate(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pPart,
|
||||
CK_ULONG usPartLen) {
|
||||
PK11_FIPSFATALCHECK();
|
||||
SFTK_FIPSFATALCHECK();
|
||||
return NSC_DigestUpdate(hSession,pPart,usPartLen);
|
||||
}
|
||||
|
||||
|
@ -609,7 +609,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
/* FC_DigestFinal finishes a multiple-part message-digesting operation. */
|
||||
CK_RV FC_DigestFinal(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pDigest,
|
||||
CK_ULONG_PTR pusDigestLen) {
|
||||
PK11_FIPSFATALCHECK();
|
||||
SFTK_FIPSFATALCHECK();
|
||||
return NSC_DigestFinal(hSession,pDigest,pusDigestLen);
|
||||
}
|
||||
|
||||
|
@ -623,7 +623,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
* and plaintext cannot be recovered from the signature */
|
||||
CK_RV FC_SignInit(CK_SESSION_HANDLE hSession,
|
||||
CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) {
|
||||
PK11_FIPSCHECK();
|
||||
SFTK_FIPSCHECK();
|
||||
return NSC_SignInit(hSession,pMechanism,hKey);
|
||||
}
|
||||
|
||||
|
@ -634,7 +634,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
CK_RV FC_Sign(CK_SESSION_HANDLE hSession,
|
||||
CK_BYTE_PTR pData,CK_ULONG usDataLen,CK_BYTE_PTR pSignature,
|
||||
CK_ULONG_PTR pusSignatureLen) {
|
||||
PK11_FIPSCHECK();
|
||||
SFTK_FIPSCHECK();
|
||||
return NSC_Sign(hSession,pData,usDataLen,pSignature,pusSignatureLen);
|
||||
}
|
||||
|
||||
|
@ -644,7 +644,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
* and plaintext cannot be recovered from the signature */
|
||||
CK_RV FC_SignUpdate(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pPart,
|
||||
CK_ULONG usPartLen) {
|
||||
PK11_FIPSCHECK();
|
||||
SFTK_FIPSCHECK();
|
||||
return NSC_SignUpdate(hSession,pPart,usPartLen);
|
||||
}
|
||||
|
||||
|
@ -653,7 +653,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
* returning the signature. */
|
||||
CK_RV FC_SignFinal(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pSignature,
|
||||
CK_ULONG_PTR pusSignatureLen) {
|
||||
PK11_FIPSCHECK();
|
||||
SFTK_FIPSCHECK();
|
||||
return NSC_SignFinal(hSession,pSignature,pusSignatureLen);
|
||||
}
|
||||
|
||||
|
@ -665,7 +665,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
* E.g. encryption with the user's private key */
|
||||
CK_RV FC_SignRecoverInit(CK_SESSION_HANDLE hSession,
|
||||
CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey) {
|
||||
PK11_FIPSCHECK();
|
||||
SFTK_FIPSCHECK();
|
||||
return NSC_SignRecoverInit(hSession,pMechanism,hKey);
|
||||
}
|
||||
|
||||
|
@ -675,7 +675,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
* E.g. encryption with the user's private key */
|
||||
CK_RV FC_SignRecover(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
|
||||
CK_ULONG usDataLen, CK_BYTE_PTR pSignature, CK_ULONG_PTR pusSignatureLen) {
|
||||
PK11_FIPSCHECK();
|
||||
SFTK_FIPSCHECK();
|
||||
return NSC_SignRecover(hSession,pData,usDataLen,pSignature,pusSignatureLen);
|
||||
}
|
||||
|
||||
|
@ -688,7 +688,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
* and plaintext cannot be recovered from the signature (e.g. DSA) */
|
||||
CK_RV FC_VerifyInit(CK_SESSION_HANDLE hSession,
|
||||
CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey) {
|
||||
PK11_FIPSCHECK();
|
||||
SFTK_FIPSCHECK();
|
||||
return NSC_VerifyInit(hSession,pMechanism,hKey);
|
||||
}
|
||||
|
||||
|
@ -699,7 +699,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
CK_RV FC_Verify(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
|
||||
CK_ULONG usDataLen, CK_BYTE_PTR pSignature, CK_ULONG usSignatureLen) {
|
||||
/* make sure we're legal */
|
||||
PK11_FIPSCHECK();
|
||||
SFTK_FIPSCHECK();
|
||||
return NSC_Verify(hSession,pData,usDataLen,pSignature,usSignatureLen);
|
||||
}
|
||||
|
||||
|
@ -709,7 +709,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
* and plaintext cannot be recovered from the signature */
|
||||
CK_RV FC_VerifyUpdate( CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
|
||||
CK_ULONG usPartLen) {
|
||||
PK11_FIPSCHECK();
|
||||
SFTK_FIPSCHECK();
|
||||
return NSC_VerifyUpdate(hSession,pPart,usPartLen);
|
||||
}
|
||||
|
||||
|
@ -718,7 +718,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
* checking the signature. */
|
||||
CK_RV FC_VerifyFinal(CK_SESSION_HANDLE hSession,
|
||||
CK_BYTE_PTR pSignature,CK_ULONG usSignatureLen) {
|
||||
PK11_FIPSCHECK();
|
||||
SFTK_FIPSCHECK();
|
||||
return NSC_VerifyFinal(hSession,pSignature,usSignatureLen);
|
||||
}
|
||||
|
||||
|
@ -731,7 +731,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
* E.g. Decryption with the user's public key */
|
||||
CK_RV FC_VerifyRecoverInit(CK_SESSION_HANDLE hSession,
|
||||
CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey) {
|
||||
PK11_FIPSCHECK();
|
||||
SFTK_FIPSCHECK();
|
||||
return NSC_VerifyRecoverInit(hSession,pMechanism,hKey);
|
||||
}
|
||||
|
||||
|
@ -742,7 +742,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
CK_RV FC_VerifyRecover(CK_SESSION_HANDLE hSession,
|
||||
CK_BYTE_PTR pSignature,CK_ULONG usSignatureLen,
|
||||
CK_BYTE_PTR pData,CK_ULONG_PTR pusDataLen) {
|
||||
PK11_FIPSCHECK();
|
||||
SFTK_FIPSCHECK();
|
||||
return NSC_VerifyRecover(hSession,pSignature,usSignatureLen,pData,
|
||||
pusDataLen);
|
||||
}
|
||||
|
@ -757,7 +757,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
CK_OBJECT_HANDLE_PTR phKey) {
|
||||
CK_BBOOL *boolptr;
|
||||
|
||||
PK11_FIPSCHECK();
|
||||
SFTK_FIPSCHECK();
|
||||
|
||||
/* all secret keys must be sensitive, if the upper level code tries to say
|
||||
* otherwise, reject it. */
|
||||
|
@ -781,7 +781,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
CK_OBJECT_HANDLE_PTR phPrivateKey) {
|
||||
CK_BBOOL *boolptr;
|
||||
|
||||
PK11_FIPSCHECK();
|
||||
SFTK_FIPSCHECK();
|
||||
|
||||
/* all private keys must be sensitive, if the upper level code tries to say
|
||||
* otherwise, reject it. */
|
||||
|
@ -803,7 +803,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hWrappingKey,
|
||||
CK_OBJECT_HANDLE hKey, CK_BYTE_PTR pWrappedKey,
|
||||
CK_ULONG_PTR pusWrappedKeyLen) {
|
||||
PK11_FIPSCHECK();
|
||||
SFTK_FIPSCHECK();
|
||||
return NSC_WrapKey(hSession,pMechanism,hWrappingKey,hKey,pWrappedKey,
|
||||
pusWrappedKeyLen);
|
||||
}
|
||||
|
@ -817,7 +817,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
CK_OBJECT_HANDLE_PTR phKey) {
|
||||
CK_BBOOL *boolptr;
|
||||
|
||||
PK11_FIPSCHECK();
|
||||
SFTK_FIPSCHECK();
|
||||
|
||||
/* all secret keys must be sensitive, if the upper level code tries to say
|
||||
* otherwise, reject it. */
|
||||
|
@ -840,7 +840,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
CK_OBJECT_HANDLE_PTR phKey) {
|
||||
CK_BBOOL *boolptr;
|
||||
|
||||
PK11_FIPSCHECK();
|
||||
SFTK_FIPSCHECK();
|
||||
|
||||
/* all secret keys must be sensitive, if the upper level code tries to say
|
||||
* otherwise, reject it. */
|
||||
|
@ -865,7 +865,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
CK_ULONG usSeedLen) {
|
||||
CK_RV crv;
|
||||
|
||||
PK11_FIPSFATALCHECK();
|
||||
SFTK_FIPSFATALCHECK();
|
||||
crv = NSC_SeedRandom(hSession,pSeed,usSeedLen);
|
||||
if (crv != CKR_OK) {
|
||||
fatalError = PR_TRUE;
|
||||
|
@ -879,7 +879,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
CK_BYTE_PTR pRandomData, CK_ULONG usRandomLen) {
|
||||
CK_RV crv;
|
||||
|
||||
PK11_FIPSFATALCHECK();
|
||||
SFTK_FIPSFATALCHECK();
|
||||
crv = NSC_GenerateRandom(hSession,pRandomData,usRandomLen);
|
||||
if (crv != CKR_OK) {
|
||||
fatalError = PR_TRUE;
|
||||
|
@ -891,14 +891,14 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
/* FC_GetFunctionStatus obtains an updated status of a function running
|
||||
* in parallel with an application. */
|
||||
CK_RV FC_GetFunctionStatus(CK_SESSION_HANDLE hSession) {
|
||||
PK11_FIPSCHECK();
|
||||
SFTK_FIPSCHECK();
|
||||
return NSC_GetFunctionStatus(hSession);
|
||||
}
|
||||
|
||||
|
||||
/* FC_CancelFunction cancels a function running in parallel */
|
||||
CK_RV FC_CancelFunction(CK_SESSION_HANDLE hSession) {
|
||||
PK11_FIPSCHECK();
|
||||
SFTK_FIPSCHECK();
|
||||
return NSC_CancelFunction(hSession);
|
||||
}
|
||||
|
||||
|
@ -910,7 +910,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
|
|||
*operation in a session. */
|
||||
CK_RV FC_GetOperationState(CK_SESSION_HANDLE hSession,
|
||||
CK_BYTE_PTR pOperationState, CK_ULONG_PTR pulOperationStateLen) {
|
||||
PK11_FIPSFATALCHECK();
|
||||
SFTK_FIPSFATALCHECK();
|
||||
return NSC_GetOperationState(hSession,pOperationState,pulOperationStateLen);
|
||||
}
|
||||
|
||||
|
@ -920,7 +920,7 @@ CK_RV FC_GetOperationState(CK_SESSION_HANDLE hSession,
|
|||
CK_RV FC_SetOperationState(CK_SESSION_HANDLE hSession,
|
||||
CK_BYTE_PTR pOperationState, CK_ULONG ulOperationStateLen,
|
||||
CK_OBJECT_HANDLE hEncryptionKey, CK_OBJECT_HANDLE hAuthenticationKey) {
|
||||
PK11_FIPSFATALCHECK();
|
||||
SFTK_FIPSFATALCHECK();
|
||||
return NSC_SetOperationState(hSession,pOperationState,ulOperationStateLen,
|
||||
hEncryptionKey,hAuthenticationKey);
|
||||
}
|
||||
|
@ -928,7 +928,7 @@ CK_RV FC_SetOperationState(CK_SESSION_HANDLE hSession,
|
|||
/* FC_FindObjectsFinal finishes a search for token and session objects. */
|
||||
CK_RV FC_FindObjectsFinal(CK_SESSION_HANDLE hSession) {
|
||||
/* let publically readable object be found */
|
||||
PK11_FIPSFATALCHECK();
|
||||
SFTK_FIPSFATALCHECK();
|
||||
return NSC_FindObjectsFinal(hSession);
|
||||
}
|
||||
|
||||
|
@ -940,7 +940,7 @@ CK_RV FC_FindObjectsFinal(CK_SESSION_HANDLE hSession) {
|
|||
CK_RV FC_DigestEncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
|
||||
CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart,
|
||||
CK_ULONG_PTR pulEncryptedPartLen) {
|
||||
PK11_FIPSCHECK();
|
||||
SFTK_FIPSCHECK();
|
||||
return NSC_DigestEncryptUpdate(hSession,pPart,ulPartLen,pEncryptedPart,
|
||||
pulEncryptedPartLen);
|
||||
}
|
||||
|
@ -952,7 +952,7 @@ CK_RV FC_DecryptDigestUpdate(CK_SESSION_HANDLE hSession,
|
|||
CK_BYTE_PTR pEncryptedPart, CK_ULONG ulEncryptedPartLen,
|
||||
CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen) {
|
||||
|
||||
PK11_FIPSCHECK();
|
||||
SFTK_FIPSCHECK();
|
||||
return NSC_DecryptDigestUpdate(hSession, pEncryptedPart,ulEncryptedPartLen,
|
||||
pPart,pulPartLen);
|
||||
}
|
||||
|
@ -963,7 +963,7 @@ CK_RV FC_SignEncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
|
|||
CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart,
|
||||
CK_ULONG_PTR pulEncryptedPartLen) {
|
||||
|
||||
PK11_FIPSCHECK();
|
||||
SFTK_FIPSCHECK();
|
||||
return NSC_SignEncryptUpdate(hSession,pPart,ulPartLen,pEncryptedPart,
|
||||
pulEncryptedPartLen);
|
||||
}
|
||||
|
@ -974,7 +974,7 @@ CK_RV FC_DecryptVerifyUpdate(CK_SESSION_HANDLE hSession,
|
|||
CK_BYTE_PTR pEncryptedData, CK_ULONG ulEncryptedDataLen,
|
||||
CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen) {
|
||||
|
||||
PK11_FIPSCHECK();
|
||||
SFTK_FIPSCHECK();
|
||||
return NSC_DecryptVerifyUpdate(hSession,pEncryptedData,ulEncryptedDataLen,
|
||||
pData,pulDataLen);
|
||||
}
|
||||
|
@ -984,7 +984,7 @@ CK_RV FC_DecryptVerifyUpdate(CK_SESSION_HANDLE hSession,
|
|||
* by digesting the value of a secret key as part of the data already digested.
|
||||
*/
|
||||
CK_RV FC_DigestKey(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey) {
|
||||
PK11_FIPSCHECK();
|
||||
SFTK_FIPSCHECK();
|
||||
return NSC_DigestKey(hSession,hKey);
|
||||
}
|
||||
|
||||
|
|
|
@ -37,7 +37,7 @@
|
|||
/*
|
||||
* Permanent Certificate database handling code
|
||||
*
|
||||
* $Id: pcertdb.c,v 1.48 2004/04/25 15:03:16 gerv%gerv.net Exp $
|
||||
* $Id: pcertdb.c,v 1.49 2005/03/29 18:21:18 nelsonb%netscape.com Exp $
|
||||
*/
|
||||
#include "prtime.h"
|
||||
|
||||
|
@ -48,7 +48,7 @@
|
|||
#include "secitem.h"
|
||||
#include "secder.h"
|
||||
|
||||
/* Call to PK11_FreeSlot below */
|
||||
/* Call to SFTK_FreeSlot below */
|
||||
|
||||
#include "secasn1.h"
|
||||
#include "secerr.h"
|
||||
|
|
|
@ -48,83 +48,83 @@
|
|||
#define FREE_CLEAR(p) if (p) { PORT_Free(p); p = NULL; }
|
||||
|
||||
static void
|
||||
secmod_parseTokenFlags(char *tmp, pk11_token_parameters *parsed) {
|
||||
parsed->readOnly = pk11_argHasFlag("flags","readOnly",tmp);
|
||||
parsed->noCertDB = pk11_argHasFlag("flags","noCertDB",tmp);
|
||||
parsed->noKeyDB = pk11_argHasFlag("flags","noKeyDB",tmp);
|
||||
parsed->forceOpen = pk11_argHasFlag("flags","forceOpen",tmp);
|
||||
parsed->pwRequired = pk11_argHasFlag("flags","passwordRequired",tmp);
|
||||
parsed->optimizeSpace = pk11_argHasFlag("flags","optimizeSpace",tmp);
|
||||
secmod_parseTokenFlags(char *tmp, sftk_token_parameters *parsed) {
|
||||
parsed->readOnly = sftk_argHasFlag("flags","readOnly",tmp);
|
||||
parsed->noCertDB = sftk_argHasFlag("flags","noCertDB",tmp);
|
||||
parsed->noKeyDB = sftk_argHasFlag("flags","noKeyDB",tmp);
|
||||
parsed->forceOpen = sftk_argHasFlag("flags","forceOpen",tmp);
|
||||
parsed->pwRequired = sftk_argHasFlag("flags","passwordRequired",tmp);
|
||||
parsed->optimizeSpace = sftk_argHasFlag("flags","optimizeSpace",tmp);
|
||||
return;
|
||||
}
|
||||
|
||||
static void
|
||||
secmod_parseFlags(char *tmp, pk11_parameters *parsed) {
|
||||
parsed->noModDB = pk11_argHasFlag("flags","noModDB",tmp);
|
||||
parsed->readOnly = pk11_argHasFlag("flags","readOnly",tmp);
|
||||
secmod_parseFlags(char *tmp, sftk_parameters *parsed) {
|
||||
parsed->noModDB = sftk_argHasFlag("flags","noModDB",tmp);
|
||||
parsed->readOnly = sftk_argHasFlag("flags","readOnly",tmp);
|
||||
/* keep legacy interface working */
|
||||
parsed->noCertDB = pk11_argHasFlag("flags","noCertDB",tmp);
|
||||
parsed->forceOpen = pk11_argHasFlag("flags","forceOpen",tmp);
|
||||
parsed->pwRequired = pk11_argHasFlag("flags","passwordRequired",tmp);
|
||||
parsed->optimizeSpace = pk11_argHasFlag("flags","optimizeSpace",tmp);
|
||||
parsed->noCertDB = sftk_argHasFlag("flags","noCertDB",tmp);
|
||||
parsed->forceOpen = sftk_argHasFlag("flags","forceOpen",tmp);
|
||||
parsed->pwRequired = sftk_argHasFlag("flags","passwordRequired",tmp);
|
||||
parsed->optimizeSpace = sftk_argHasFlag("flags","optimizeSpace",tmp);
|
||||
return;
|
||||
}
|
||||
|
||||
CK_RV
|
||||
secmod_parseTokenParameters(char *param, pk11_token_parameters *parsed)
|
||||
secmod_parseTokenParameters(char *param, sftk_token_parameters *parsed)
|
||||
{
|
||||
int next;
|
||||
char *tmp;
|
||||
char *index;
|
||||
index = pk11_argStrip(param);
|
||||
index = sftk_argStrip(param);
|
||||
|
||||
while (*index) {
|
||||
PK11_HANDLE_STRING_ARG(index,parsed->configdir,"configDir=",;)
|
||||
PK11_HANDLE_STRING_ARG(index,parsed->certPrefix,"certPrefix=",;)
|
||||
PK11_HANDLE_STRING_ARG(index,parsed->keyPrefix,"keyPrefix=",;)
|
||||
PK11_HANDLE_STRING_ARG(index,parsed->tokdes,"tokenDescription=",;)
|
||||
PK11_HANDLE_STRING_ARG(index,parsed->slotdes,"slotDescription=",;)
|
||||
PK11_HANDLE_STRING_ARG(index,tmp,"minPWLen=",
|
||||
SFTK_HANDLE_STRING_ARG(index,parsed->configdir,"configDir=",;)
|
||||
SFTK_HANDLE_STRING_ARG(index,parsed->certPrefix,"certPrefix=",;)
|
||||
SFTK_HANDLE_STRING_ARG(index,parsed->keyPrefix,"keyPrefix=",;)
|
||||
SFTK_HANDLE_STRING_ARG(index,parsed->tokdes,"tokenDescription=",;)
|
||||
SFTK_HANDLE_STRING_ARG(index,parsed->slotdes,"slotDescription=",;)
|
||||
SFTK_HANDLE_STRING_ARG(index,tmp,"minPWLen=",
|
||||
if(tmp) { parsed->minPW=atoi(tmp); PORT_Free(tmp); })
|
||||
PK11_HANDLE_STRING_ARG(index,tmp,"flags=",
|
||||
SFTK_HANDLE_STRING_ARG(index,tmp,"flags=",
|
||||
if(tmp) { secmod_parseTokenFlags(param,parsed); PORT_Free(tmp); })
|
||||
PK11_HANDLE_FINAL_ARG(index)
|
||||
SFTK_HANDLE_FINAL_ARG(index)
|
||||
}
|
||||
return CKR_OK;
|
||||
}
|
||||
|
||||
static void
|
||||
secmod_parseTokens(char *tokenParams, pk11_parameters *parsed)
|
||||
secmod_parseTokens(char *tokenParams, sftk_parameters *parsed)
|
||||
{
|
||||
char *tokenIndex;
|
||||
pk11_token_parameters *tokens = NULL;
|
||||
sftk_token_parameters *tokens = NULL;
|
||||
int i=0,count = 0,next;
|
||||
|
||||
if ((tokenParams == NULL) || (*tokenParams == 0)) return;
|
||||
|
||||
/* first count the number of slots */
|
||||
for (tokenIndex = pk11_argStrip(tokenParams); *tokenIndex;
|
||||
tokenIndex = pk11_argStrip(pk11_argSkipParameter(tokenIndex))) {
|
||||
for (tokenIndex = sftk_argStrip(tokenParams); *tokenIndex;
|
||||
tokenIndex = sftk_argStrip(sftk_argSkipParameter(tokenIndex))) {
|
||||
count++;
|
||||
}
|
||||
|
||||
/* get the data structures */
|
||||
tokens = (pk11_token_parameters *)
|
||||
PORT_ZAlloc(count*sizeof(pk11_token_parameters));
|
||||
tokens = (sftk_token_parameters *)
|
||||
PORT_ZAlloc(count*sizeof(sftk_token_parameters));
|
||||
if (tokens == NULL) return;
|
||||
|
||||
for (tokenIndex = pk11_argStrip(tokenParams), i = 0;
|
||||
for (tokenIndex = sftk_argStrip(tokenParams), i = 0;
|
||||
*tokenIndex && i < count ; i++ ) {
|
||||
char *name;
|
||||
name = pk11_argGetName(tokenIndex,&next);
|
||||
name = sftk_argGetName(tokenIndex,&next);
|
||||
tokenIndex += next;
|
||||
|
||||
tokens[i].slotID = pk11_argDecodeNumber(name);
|
||||
tokens[i].slotID = sftk_argDecodeNumber(name);
|
||||
tokens[i].readOnly = PR_TRUE;
|
||||
tokens[i].noCertDB = PR_TRUE;
|
||||
tokens[i].noKeyDB = PR_TRUE;
|
||||
if (!pk11_argIsBlank(*tokenIndex)) {
|
||||
char *args = pk11_argFetchValue(tokenIndex,&next);
|
||||
if (!sftk_argIsBlank(*tokenIndex)) {
|
||||
char *args = sftk_argFetchValue(tokenIndex,&next);
|
||||
tokenIndex += next;
|
||||
if (args) {
|
||||
secmod_parseTokenParameters(args,&tokens[i]);
|
||||
|
@ -132,7 +132,7 @@ secmod_parseTokens(char *tokenParams, pk11_parameters *parsed)
|
|||
}
|
||||
}
|
||||
if (name) PORT_Free(name);
|
||||
tokenIndex = pk11_argStrip(tokenIndex);
|
||||
tokenIndex = sftk_argStrip(tokenIndex);
|
||||
}
|
||||
parsed->token_count = i;
|
||||
parsed->tokens = tokens;
|
||||
|
@ -140,7 +140,7 @@ secmod_parseTokens(char *tokenParams, pk11_parameters *parsed)
|
|||
}
|
||||
|
||||
CK_RV
|
||||
secmod_parseParameters(char *param, pk11_parameters *parsed, PRBool isFIPS)
|
||||
secmod_parseParameters(char *param, sftk_parameters *parsed, PRBool isFIPS)
|
||||
{
|
||||
int next;
|
||||
char *tmp;
|
||||
|
@ -150,39 +150,39 @@ secmod_parseParameters(char *param, pk11_parameters *parsed, PRBool isFIPS)
|
|||
char *slotdes = NULL, *pslotdes = NULL;
|
||||
char *fslotdes = NULL, *fpslotdes = NULL;
|
||||
char *minPW = NULL;
|
||||
index = pk11_argStrip(param);
|
||||
index = sftk_argStrip(param);
|
||||
|
||||
PORT_Memset(parsed, 0, sizeof(pk11_parameters));
|
||||
PORT_Memset(parsed, 0, sizeof(sftk_parameters));
|
||||
|
||||
while (*index) {
|
||||
PK11_HANDLE_STRING_ARG(index,parsed->configdir,"configDir=",;)
|
||||
PK11_HANDLE_STRING_ARG(index,parsed->secmodName,"secmod=",;)
|
||||
PK11_HANDLE_STRING_ARG(index,parsed->man,"manufacturerID=",;)
|
||||
PK11_HANDLE_STRING_ARG(index,parsed->libdes,"libraryDescription=",;)
|
||||
SFTK_HANDLE_STRING_ARG(index,parsed->configdir,"configDir=",;)
|
||||
SFTK_HANDLE_STRING_ARG(index,parsed->secmodName,"secmod=",;)
|
||||
SFTK_HANDLE_STRING_ARG(index,parsed->man,"manufacturerID=",;)
|
||||
SFTK_HANDLE_STRING_ARG(index,parsed->libdes,"libraryDescription=",;)
|
||||
/* constructed values, used so legacy interfaces still work */
|
||||
PK11_HANDLE_STRING_ARG(index,certPrefix,"certPrefix=",;)
|
||||
PK11_HANDLE_STRING_ARG(index,keyPrefix,"keyPrefix=",;)
|
||||
PK11_HANDLE_STRING_ARG(index,tokdes,"cryptoTokenDescription=",;)
|
||||
PK11_HANDLE_STRING_ARG(index,ptokdes,"dbTokenDescription=",;)
|
||||
PK11_HANDLE_STRING_ARG(index,slotdes,"cryptoSlotDescription=",;)
|
||||
PK11_HANDLE_STRING_ARG(index,pslotdes,"dbSlotDescription=",;)
|
||||
PK11_HANDLE_STRING_ARG(index,fslotdes,"FIPSSlotDescription=",;)
|
||||
PK11_HANDLE_STRING_ARG(index,minPW,"FIPSTokenDescription=",;)
|
||||
PK11_HANDLE_STRING_ARG(index,tmp,"minPWLen=",;)
|
||||
SFTK_HANDLE_STRING_ARG(index,certPrefix,"certPrefix=",;)
|
||||
SFTK_HANDLE_STRING_ARG(index,keyPrefix,"keyPrefix=",;)
|
||||
SFTK_HANDLE_STRING_ARG(index,tokdes,"cryptoTokenDescription=",;)
|
||||
SFTK_HANDLE_STRING_ARG(index,ptokdes,"dbTokenDescription=",;)
|
||||
SFTK_HANDLE_STRING_ARG(index,slotdes,"cryptoSlotDescription=",;)
|
||||
SFTK_HANDLE_STRING_ARG(index,pslotdes,"dbSlotDescription=",;)
|
||||
SFTK_HANDLE_STRING_ARG(index,fslotdes,"FIPSSlotDescription=",;)
|
||||
SFTK_HANDLE_STRING_ARG(index,minPW,"FIPSTokenDescription=",;)
|
||||
SFTK_HANDLE_STRING_ARG(index,tmp,"minPWLen=",;)
|
||||
|
||||
PK11_HANDLE_STRING_ARG(index,tmp,"flags=",
|
||||
SFTK_HANDLE_STRING_ARG(index,tmp,"flags=",
|
||||
if(tmp) { secmod_parseFlags(param,parsed); PORT_Free(tmp); })
|
||||
PK11_HANDLE_STRING_ARG(index,tmp,"tokens=",
|
||||
SFTK_HANDLE_STRING_ARG(index,tmp,"tokens=",
|
||||
if(tmp) { secmod_parseTokens(tmp,parsed); PORT_Free(tmp); })
|
||||
PK11_HANDLE_FINAL_ARG(index)
|
||||
SFTK_HANDLE_FINAL_ARG(index)
|
||||
}
|
||||
if (parsed->tokens == NULL) {
|
||||
int count = isFIPS ? 1 : 2;
|
||||
int index = count-1;
|
||||
pk11_token_parameters *tokens = NULL;
|
||||
sftk_token_parameters *tokens = NULL;
|
||||
|
||||
tokens = (pk11_token_parameters *)
|
||||
PORT_ZAlloc(count*sizeof(pk11_token_parameters));
|
||||
tokens = (sftk_token_parameters *)
|
||||
PORT_ZAlloc(count*sizeof(sftk_token_parameters));
|
||||
if (tokens == NULL) {
|
||||
goto loser;
|
||||
}
|
||||
|
@ -235,7 +235,7 @@ loser:
|
|||
}
|
||||
|
||||
void
|
||||
secmod_freeParams(pk11_parameters *params)
|
||||
secmod_freeParams(sftk_parameters *params)
|
||||
{
|
||||
int i;
|
||||
|
||||
|
@ -264,18 +264,18 @@ secmod_getSecmodName(char *param, char **appName, char **filename,PRBool *rw)
|
|||
char *value = NULL;
|
||||
char *save_params = param;
|
||||
const char *lconfigdir;
|
||||
param = pk11_argStrip(param);
|
||||
param = sftk_argStrip(param);
|
||||
|
||||
|
||||
while (*param) {
|
||||
PK11_HANDLE_STRING_ARG(param,configdir,"configDir=",;)
|
||||
PK11_HANDLE_STRING_ARG(param,secmodName,"secmod=",;)
|
||||
PK11_HANDLE_FINAL_ARG(param)
|
||||
SFTK_HANDLE_STRING_ARG(param,configdir,"configDir=",;)
|
||||
SFTK_HANDLE_STRING_ARG(param,secmodName,"secmod=",;)
|
||||
SFTK_HANDLE_FINAL_ARG(param)
|
||||
}
|
||||
|
||||
*rw = PR_TRUE;
|
||||
if (pk11_argHasFlag("flags","readOnly",save_params) ||
|
||||
pk11_argHasFlag("flags","noModDB",save_params)) *rw = PR_FALSE;
|
||||
if (sftk_argHasFlag("flags","readOnly",save_params) ||
|
||||
sftk_argHasFlag("flags","noModDB",save_params)) *rw = PR_FALSE;
|
||||
|
||||
if (!secmodName || *secmodName == '\0') {
|
||||
if (secmodName) PORT_Free(secmodName);
|
||||
|
@ -283,7 +283,7 @@ secmod_getSecmodName(char *param, char **appName, char **filename,PRBool *rw)
|
|||
}
|
||||
*filename = secmodName;
|
||||
|
||||
lconfigdir = pk11_EvaluateConfigDir(configdir, appName);
|
||||
lconfigdir = sftk_EvaluateConfigDir(configdir, appName);
|
||||
|
||||
if (lconfigdir) {
|
||||
value = PR_smprintf("%s" PATH_SEPARATOR "%s",lconfigdir,secmodName);
|
||||
|
@ -299,9 +299,9 @@ static SECStatus secmod_MakeKey(DBT *key, char * module) {
|
|||
int len = 0;
|
||||
char *commonName;
|
||||
|
||||
commonName = pk11_argGetParamValue("name",module);
|
||||
commonName = sftk_argGetParamValue("name",module);
|
||||
if (commonName == NULL) {
|
||||
commonName = pk11_argGetParamValue("library",module);
|
||||
commonName = sftk_argGetParamValue("library",module);
|
||||
}
|
||||
if (commonName == NULL) return SECFailure;
|
||||
len = PORT_Strlen(commonName);
|
||||
|
@ -393,7 +393,7 @@ secmod_EncodeData(DBT *data, char * module)
|
|||
PK11PreSlotInfo *slotInfo = NULL;
|
||||
SECStatus rv = SECFailure;
|
||||
|
||||
rv = pk11_argParseModuleSpec(module,&dllName,&commonName,¶m,&nss);
|
||||
rv = sftk_argParseModuleSpec(module,&dllName,&commonName,¶m,&nss);
|
||||
if (rv != SECSuccess) return rv;
|
||||
rv = SECFailure;
|
||||
|
||||
|
@ -410,8 +410,8 @@ secmod_EncodeData(DBT *data, char * module)
|
|||
len3 = PORT_Strlen(param);
|
||||
}
|
||||
|
||||
slotParams = pk11_argGetParamValue("slotParams",nss);
|
||||
slotInfo = pk11_argParseSlotInfo(NULL,slotParams,&count);
|
||||
slotParams = sftk_argGetParamValue("slotParams",nss);
|
||||
slotInfo = sftk_argParseSlotInfo(NULL,slotParams,&count);
|
||||
if (slotParams) PORT_Free(slotParams);
|
||||
|
||||
if (count && slotInfo == NULL) {
|
||||
|
@ -435,24 +435,24 @@ secmod_EncodeData(DBT *data, char * module)
|
|||
encoded->major = SECMOD_DB_VERSION_MAJOR;
|
||||
encoded->minor = SECMOD_DB_VERSION_MINOR;
|
||||
encoded->internal = (unsigned char)
|
||||
(pk11_argHasFlag("flags","internal",nss) ? 1 : 0);
|
||||
(sftk_argHasFlag("flags","internal",nss) ? 1 : 0);
|
||||
encoded->fips = (unsigned char)
|
||||
(pk11_argHasFlag("flags","FIPS",nss) ? 1 : 0);
|
||||
(sftk_argHasFlag("flags","FIPS",nss) ? 1 : 0);
|
||||
encoded->isModuleDB = (unsigned char)
|
||||
(pk11_argHasFlag("flags","isModuleDB",nss) ? 1 : 0);
|
||||
(sftk_argHasFlag("flags","isModuleDB",nss) ? 1 : 0);
|
||||
encoded->isModuleDBOnly = (unsigned char)
|
||||
(pk11_argHasFlag("flags","isModuleDBOnly",nss) ? 1 : 0);
|
||||
(sftk_argHasFlag("flags","isModuleDBOnly",nss) ? 1 : 0);
|
||||
encoded->isCritical = (unsigned char)
|
||||
(pk11_argHasFlag("flags","critical",nss) ? 1 : 0);
|
||||
(sftk_argHasFlag("flags","critical",nss) ? 1 : 0);
|
||||
|
||||
order = pk11_argReadLong("trustOrder",nss, PK11_DEFAULT_TRUST_ORDER, NULL);
|
||||
order = sftk_argReadLong("trustOrder",nss, SFTK_DEFAULT_TRUST_ORDER, NULL);
|
||||
SECMOD_PUTLONG(encoded->trustOrder,order);
|
||||
order = pk11_argReadLong("cipherOrder",nss,PK11_DEFAULT_CIPHER_ORDER,NULL);
|
||||
order = sftk_argReadLong("cipherOrder",nss,SFTK_DEFAULT_CIPHER_ORDER,NULL);
|
||||
SECMOD_PUTLONG(encoded->cipherOrder,order);
|
||||
|
||||
|
||||
ciphers = pk11_argGetParamValue("ciphers",nss);
|
||||
pk11_argSetNewCipherFlags(&ssl[0], ciphers);
|
||||
ciphers = sftk_argGetParamValue("ciphers",nss);
|
||||
sftk_argSetNewCipherFlags(&ssl[0], ciphers);
|
||||
SECMOD_PUTLONG(encoded->ssl,ssl[0]);
|
||||
SECMOD_PUTLONG(&encoded->ssl[4],ssl[1]);
|
||||
if (ciphers) PORT_Free(ciphers);
|
||||
|
@ -549,8 +549,8 @@ secmod_DecodeData(char *defParams, DBT *data, PRBool *retInternal)
|
|||
unsigned long slotID;
|
||||
unsigned long defaultFlags;
|
||||
unsigned long timeout;
|
||||
unsigned long trustOrder =PK11_DEFAULT_TRUST_ORDER;
|
||||
unsigned long cipherOrder =PK11_DEFAULT_CIPHER_ORDER;
|
||||
unsigned long trustOrder =SFTK_DEFAULT_TRUST_ORDER;
|
||||
unsigned long cipherOrder =SFTK_DEFAULT_CIPHER_ORDER;
|
||||
unsigned short len;
|
||||
unsigned short namesOffset = 0; /* start of the names block */
|
||||
unsigned long namesRunningOffset; /* offset to name we are
|
||||
|
@ -726,14 +726,14 @@ secmod_DecodeData(char *defParams, DBT *data, PRBool *retInternal)
|
|||
hasRootCerts = slots->hasRootCerts;
|
||||
if (isOldVersion && internal && (slotID != 2)) {
|
||||
unsigned long internalFlags=
|
||||
pk11_argSlotFlags("slotFlags",SECMOD_SLOT_FLAGS);
|
||||
sftk_argSlotFlags("slotFlags",SECMOD_SLOT_FLAGS);
|
||||
defaultFlags |= internalFlags;
|
||||
}
|
||||
if (hasRootCerts && !extended) {
|
||||
trustOrder = 100;
|
||||
}
|
||||
|
||||
slotStrings[i] = pk11_mkSlotString(slotID, defaultFlags, timeout,
|
||||
slotStrings[i] = sftk_mkSlotString(slotID, defaultFlags, timeout,
|
||||
(unsigned char)slots->askpw,
|
||||
hasRootCerts, hasRootTrust);
|
||||
if (slotStrings[i] == NULL) {
|
||||
|
@ -742,13 +742,13 @@ secmod_DecodeData(char *defParams, DBT *data, PRBool *retInternal)
|
|||
}
|
||||
}
|
||||
|
||||
nss = pk11_mkNSS(slotStrings, slotCount, internal, isFIPS, isModuleDB,
|
||||
nss = sftk_mkNSS(slotStrings, slotCount, internal, isFIPS, isModuleDB,
|
||||
isModuleDBOnly, internal, trustOrder, cipherOrder,
|
||||
ssl0, ssl1);
|
||||
secmod_FreeSlotStrings(slotStrings,slotCount);
|
||||
/* it's permissible (and normal) for nss to be NULL. it simply means
|
||||
* there are no NSS specific parameters in the database */
|
||||
moduleSpec = pk11_mkNewModuleSpec(dllName,commonName,parameters,nss);
|
||||
moduleSpec = sftk_mkNewModuleSpec(dllName,commonName,parameters,nss);
|
||||
PR_smprintf_free(nss);
|
||||
PORT_FreeArena(arena,PR_TRUE);
|
||||
return moduleSpec;
|
||||
|
@ -855,7 +855,7 @@ secmod_addEscape(const char *string, char quote)
|
|||
}
|
||||
|
||||
#define SECMOD_STEP 10
|
||||
#define PK11_DEFAULT_INTERNAL_INIT "library= name=\"NSS Internal PKCS #11 Module\" parameters=\"%s\" NSS=\"Flags=internal,critical trustOrder=75 cipherOrder=100 slotParams=(1={%s askpw=any timeout=30})\""
|
||||
#define SFTK_DEFAULT_INTERNAL_INIT "library= name=\"NSS Internal PKCS #11 Module\" parameters=\"%s\" NSS=\"Flags=internal,critical trustOrder=75 cipherOrder=100 slotParams=(1={%s askpw=any timeout=30})\""
|
||||
/*
|
||||
* Read all the existing modules in
|
||||
*/
|
||||
|
@ -905,7 +905,7 @@ done:
|
|||
if (!moduleList[0]) {
|
||||
char * newparams = secmod_addEscape(params,'"');
|
||||
if (newparams) {
|
||||
moduleList[0] = PR_smprintf(PK11_DEFAULT_INTERNAL_INIT,newparams,
|
||||
moduleList[0] = PR_smprintf(SFTK_DEFAULT_INTERNAL_INIT,newparams,
|
||||
SECMOD_SLOT_FLAGS);
|
||||
PORT_Free(newparams);
|
||||
}
|
||||
|
|
|
@ -51,61 +51,61 @@
|
|||
#include "secmodt.h"
|
||||
#include "pk11init.h"
|
||||
|
||||
#define PK11_ARG_LIBRARY_PARAMETER "library="
|
||||
#define PK11_ARG_NAME_PARAMETER "name="
|
||||
#define PK11_ARG_MODULE_PARAMETER "parameters="
|
||||
#define PK11_ARG_NSS_PARAMETER "NSS="
|
||||
#define PK11_ARG_FORTEZZA_FLAG "FORTEZZA"
|
||||
#define PK11_ARG_ESCAPE '\\'
|
||||
#define SFTK_ARG_LIBRARY_PARAMETER "library="
|
||||
#define SFTK_ARG_NAME_PARAMETER "name="
|
||||
#define SFTK_ARG_MODULE_PARAMETER "parameters="
|
||||
#define SFTK_ARG_NSS_PARAMETER "NSS="
|
||||
#define SFTK_ARG_FORTEZZA_FLAG "FORTEZZA"
|
||||
#define SFTK_ARG_ESCAPE '\\'
|
||||
|
||||
struct pk11argSlotFlagTable {
|
||||
struct sftkargSlotFlagTable {
|
||||
char *name;
|
||||
int len;
|
||||
unsigned long value;
|
||||
};
|
||||
|
||||
#define PK11_DEFAULT_CIPHER_ORDER 0
|
||||
#define PK11_DEFAULT_TRUST_ORDER 50
|
||||
#define SFTK_DEFAULT_CIPHER_ORDER 0
|
||||
#define SFTK_DEFAULT_TRUST_ORDER 50
|
||||
|
||||
|
||||
#define PK11_ARG_ENTRY(arg,flag) \
|
||||
#define SFTK_ARG_ENTRY(arg,flag) \
|
||||
{ #arg , sizeof(#arg)-1, flag }
|
||||
static struct pk11argSlotFlagTable pk11_argSlotFlagTable[] = {
|
||||
PK11_ARG_ENTRY(RSA,SECMOD_RSA_FLAG),
|
||||
PK11_ARG_ENTRY(DSA,SECMOD_RSA_FLAG),
|
||||
PK11_ARG_ENTRY(RC2,SECMOD_RC4_FLAG),
|
||||
PK11_ARG_ENTRY(RC4,SECMOD_RC2_FLAG),
|
||||
PK11_ARG_ENTRY(DES,SECMOD_DES_FLAG),
|
||||
PK11_ARG_ENTRY(DH,SECMOD_DH_FLAG),
|
||||
PK11_ARG_ENTRY(FORTEZZA,SECMOD_FORTEZZA_FLAG),
|
||||
PK11_ARG_ENTRY(RC5,SECMOD_RC5_FLAG),
|
||||
PK11_ARG_ENTRY(SHA1,SECMOD_SHA1_FLAG),
|
||||
PK11_ARG_ENTRY(MD5,SECMOD_MD5_FLAG),
|
||||
PK11_ARG_ENTRY(MD2,SECMOD_MD2_FLAG),
|
||||
PK11_ARG_ENTRY(SSL,SECMOD_SSL_FLAG),
|
||||
PK11_ARG_ENTRY(TLS,SECMOD_TLS_FLAG),
|
||||
PK11_ARG_ENTRY(AES,SECMOD_AES_FLAG),
|
||||
PK11_ARG_ENTRY(PublicCerts,SECMOD_FRIENDLY_FLAG),
|
||||
PK11_ARG_ENTRY(RANDOM,SECMOD_RANDOM_FLAG),
|
||||
static struct sftkargSlotFlagTable sftk_argSlotFlagTable[] = {
|
||||
SFTK_ARG_ENTRY(RSA,SECMOD_RSA_FLAG),
|
||||
SFTK_ARG_ENTRY(DSA,SECMOD_RSA_FLAG),
|
||||
SFTK_ARG_ENTRY(RC2,SECMOD_RC4_FLAG),
|
||||
SFTK_ARG_ENTRY(RC4,SECMOD_RC2_FLAG),
|
||||
SFTK_ARG_ENTRY(DES,SECMOD_DES_FLAG),
|
||||
SFTK_ARG_ENTRY(DH,SECMOD_DH_FLAG),
|
||||
SFTK_ARG_ENTRY(FORTEZZA,SECMOD_FORTEZZA_FLAG),
|
||||
SFTK_ARG_ENTRY(RC5,SECMOD_RC5_FLAG),
|
||||
SFTK_ARG_ENTRY(SHA1,SECMOD_SHA1_FLAG),
|
||||
SFTK_ARG_ENTRY(MD5,SECMOD_MD5_FLAG),
|
||||
SFTK_ARG_ENTRY(MD2,SECMOD_MD2_FLAG),
|
||||
SFTK_ARG_ENTRY(SSL,SECMOD_SSL_FLAG),
|
||||
SFTK_ARG_ENTRY(TLS,SECMOD_TLS_FLAG),
|
||||
SFTK_ARG_ENTRY(AES,SECMOD_AES_FLAG),
|
||||
SFTK_ARG_ENTRY(PublicCerts,SECMOD_FRIENDLY_FLAG),
|
||||
SFTK_ARG_ENTRY(RANDOM,SECMOD_RANDOM_FLAG),
|
||||
};
|
||||
|
||||
#define PK11_HANDLE_STRING_ARG(param,target,value,command) \
|
||||
#define SFTK_HANDLE_STRING_ARG(param,target,value,command) \
|
||||
if (PORT_Strncasecmp(param,value,sizeof(value)-1) == 0) { \
|
||||
param += sizeof(value)-1; \
|
||||
target = pk11_argFetchValue(param,&next); \
|
||||
target = sftk_argFetchValue(param,&next); \
|
||||
param += next; \
|
||||
command ;\
|
||||
} else
|
||||
|
||||
#define PK11_HANDLE_FINAL_ARG(param) \
|
||||
{ param = pk11_argSkipParameter(param); } param = pk11_argStrip(param);
|
||||
#define SFTK_HANDLE_FINAL_ARG(param) \
|
||||
{ param = sftk_argSkipParameter(param); } param = sftk_argStrip(param);
|
||||
|
||||
|
||||
static int pk11_argSlotFlagTableSize =
|
||||
sizeof(pk11_argSlotFlagTable)/sizeof(pk11_argSlotFlagTable[0]);
|
||||
static int sftk_argSlotFlagTableSize =
|
||||
sizeof(sftk_argSlotFlagTable)/sizeof(sftk_argSlotFlagTable[0]);
|
||||
|
||||
|
||||
static PRBool pk11_argGetPair(char c) {
|
||||
static PRBool sftk_argGetPair(char c) {
|
||||
switch (c) {
|
||||
case '\'': return c;
|
||||
case '\"': return c;
|
||||
|
@ -118,15 +118,15 @@ static PRBool pk11_argGetPair(char c) {
|
|||
return ' ';
|
||||
}
|
||||
|
||||
static PRBool pk11_argIsBlank(char c) {
|
||||
static PRBool sftk_argIsBlank(char c) {
|
||||
return isspace(c);
|
||||
}
|
||||
|
||||
static PRBool pk11_argIsEscape(char c) {
|
||||
static PRBool sftk_argIsEscape(char c) {
|
||||
return c == '\\';
|
||||
}
|
||||
|
||||
static PRBool pk11_argIsQuote(char c) {
|
||||
static PRBool sftk_argIsQuote(char c) {
|
||||
switch (c) {
|
||||
case '\'':
|
||||
case '\"':
|
||||
|
@ -139,7 +139,7 @@ static PRBool pk11_argIsQuote(char c) {
|
|||
return PR_FALSE;
|
||||
}
|
||||
|
||||
static PRBool pk11_argHasChar(char *v, char c)
|
||||
static PRBool sftk_argHasChar(char *v, char c)
|
||||
{
|
||||
for ( ;*v; v++) {
|
||||
if (*v == c) return PR_TRUE;
|
||||
|
@ -147,26 +147,26 @@ static PRBool pk11_argHasChar(char *v, char c)
|
|||
return PR_FALSE;
|
||||
}
|
||||
|
||||
static PRBool pk11_argHasBlanks(char *v)
|
||||
static PRBool sftk_argHasBlanks(char *v)
|
||||
{
|
||||
for ( ;*v; v++) {
|
||||
if (pk11_argIsBlank(*v)) return PR_TRUE;
|
||||
if (sftk_argIsBlank(*v)) return PR_TRUE;
|
||||
}
|
||||
return PR_FALSE;
|
||||
}
|
||||
|
||||
static char *pk11_argStrip(char *c) {
|
||||
while (*c && pk11_argIsBlank(*c)) c++;
|
||||
static char *sftk_argStrip(char *c) {
|
||||
while (*c && sftk_argIsBlank(*c)) c++;
|
||||
return c;
|
||||
}
|
||||
|
||||
static char *
|
||||
pk11_argFindEnd(char *string) {
|
||||
sftk_argFindEnd(char *string) {
|
||||
char endChar = ' ';
|
||||
PRBool lastEscape = PR_FALSE;
|
||||
|
||||
if (pk11_argIsQuote(*string)) {
|
||||
endChar = pk11_argGetPair(*string);
|
||||
if (sftk_argIsQuote(*string)) {
|
||||
endChar = sftk_argGetPair(*string);
|
||||
string++;
|
||||
}
|
||||
|
||||
|
@ -175,11 +175,11 @@ pk11_argFindEnd(char *string) {
|
|||
lastEscape = PR_FALSE;
|
||||
continue;
|
||||
}
|
||||
if (pk11_argIsEscape(*string) && !lastEscape) {
|
||||
if (sftk_argIsEscape(*string) && !lastEscape) {
|
||||
lastEscape = PR_TRUE;
|
||||
continue;
|
||||
}
|
||||
if ((endChar == ' ') && pk11_argIsBlank(*string)) break;
|
||||
if ((endChar == ' ') && sftk_argIsBlank(*string)) break;
|
||||
if (*string == endChar) {
|
||||
break;
|
||||
}
|
||||
|
@ -189,9 +189,9 @@ pk11_argFindEnd(char *string) {
|
|||
}
|
||||
|
||||
static char *
|
||||
pk11_argFetchValue(char *string, int *pcount)
|
||||
sftk_argFetchValue(char *string, int *pcount)
|
||||
{
|
||||
char *end = pk11_argFindEnd(string);
|
||||
char *end = sftk_argFindEnd(string);
|
||||
char *retString, *copyString;
|
||||
PRBool lastEscape = PR_FALSE;
|
||||
|
||||
|
@ -202,9 +202,9 @@ pk11_argFetchValue(char *string, int *pcount)
|
|||
copyString = retString = (char *)PORT_Alloc(*pcount);
|
||||
if (retString == NULL) return NULL;
|
||||
|
||||
if (pk11_argIsQuote(*string)) string++;
|
||||
if (sftk_argIsQuote(*string)) string++;
|
||||
for (; string < end; string++) {
|
||||
if (pk11_argIsEscape(*string) && !lastEscape) {
|
||||
if (sftk_argIsEscape(*string) && !lastEscape) {
|
||||
lastEscape = PR_TRUE;
|
||||
continue;
|
||||
}
|
||||
|
@ -216,44 +216,44 @@ pk11_argFetchValue(char *string, int *pcount)
|
|||
}
|
||||
|
||||
static char *
|
||||
pk11_argSkipParameter(char *string)
|
||||
sftk_argSkipParameter(char *string)
|
||||
{
|
||||
char *end;
|
||||
/* look for the end of the <name>= */
|
||||
for (;*string; string++) {
|
||||
if (*string == '=') { string++; break; }
|
||||
if (pk11_argIsBlank(*string)) return(string);
|
||||
if (sftk_argIsBlank(*string)) return(string);
|
||||
}
|
||||
|
||||
end = pk11_argFindEnd(string);
|
||||
end = sftk_argFindEnd(string);
|
||||
if (*end) end++;
|
||||
return end;
|
||||
}
|
||||
|
||||
|
||||
static SECStatus
|
||||
pk11_argParseModuleSpec(char *modulespec, char **lib, char **mod,
|
||||
sftk_argParseModuleSpec(char *modulespec, char **lib, char **mod,
|
||||
char **parameters, char **nss)
|
||||
{
|
||||
int next;
|
||||
modulespec = pk11_argStrip(modulespec);
|
||||
modulespec = sftk_argStrip(modulespec);
|
||||
|
||||
*lib = *mod = *parameters = *nss = 0;
|
||||
|
||||
while (*modulespec) {
|
||||
PK11_HANDLE_STRING_ARG(modulespec,*lib,PK11_ARG_LIBRARY_PARAMETER,;)
|
||||
PK11_HANDLE_STRING_ARG(modulespec,*mod,PK11_ARG_NAME_PARAMETER,;)
|
||||
PK11_HANDLE_STRING_ARG(modulespec,*parameters,
|
||||
PK11_ARG_MODULE_PARAMETER,;)
|
||||
PK11_HANDLE_STRING_ARG(modulespec,*nss,PK11_ARG_NSS_PARAMETER,;)
|
||||
PK11_HANDLE_FINAL_ARG(modulespec)
|
||||
SFTK_HANDLE_STRING_ARG(modulespec,*lib,SFTK_ARG_LIBRARY_PARAMETER,;)
|
||||
SFTK_HANDLE_STRING_ARG(modulespec,*mod,SFTK_ARG_NAME_PARAMETER,;)
|
||||
SFTK_HANDLE_STRING_ARG(modulespec,*parameters,
|
||||
SFTK_ARG_MODULE_PARAMETER,;)
|
||||
SFTK_HANDLE_STRING_ARG(modulespec,*nss,SFTK_ARG_NSS_PARAMETER,;)
|
||||
SFTK_HANDLE_FINAL_ARG(modulespec)
|
||||
}
|
||||
return SECSuccess;
|
||||
}
|
||||
|
||||
|
||||
static char *
|
||||
pk11_argGetParamValue(char *paramName,char *parameters)
|
||||
sftk_argGetParamValue(char *paramName,char *parameters)
|
||||
{
|
||||
char searchValue[256];
|
||||
int paramLen = strlen(paramName);
|
||||
|
@ -269,19 +269,19 @@ pk11_argGetParamValue(char *paramName,char *parameters)
|
|||
while (*parameters) {
|
||||
if (PORT_Strncasecmp(parameters,searchValue,paramLen+1) == 0) {
|
||||
parameters += paramLen+1;
|
||||
returnValue = pk11_argFetchValue(parameters,&next);
|
||||
returnValue = sftk_argFetchValue(parameters,&next);
|
||||
break;
|
||||
} else {
|
||||
parameters = pk11_argSkipParameter(parameters);
|
||||
parameters = sftk_argSkipParameter(parameters);
|
||||
}
|
||||
parameters = pk11_argStrip(parameters);
|
||||
parameters = sftk_argStrip(parameters);
|
||||
}
|
||||
return returnValue;
|
||||
}
|
||||
|
||||
|
||||
static char *
|
||||
pk11_argNextFlag(char *flags)
|
||||
sftk_argNextFlag(char *flags)
|
||||
{
|
||||
for (; *flags ; flags++) {
|
||||
if (*flags == ',') {
|
||||
|
@ -293,16 +293,16 @@ pk11_argNextFlag(char *flags)
|
|||
}
|
||||
|
||||
static PRBool
|
||||
pk11_argHasFlag(char *label, char *flag, char *parameters)
|
||||
sftk_argHasFlag(char *label, char *flag, char *parameters)
|
||||
{
|
||||
char *flags,*index;
|
||||
int len = strlen(flag);
|
||||
PRBool found = PR_FALSE;
|
||||
|
||||
flags = pk11_argGetParamValue(label,parameters);
|
||||
flags = sftk_argGetParamValue(label,parameters);
|
||||
if (flags == NULL) return PR_FALSE;
|
||||
|
||||
for (index=flags; *index; index=pk11_argNextFlag(index)) {
|
||||
for (index=flags; *index; index=sftk_argNextFlag(index)) {
|
||||
if (PORT_Strncasecmp(index,flag,len) == 0) {
|
||||
found=PR_TRUE;
|
||||
break;
|
||||
|
@ -313,14 +313,14 @@ pk11_argHasFlag(char *label, char *flag, char *parameters)
|
|||
}
|
||||
|
||||
static void
|
||||
pk11_argSetNewCipherFlags(unsigned long *newCiphers,char *cipherList)
|
||||
sftk_argSetNewCipherFlags(unsigned long *newCiphers,char *cipherList)
|
||||
{
|
||||
newCiphers[0] = newCiphers[1] = 0;
|
||||
if ((cipherList == NULL) || (*cipherList == 0)) return;
|
||||
|
||||
for (;*cipherList; cipherList=pk11_argNextFlag(cipherList)) {
|
||||
if (PORT_Strncasecmp(cipherList,PK11_ARG_FORTEZZA_FLAG,
|
||||
sizeof(PK11_ARG_FORTEZZA_FLAG)-1) == 0) {
|
||||
for (;*cipherList; cipherList=sftk_argNextFlag(cipherList)) {
|
||||
if (PORT_Strncasecmp(cipherList,SFTK_ARG_FORTEZZA_FLAG,
|
||||
sizeof(SFTK_ARG_FORTEZZA_FLAG)-1) == 0) {
|
||||
newCiphers[0] |= SECMOD_FORTEZZA_FLAG;
|
||||
}
|
||||
|
||||
|
@ -341,7 +341,7 @@ pk11_argSetNewCipherFlags(unsigned long *newCiphers,char *cipherList)
|
|||
* decode a number. handle octal (leading '0'), hex (leading '0x') or decimal
|
||||
*/
|
||||
static long
|
||||
pk11_argDecodeNumber(char *num)
|
||||
sftk_argDecodeNumber(char *num)
|
||||
{
|
||||
int radix = 10;
|
||||
unsigned long value = 0;
|
||||
|
@ -351,7 +351,7 @@ pk11_argDecodeNumber(char *num)
|
|||
|
||||
if (num == NULL) return retValue;
|
||||
|
||||
num = pk11_argStrip(num);
|
||||
num = sftk_argStrip(num);
|
||||
|
||||
if (*num == '-') {
|
||||
sign = -1;
|
||||
|
@ -387,18 +387,18 @@ pk11_argDecodeNumber(char *num)
|
|||
}
|
||||
|
||||
static long
|
||||
pk11_argReadLong(char *label,char *params, long defValue, PRBool *isdefault)
|
||||
sftk_argReadLong(char *label,char *params, long defValue, PRBool *isdefault)
|
||||
{
|
||||
char *value;
|
||||
long retValue;
|
||||
if (isdefault) *isdefault = PR_FALSE;
|
||||
|
||||
value = pk11_argGetParamValue(label,params);
|
||||
value = sftk_argGetParamValue(label,params);
|
||||
if (value == NULL) {
|
||||
if (isdefault) *isdefault = PR_TRUE;
|
||||
return defValue;
|
||||
}
|
||||
retValue = pk11_argDecodeNumber(value);
|
||||
retValue = sftk_argDecodeNumber(value);
|
||||
if (value) PORT_Free(value);
|
||||
|
||||
return retValue;
|
||||
|
@ -406,23 +406,23 @@ pk11_argReadLong(char *label,char *params, long defValue, PRBool *isdefault)
|
|||
|
||||
|
||||
static unsigned long
|
||||
pk11_argSlotFlags(char *label,char *params)
|
||||
sftk_argSlotFlags(char *label,char *params)
|
||||
{
|
||||
char *flags,*index;
|
||||
unsigned long retValue = 0;
|
||||
int i;
|
||||
PRBool all = PR_FALSE;
|
||||
|
||||
flags = pk11_argGetParamValue(label,params);
|
||||
flags = sftk_argGetParamValue(label,params);
|
||||
if (flags == NULL) return 0;
|
||||
|
||||
if (PORT_Strcasecmp(flags,"all") == 0) all = PR_TRUE;
|
||||
|
||||
for (index=flags; *index; index=pk11_argNextFlag(index)) {
|
||||
for (i=0; i < pk11_argSlotFlagTableSize; i++) {
|
||||
if (all || (PORT_Strncasecmp(index, pk11_argSlotFlagTable[i].name,
|
||||
pk11_argSlotFlagTable[i].len) == 0)) {
|
||||
retValue |= pk11_argSlotFlagTable[i].value;
|
||||
for (index=flags; *index; index=sftk_argNextFlag(index)) {
|
||||
for (i=0; i < sftk_argSlotFlagTableSize; i++) {
|
||||
if (all || (PORT_Strncasecmp(index, sftk_argSlotFlagTable[i].name,
|
||||
sftk_argSlotFlagTable[i].len) == 0)) {
|
||||
retValue |= sftk_argSlotFlagTable[i].value;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -432,15 +432,15 @@ pk11_argSlotFlags(char *label,char *params)
|
|||
|
||||
|
||||
static void
|
||||
pk11_argDecodeSingleSlotInfo(char *name,char *params,PK11PreSlotInfo *slotInfo)
|
||||
sftk_argDecodeSingleSlotInfo(char *name,char *params,PK11PreSlotInfo *slotInfo)
|
||||
{
|
||||
char *askpw;
|
||||
|
||||
slotInfo->slotID=pk11_argDecodeNumber(name);
|
||||
slotInfo->defaultFlags=pk11_argSlotFlags("slotFlags",params);
|
||||
slotInfo->timeout=pk11_argReadLong("timeout",params, 0, NULL);
|
||||
slotInfo->slotID=sftk_argDecodeNumber(name);
|
||||
slotInfo->defaultFlags=sftk_argSlotFlags("slotFlags",params);
|
||||
slotInfo->timeout=sftk_argReadLong("timeout",params, 0, NULL);
|
||||
|
||||
askpw = pk11_argGetParamValue("askpw",params);
|
||||
askpw = sftk_argGetParamValue("askpw",params);
|
||||
slotInfo->askpw = 0;
|
||||
|
||||
if (askpw) {
|
||||
|
@ -452,12 +452,12 @@ pk11_argDecodeSingleSlotInfo(char *name,char *params,PK11PreSlotInfo *slotInfo)
|
|||
PORT_Free(askpw);
|
||||
slotInfo->defaultFlags |= PK11_OWN_PW_DEFAULTS;
|
||||
}
|
||||
slotInfo->hasRootCerts = pk11_argHasFlag("rootFlags","hasRootCerts",params);
|
||||
slotInfo->hasRootTrust = pk11_argHasFlag("rootFlags","hasRootTrust",params);
|
||||
slotInfo->hasRootCerts = sftk_argHasFlag("rootFlags","hasRootCerts",params);
|
||||
slotInfo->hasRootTrust = sftk_argHasFlag("rootFlags","hasRootTrust",params);
|
||||
}
|
||||
|
||||
static char *
|
||||
pk11_argGetName(char *inString, int *next)
|
||||
sftk_argGetName(char *inString, int *next)
|
||||
{
|
||||
char *name=NULL;
|
||||
char *string;
|
||||
|
@ -466,7 +466,7 @@ pk11_argGetName(char *inString, int *next)
|
|||
/* look for the end of the <name>= */
|
||||
for (string = inString;*string; string++) {
|
||||
if (*string == '=') { break; }
|
||||
if (pk11_argIsBlank(*string)) break;
|
||||
if (sftk_argIsBlank(*string)) break;
|
||||
}
|
||||
|
||||
len = string - inString;
|
||||
|
@ -482,7 +482,7 @@ pk11_argGetName(char *inString, int *next)
|
|||
}
|
||||
|
||||
static PK11PreSlotInfo *
|
||||
pk11_argParseSlotInfo(PRArenaPool *arena, char *slotParams, int *retCount)
|
||||
sftk_argParseSlotInfo(PRArenaPool *arena, char *slotParams, int *retCount)
|
||||
{
|
||||
char *slotIndex;
|
||||
PK11PreSlotInfo *slotInfo = NULL;
|
||||
|
@ -492,8 +492,8 @@ pk11_argParseSlotInfo(PRArenaPool *arena, char *slotParams, int *retCount)
|
|||
if ((slotParams == NULL) || (*slotParams == 0)) return NULL;
|
||||
|
||||
/* first count the number of slots */
|
||||
for (slotIndex = pk11_argStrip(slotParams); *slotIndex;
|
||||
slotIndex = pk11_argStrip(pk11_argSkipParameter(slotIndex))) {
|
||||
for (slotIndex = sftk_argStrip(slotParams); *slotIndex;
|
||||
slotIndex = sftk_argStrip(sftk_argSkipParameter(slotIndex))) {
|
||||
count++;
|
||||
}
|
||||
|
||||
|
@ -508,38 +508,38 @@ pk11_argParseSlotInfo(PRArenaPool *arena, char *slotParams, int *retCount)
|
|||
}
|
||||
if (slotInfo == NULL) return NULL;
|
||||
|
||||
for (slotIndex = pk11_argStrip(slotParams), i = 0;
|
||||
for (slotIndex = sftk_argStrip(slotParams), i = 0;
|
||||
*slotIndex && i < count ; ) {
|
||||
char *name;
|
||||
name = pk11_argGetName(slotIndex,&next);
|
||||
name = sftk_argGetName(slotIndex,&next);
|
||||
slotIndex += next;
|
||||
|
||||
if (!pk11_argIsBlank(*slotIndex)) {
|
||||
char *args = pk11_argFetchValue(slotIndex,&next);
|
||||
if (!sftk_argIsBlank(*slotIndex)) {
|
||||
char *args = sftk_argFetchValue(slotIndex,&next);
|
||||
slotIndex += next;
|
||||
if (args) {
|
||||
pk11_argDecodeSingleSlotInfo(name,args,&slotInfo[i]);
|
||||
sftk_argDecodeSingleSlotInfo(name,args,&slotInfo[i]);
|
||||
i++;
|
||||
PORT_Free(args);
|
||||
}
|
||||
}
|
||||
if (name) PORT_Free(name);
|
||||
slotIndex = pk11_argStrip(slotIndex);
|
||||
slotIndex = sftk_argStrip(slotIndex);
|
||||
}
|
||||
*retCount = i;
|
||||
return slotInfo;
|
||||
}
|
||||
|
||||
static char *pk11_nullString = "";
|
||||
static char *sftk_nullString = "";
|
||||
|
||||
static char *
|
||||
pk11_formatValue(PRArenaPool *arena, char *value, char quote)
|
||||
sftk_formatValue(PRArenaPool *arena, char *value, char quote)
|
||||
{
|
||||
char *vp,*vp2,*retval;
|
||||
int size = 0, escapes = 0;
|
||||
|
||||
for (vp=value; *vp ;vp++) {
|
||||
if ((*vp == quote) || (*vp == PK11_ARG_ESCAPE)) escapes++;
|
||||
if ((*vp == quote) || (*vp == SFTK_ARG_ESCAPE)) escapes++;
|
||||
size++;
|
||||
}
|
||||
if (arena) {
|
||||
|
@ -550,48 +550,48 @@ pk11_formatValue(PRArenaPool *arena, char *value, char quote)
|
|||
if (retval == NULL) return NULL;
|
||||
vp2 = retval;
|
||||
for (vp=value; *vp; vp++) {
|
||||
if ((*vp == quote) || (*vp == PK11_ARG_ESCAPE))
|
||||
*vp2++ = PK11_ARG_ESCAPE;
|
||||
if ((*vp == quote) || (*vp == SFTK_ARG_ESCAPE))
|
||||
*vp2++ = SFTK_ARG_ESCAPE;
|
||||
*vp2++ = *vp;
|
||||
}
|
||||
return retval;
|
||||
}
|
||||
|
||||
static char *pk11_formatPair(char *name,char *value, char quote)
|
||||
static char *sftk_formatPair(char *name,char *value, char quote)
|
||||
{
|
||||
char openQuote = quote;
|
||||
char closeQuote = pk11_argGetPair(quote);
|
||||
char closeQuote = sftk_argGetPair(quote);
|
||||
char *newValue = NULL;
|
||||
char *returnValue;
|
||||
PRBool need_quote = PR_FALSE;
|
||||
|
||||
if (!value || (*value == 0)) return pk11_nullString;
|
||||
if (!value || (*value == 0)) return sftk_nullString;
|
||||
|
||||
if (pk11_argHasBlanks(value) || pk11_argIsQuote(value[0]))
|
||||
if (sftk_argHasBlanks(value) || sftk_argIsQuote(value[0]))
|
||||
need_quote=PR_TRUE;
|
||||
|
||||
if ((need_quote && pk11_argHasChar(value,closeQuote))
|
||||
|| pk11_argHasChar(value,PK11_ARG_ESCAPE)) {
|
||||
value = newValue = pk11_formatValue(NULL, value,quote);
|
||||
if (newValue == NULL) return pk11_nullString;
|
||||
if ((need_quote && sftk_argHasChar(value,closeQuote))
|
||||
|| sftk_argHasChar(value,SFTK_ARG_ESCAPE)) {
|
||||
value = newValue = sftk_formatValue(NULL, value,quote);
|
||||
if (newValue == NULL) return sftk_nullString;
|
||||
}
|
||||
if (need_quote) {
|
||||
returnValue = PR_smprintf("%s=%c%s%c",name,openQuote,value,closeQuote);
|
||||
} else {
|
||||
returnValue = PR_smprintf("%s=%s",name,value);
|
||||
}
|
||||
if (returnValue == NULL) returnValue = pk11_nullString;
|
||||
if (returnValue == NULL) returnValue = sftk_nullString;
|
||||
|
||||
if (newValue) PORT_Free(newValue);
|
||||
|
||||
return returnValue;
|
||||
}
|
||||
|
||||
static char *pk11_formatIntPair(char *name,unsigned long value, unsigned long def)
|
||||
static char *sftk_formatIntPair(char *name,unsigned long value, unsigned long def)
|
||||
{
|
||||
char *returnValue;
|
||||
|
||||
if (value == def) return pk11_nullString;
|
||||
if (value == def) return sftk_nullString;
|
||||
|
||||
returnValue = PR_smprintf("%s=%d",name,value);
|
||||
|
||||
|
@ -599,9 +599,9 @@ static char *pk11_formatIntPair(char *name,unsigned long value, unsigned long de
|
|||
}
|
||||
|
||||
static void
|
||||
pk11_freePair(char *pair)
|
||||
sftk_freePair(char *pair)
|
||||
{
|
||||
if (pair && pair != pk11_nullString) {
|
||||
if (pair && pair != sftk_nullString) {
|
||||
PR_smprintf_free(pair);
|
||||
}
|
||||
}
|
||||
|
@ -609,7 +609,7 @@ pk11_freePair(char *pair)
|
|||
#define MAX_FLAG_SIZE sizeof("internal")+sizeof("FIPS")+sizeof("moduleDB")+\
|
||||
sizeof("moduleDBOnly")+sizeof("critical")
|
||||
static char *
|
||||
pk11_mkNSSFlags(PRBool internal, PRBool isFIPS,
|
||||
sftk_mkNSSFlags(PRBool internal, PRBool isFIPS,
|
||||
PRBool isModuleDB, PRBool isModuleDBOnly, PRBool isCritical)
|
||||
{
|
||||
char *flags = (char *)PORT_ZAlloc(MAX_FLAG_SIZE);
|
||||
|
@ -644,7 +644,7 @@ pk11_mkNSSFlags(PRBool internal, PRBool isFIPS,
|
|||
}
|
||||
|
||||
static char *
|
||||
pk11_mkCipherFlags(unsigned long ssl0, unsigned long ssl1)
|
||||
sftk_mkCipherFlags(unsigned long ssl0, unsigned long ssl1)
|
||||
{
|
||||
char *cipher = NULL;
|
||||
int i;
|
||||
|
@ -685,7 +685,7 @@ pk11_mkCipherFlags(unsigned long ssl0, unsigned long ssl1)
|
|||
}
|
||||
|
||||
static char *
|
||||
pk11_mkSlotFlags(unsigned long defaultFlags)
|
||||
sftk_mkSlotFlags(unsigned long defaultFlags)
|
||||
{
|
||||
char *flags=NULL;
|
||||
int i,j;
|
||||
|
@ -694,9 +694,9 @@ pk11_mkSlotFlags(unsigned long defaultFlags)
|
|||
if (defaultFlags & (1<<i)) {
|
||||
char *string = NULL;
|
||||
|
||||
for (j=0; j < pk11_argSlotFlagTableSize; j++) {
|
||||
if (pk11_argSlotFlagTable[j].value == (((unsigned long)1)<<i)) {
|
||||
string = pk11_argSlotFlagTable[j].name;
|
||||
for (j=0; j < sftk_argSlotFlagTableSize; j++) {
|
||||
if (sftk_argSlotFlagTable[j].value == (((unsigned long)1)<<i)) {
|
||||
string = sftk_argSlotFlagTable[j].name;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
@ -716,15 +716,15 @@ pk11_mkSlotFlags(unsigned long defaultFlags)
|
|||
return flags;
|
||||
}
|
||||
|
||||
#define PK11_MAX_ROOT_FLAG_SIZE sizeof("hasRootCerts")+sizeof("hasRootTrust")
|
||||
#define SFTK_MAX_ROOT_FLAG_SIZE sizeof("hasRootCerts")+sizeof("hasRootTrust")
|
||||
|
||||
static char *
|
||||
pk11_mkRootFlags(PRBool hasRootCerts, PRBool hasRootTrust)
|
||||
sftk_mkRootFlags(PRBool hasRootCerts, PRBool hasRootTrust)
|
||||
{
|
||||
char *flags= (char *)PORT_ZAlloc(PK11_MAX_ROOT_FLAG_SIZE);
|
||||
char *flags= (char *)PORT_ZAlloc(SFTK_MAX_ROOT_FLAG_SIZE);
|
||||
PRBool first = PR_TRUE;
|
||||
|
||||
PORT_Memset(flags,0,PK11_MAX_ROOT_FLAG_SIZE);
|
||||
PORT_Memset(flags,0,SFTK_MAX_ROOT_FLAG_SIZE);
|
||||
if (hasRootCerts) {
|
||||
PORT_Strcat(flags,"hasRootCerts");
|
||||
first = PR_FALSE;
|
||||
|
@ -738,7 +738,7 @@ pk11_mkRootFlags(PRBool hasRootCerts, PRBool hasRootTrust)
|
|||
}
|
||||
|
||||
static char *
|
||||
pk11_mkSlotString(unsigned long slotID, unsigned long defaultFlags,
|
||||
sftk_mkSlotString(unsigned long slotID, unsigned long defaultFlags,
|
||||
unsigned long timeout, unsigned char askpw_in,
|
||||
PRBool hasRootCerts, PRBool hasRootTrust) {
|
||||
char *askpw,*flags,*rootFlags,*slotString;
|
||||
|
@ -755,10 +755,10 @@ pk11_mkSlotString(unsigned long slotID, unsigned long defaultFlags,
|
|||
askpw = "any";
|
||||
break;
|
||||
}
|
||||
flags = pk11_mkSlotFlags(defaultFlags);
|
||||
rootFlags = pk11_mkRootFlags(hasRootCerts,hasRootTrust);
|
||||
flagPair=pk11_formatPair("slotFlags",flags,'\'');
|
||||
rootFlagsPair=pk11_formatPair("rootFlags",rootFlags,'\'');
|
||||
flags = sftk_mkSlotFlags(defaultFlags);
|
||||
rootFlags = sftk_mkRootFlags(hasRootCerts,hasRootTrust);
|
||||
flagPair=sftk_formatPair("slotFlags",flags,'\'');
|
||||
rootFlagsPair=sftk_formatPair("rootFlags",rootFlags,'\'');
|
||||
if (flags) PR_smprintf_free(flags);
|
||||
if (rootFlags) PORT_Free(rootFlags);
|
||||
if (defaultFlags & PK11_OWN_PW_DEFAULTS) {
|
||||
|
@ -769,13 +769,13 @@ pk11_mkSlotString(unsigned long slotID, unsigned long defaultFlags,
|
|||
slotString = PR_smprintf("0x%08lx=[%s %s]",
|
||||
(PRUint32)slotID,flagPair,rootFlagsPair);
|
||||
}
|
||||
pk11_freePair(flagPair);
|
||||
pk11_freePair(rootFlagsPair);
|
||||
sftk_freePair(flagPair);
|
||||
sftk_freePair(rootFlagsPair);
|
||||
return slotString;
|
||||
}
|
||||
|
||||
static char *
|
||||
pk11_mkNSS(char **slotStrings, int slotCount, PRBool internal, PRBool isFIPS,
|
||||
sftk_mkNSS(char **slotStrings, int slotCount, PRBool internal, PRBool isFIPS,
|
||||
PRBool isModuleDB, PRBool isModuleDBOnly, PRBool isCritical,
|
||||
unsigned long trustOrder, unsigned long cipherOrder,
|
||||
unsigned long ssl0, unsigned long ssl1) {
|
||||
|
@ -805,29 +805,29 @@ pk11_mkNSS(char **slotStrings, int slotCount, PRBool internal, PRBool isFIPS,
|
|||
/*
|
||||
* now the NSS structure
|
||||
*/
|
||||
nssFlags = pk11_mkNSSFlags(internal,isFIPS,isModuleDB,isModuleDBOnly,
|
||||
nssFlags = sftk_mkNSSFlags(internal,isFIPS,isModuleDB,isModuleDBOnly,
|
||||
isCritical);
|
||||
/* for now only the internal module is critical */
|
||||
ciphers = pk11_mkCipherFlags(ssl0, ssl1);
|
||||
ciphers = sftk_mkCipherFlags(ssl0, ssl1);
|
||||
|
||||
trustOrderPair=pk11_formatIntPair("trustOrder",trustOrder,
|
||||
PK11_DEFAULT_TRUST_ORDER);
|
||||
cipherOrderPair=pk11_formatIntPair("cipherOrder",cipherOrder,
|
||||
PK11_DEFAULT_CIPHER_ORDER);
|
||||
slotPair=pk11_formatPair("slotParams",slotParams,'{'); /* } */
|
||||
trustOrderPair=sftk_formatIntPair("trustOrder",trustOrder,
|
||||
SFTK_DEFAULT_TRUST_ORDER);
|
||||
cipherOrderPair=sftk_formatIntPair("cipherOrder",cipherOrder,
|
||||
SFTK_DEFAULT_CIPHER_ORDER);
|
||||
slotPair=sftk_formatPair("slotParams",slotParams,'{'); /* } */
|
||||
if (slotParams) PORT_Free(slotParams);
|
||||
cipherPair=pk11_formatPair("ciphers",ciphers,'\'');
|
||||
cipherPair=sftk_formatPair("ciphers",ciphers,'\'');
|
||||
if (ciphers) PR_smprintf_free(ciphers);
|
||||
flagPair=pk11_formatPair("Flags",nssFlags,'\'');
|
||||
flagPair=sftk_formatPair("Flags",nssFlags,'\'');
|
||||
if (nssFlags) PORT_Free(nssFlags);
|
||||
nss = PR_smprintf("%s %s %s %s %s",trustOrderPair,
|
||||
cipherOrderPair,slotPair,cipherPair,flagPair);
|
||||
pk11_freePair(trustOrderPair);
|
||||
pk11_freePair(cipherOrderPair);
|
||||
pk11_freePair(slotPair);
|
||||
pk11_freePair(cipherPair);
|
||||
pk11_freePair(flagPair);
|
||||
tmp = pk11_argStrip(nss);
|
||||
sftk_freePair(trustOrderPair);
|
||||
sftk_freePair(cipherOrderPair);
|
||||
sftk_freePair(slotPair);
|
||||
sftk_freePair(cipherPair);
|
||||
sftk_freePair(flagPair);
|
||||
tmp = sftk_argStrip(nss);
|
||||
if (*tmp == '\0') {
|
||||
PR_smprintf_free(nss);
|
||||
nss = NULL;
|
||||
|
@ -836,7 +836,7 @@ pk11_mkNSS(char **slotStrings, int slotCount, PRBool internal, PRBool isFIPS,
|
|||
}
|
||||
|
||||
static char *
|
||||
pk11_mkNewModuleSpec(char *dllName, char *commonName, char *parameters,
|
||||
sftk_mkNewModuleSpec(char *dllName, char *commonName, char *parameters,
|
||||
char *NSS) {
|
||||
char *moduleSpec;
|
||||
char *lib,*name,*param,*nss;
|
||||
|
@ -844,15 +844,15 @@ pk11_mkNewModuleSpec(char *dllName, char *commonName, char *parameters,
|
|||
/*
|
||||
* now the final spec
|
||||
*/
|
||||
lib = pk11_formatPair("library",dllName,'\"');
|
||||
name = pk11_formatPair("name",commonName,'\"');
|
||||
param = pk11_formatPair("parameters",parameters,'\"');
|
||||
nss = pk11_formatPair("NSS",NSS,'\"');
|
||||
lib = sftk_formatPair("library",dllName,'\"');
|
||||
name = sftk_formatPair("name",commonName,'\"');
|
||||
param = sftk_formatPair("parameters",parameters,'\"');
|
||||
nss = sftk_formatPair("NSS",NSS,'\"');
|
||||
moduleSpec = PR_smprintf("%s %s %s %s", lib,name,param,nss);
|
||||
pk11_freePair(lib);
|
||||
pk11_freePair(name);
|
||||
pk11_freePair(param);
|
||||
pk11_freePair(nss);
|
||||
sftk_freePair(lib);
|
||||
sftk_freePair(name);
|
||||
sftk_freePair(param);
|
||||
sftk_freePair(nss);
|
||||
return (moduleSpec);
|
||||
}
|
||||
|
||||
|
|
Разница между файлами не показана из-за своего большого размера
Загрузить разницу
Разница между файлами не показана из-за своего большого размера
Загрузить разницу
|
@ -121,30 +121,30 @@
|
|||
/* NOSPREAD sessionID to hash table index macro has been slower. */
|
||||
|
||||
/* define typedefs, double as forward declarations as well */
|
||||
typedef struct PK11AttributeStr PK11Attribute;
|
||||
typedef struct PK11ObjectListStr PK11ObjectList;
|
||||
typedef struct PK11ObjectFreeListStr PK11ObjectFreeList;
|
||||
typedef struct PK11ObjectListElementStr PK11ObjectListElement;
|
||||
typedef struct PK11ObjectStr PK11Object;
|
||||
typedef struct PK11SessionObjectStr PK11SessionObject;
|
||||
typedef struct PK11TokenObjectStr PK11TokenObject;
|
||||
typedef struct PK11SessionStr PK11Session;
|
||||
typedef struct PK11SlotStr PK11Slot;
|
||||
typedef struct PK11SessionContextStr PK11SessionContext;
|
||||
typedef struct PK11SearchResultsStr PK11SearchResults;
|
||||
typedef struct PK11HashVerifyInfoStr PK11HashVerifyInfo;
|
||||
typedef struct PK11HashSignInfoStr PK11HashSignInfo;
|
||||
typedef struct PK11SSLMACInfoStr PK11SSLMACInfo;
|
||||
typedef struct SFTKAttributeStr SFTKAttribute;
|
||||
typedef struct SFTKObjectListStr SFTKObjectList;
|
||||
typedef struct SFTKObjectFreeListStr SFTKObjectFreeList;
|
||||
typedef struct SFTKObjectListElementStr SFTKObjectListElement;
|
||||
typedef struct SFTKObjectStr SFTKObject;
|
||||
typedef struct SFTKSessionObjectStr SFTKSessionObject;
|
||||
typedef struct SFTKTokenObjectStr SFTKTokenObject;
|
||||
typedef struct SFTKSessionStr SFTKSession;
|
||||
typedef struct SFTKSlotStr SFTKSlot;
|
||||
typedef struct SFTKSessionContextStr SFTKSessionContext;
|
||||
typedef struct SFTKSearchResultsStr SFTKSearchResults;
|
||||
typedef struct SFTKHashVerifyInfoStr SFTKHashVerifyInfo;
|
||||
typedef struct SFTKHashSignInfoStr SFTKHashSignInfo;
|
||||
typedef struct SFTKSSLMACInfoStr SFTKSSLMACInfo;
|
||||
|
||||
/* define function pointer typdefs for pointer tables */
|
||||
typedef void (*PK11Destroy)(void *, PRBool);
|
||||
typedef void (*PK11Begin)(void *);
|
||||
typedef SECStatus (*PK11Cipher)(void *,void *,unsigned int *,unsigned int,
|
||||
typedef void (*SFTKDestroy)(void *, PRBool);
|
||||
typedef void (*SFTKBegin)(void *);
|
||||
typedef SECStatus (*SFTKCipher)(void *,void *,unsigned int *,unsigned int,
|
||||
void *, unsigned int);
|
||||
typedef SECStatus (*PK11Verify)(void *,void *,unsigned int,void *,unsigned int);
|
||||
typedef void (*PK11Hash)(void *,void *,unsigned int);
|
||||
typedef void (*PK11End)(void *,void *,unsigned int *,unsigned int);
|
||||
typedef void (*PK11Free)(void *);
|
||||
typedef SECStatus (*SFTKVerify)(void *,void *,unsigned int,void *,unsigned int);
|
||||
typedef void (*SFTKHash)(void *,void *,unsigned int);
|
||||
typedef void (*SFTKEnd)(void *,void *,unsigned int *,unsigned int);
|
||||
typedef void (*SFTKFree)(void *);
|
||||
|
||||
/* Value to tell if an attribute is modifiable or not.
|
||||
* NEVER: attribute is only set on creation.
|
||||
|
@ -153,31 +153,31 @@ typedef void (*PK11Free)(void *);
|
|||
* ALWAYS: attribute can always be changed.
|
||||
*/
|
||||
typedef enum {
|
||||
PK11_NEVER = 0,
|
||||
PK11_ONCOPY = 1,
|
||||
PK11_SENSITIVE = 2,
|
||||
PK11_ALWAYS = 3
|
||||
} PK11ModifyType;
|
||||
SFTK_NEVER = 0,
|
||||
SFTK_ONCOPY = 1,
|
||||
SFTK_SENSITIVE = 2,
|
||||
SFTK_ALWAYS = 3
|
||||
} SFTKModifyType;
|
||||
|
||||
/*
|
||||
* Free Status Enum... tell us more information when we think we're
|
||||
* deleting an object.
|
||||
*/
|
||||
typedef enum {
|
||||
PK11_DestroyFailure,
|
||||
PK11_Destroyed,
|
||||
PK11_Busy
|
||||
} PK11FreeStatus;
|
||||
SFTK_DestroyFailure,
|
||||
SFTK_Destroyed,
|
||||
SFTK_Busy
|
||||
} SFTKFreeStatus;
|
||||
|
||||
/*
|
||||
* attribute values of an object.
|
||||
*/
|
||||
struct PK11AttributeStr {
|
||||
PK11Attribute *next;
|
||||
PK11Attribute *prev;
|
||||
struct SFTKAttributeStr {
|
||||
SFTKAttribute *next;
|
||||
SFTKAttribute *prev;
|
||||
PRBool freeAttr;
|
||||
PRBool freeData;
|
||||
/*must be called handle to make pk11queue_find work */
|
||||
/*must be called handle to make sftkqueue_find work */
|
||||
CK_ATTRIBUTE_TYPE handle;
|
||||
CK_ATTRIBUTE attrib;
|
||||
unsigned char space[ATTR_SPACE];
|
||||
|
@ -187,14 +187,14 @@ struct PK11AttributeStr {
|
|||
/*
|
||||
* doubly link list of objects
|
||||
*/
|
||||
struct PK11ObjectListStr {
|
||||
PK11ObjectList *next;
|
||||
PK11ObjectList *prev;
|
||||
PK11Object *parent;
|
||||
struct SFTKObjectListStr {
|
||||
SFTKObjectList *next;
|
||||
SFTKObjectList *prev;
|
||||
SFTKObject *parent;
|
||||
};
|
||||
|
||||
struct PK11ObjectFreeListStr {
|
||||
PK11Object *head;
|
||||
struct SFTKObjectFreeListStr {
|
||||
SFTKObject *head;
|
||||
PZLock *lock;
|
||||
int count;
|
||||
};
|
||||
|
@ -202,48 +202,48 @@ struct PK11ObjectFreeListStr {
|
|||
/*
|
||||
* PKCS 11 crypto object structure
|
||||
*/
|
||||
struct PK11ObjectStr {
|
||||
PK11Object *next;
|
||||
PK11Object *prev;
|
||||
struct SFTKObjectStr {
|
||||
SFTKObject *next;
|
||||
SFTKObject *prev;
|
||||
CK_OBJECT_CLASS objclass;
|
||||
CK_OBJECT_HANDLE handle;
|
||||
int refCount;
|
||||
PZLock *refLock;
|
||||
PK11Slot *slot;
|
||||
SFTKSlot *slot;
|
||||
void *objectInfo;
|
||||
PK11Free infoFree;
|
||||
SFTKFree infoFree;
|
||||
};
|
||||
|
||||
struct PK11TokenObjectStr {
|
||||
PK11Object obj;
|
||||
struct SFTKTokenObjectStr {
|
||||
SFTKObject obj;
|
||||
SECItem dbKey;
|
||||
};
|
||||
|
||||
struct PK11SessionObjectStr {
|
||||
PK11Object obj;
|
||||
PK11ObjectList sessionList;
|
||||
struct SFTKSessionObjectStr {
|
||||
SFTKObject obj;
|
||||
SFTKObjectList sessionList;
|
||||
PZLock *attributeLock;
|
||||
PK11Session *session;
|
||||
SFTKSession *session;
|
||||
PRBool wasDerived;
|
||||
int nextAttr;
|
||||
PK11Attribute attrList[MAX_OBJS_ATTRS];
|
||||
SFTKAttribute attrList[MAX_OBJS_ATTRS];
|
||||
PRBool optimizeSpace;
|
||||
unsigned int hashSize;
|
||||
PK11Attribute *head[1];
|
||||
SFTKAttribute *head[1];
|
||||
};
|
||||
|
||||
/*
|
||||
* struct to deal with a temparary list of objects
|
||||
*/
|
||||
struct PK11ObjectListElementStr {
|
||||
PK11ObjectListElement *next;
|
||||
PK11Object *object;
|
||||
struct SFTKObjectListElementStr {
|
||||
SFTKObjectListElement *next;
|
||||
SFTKObject *object;
|
||||
};
|
||||
|
||||
/*
|
||||
* Area to hold Search results
|
||||
*/
|
||||
struct PK11SearchResultsStr {
|
||||
struct SFTKSearchResultsStr {
|
||||
CK_OBJECT_HANDLE *handles;
|
||||
int size;
|
||||
int index;
|
||||
|
@ -255,50 +255,50 @@ struct PK11SearchResultsStr {
|
|||
* the universal crypto/hash/sign/verify context structure
|
||||
*/
|
||||
typedef enum {
|
||||
PK11_ENCRYPT,
|
||||
PK11_DECRYPT,
|
||||
PK11_HASH,
|
||||
PK11_SIGN,
|
||||
PK11_SIGN_RECOVER,
|
||||
PK11_VERIFY,
|
||||
PK11_VERIFY_RECOVER
|
||||
} PK11ContextType;
|
||||
SFTK_ENCRYPT,
|
||||
SFTK_DECRYPT,
|
||||
SFTK_HASH,
|
||||
SFTK_SIGN,
|
||||
SFTK_SIGN_RECOVER,
|
||||
SFTK_VERIFY,
|
||||
SFTK_VERIFY_RECOVER
|
||||
} SFTKContextType;
|
||||
|
||||
|
||||
#define PK11_MAX_BLOCK_SIZE 16
|
||||
#define SFTK_MAX_BLOCK_SIZE 16
|
||||
/* currently SHA512 is the biggest hash length */
|
||||
#define PK11_MAX_MAC_LENGTH 64
|
||||
#define PK11_INVALID_MAC_SIZE 0xffffffff
|
||||
#define SFTK_MAX_MAC_LENGTH 64
|
||||
#define SFTK_INVALID_MAC_SIZE 0xffffffff
|
||||
|
||||
struct PK11SessionContextStr {
|
||||
PK11ContextType type;
|
||||
struct SFTKSessionContextStr {
|
||||
SFTKContextType type;
|
||||
PRBool multi; /* is multipart */
|
||||
PRBool doPad; /* use PKCS padding for block ciphers */
|
||||
unsigned int blockSize; /* blocksize for padding */
|
||||
unsigned int padDataLength; /* length of the valid data in padbuf */
|
||||
unsigned char padBuf[PK11_MAX_BLOCK_SIZE];
|
||||
unsigned char macBuf[PK11_MAX_BLOCK_SIZE];
|
||||
unsigned char padBuf[SFTK_MAX_BLOCK_SIZE];
|
||||
unsigned char macBuf[SFTK_MAX_BLOCK_SIZE];
|
||||
CK_ULONG macSize; /* size of a general block cipher mac*/
|
||||
void *cipherInfo;
|
||||
void *hashInfo;
|
||||
unsigned int cipherInfoLen;
|
||||
CK_MECHANISM_TYPE currentMech;
|
||||
PK11Cipher update;
|
||||
PK11Hash hashUpdate;
|
||||
PK11End end;
|
||||
PK11Destroy destroy;
|
||||
PK11Destroy hashdestroy;
|
||||
PK11Verify verify;
|
||||
SFTKCipher update;
|
||||
SFTKHash hashUpdate;
|
||||
SFTKEnd end;
|
||||
SFTKDestroy destroy;
|
||||
SFTKDestroy hashdestroy;
|
||||
SFTKVerify verify;
|
||||
unsigned int maxLen;
|
||||
PK11Object *key;
|
||||
SFTKObject *key;
|
||||
};
|
||||
|
||||
/*
|
||||
* Sessions (have objects)
|
||||
*/
|
||||
struct PK11SessionStr {
|
||||
PK11Session *next;
|
||||
PK11Session *prev;
|
||||
struct SFTKSessionStr {
|
||||
SFTKSession *next;
|
||||
SFTKSession *prev;
|
||||
CK_SESSION_HANDLE handle;
|
||||
int refCount;
|
||||
PZLock *objectLock;
|
||||
|
@ -306,12 +306,12 @@ struct PK11SessionStr {
|
|||
CK_SESSION_INFO info;
|
||||
CK_NOTIFY notify;
|
||||
CK_VOID_PTR appData;
|
||||
PK11Slot *slot;
|
||||
PK11SearchResults *search;
|
||||
PK11SessionContext *enc_context;
|
||||
PK11SessionContext *hash_context;
|
||||
PK11SessionContext *sign_context;
|
||||
PK11ObjectList *objects[1];
|
||||
SFTKSlot *slot;
|
||||
SFTKSearchResults *search;
|
||||
SFTKSessionContext *enc_context;
|
||||
SFTKSessionContext *hash_context;
|
||||
SFTKSessionContext *sign_context;
|
||||
SFTKObjectList *objects[1];
|
||||
};
|
||||
|
||||
/*
|
||||
|
@ -324,7 +324,7 @@ struct PK11SessionStr {
|
|||
* and slotLock protects the remaining protected elements:
|
||||
* password, isLoggedIn, ssoLoggedIn, and sessionCount
|
||||
*/
|
||||
struct PK11SlotStr {
|
||||
struct SFTKSlotStr {
|
||||
CK_SLOT_ID slotID;
|
||||
PZLock *slotLock;
|
||||
PZLock **sessionLock;
|
||||
|
@ -349,9 +349,9 @@ struct PK11SlotStr {
|
|||
int tokenIDCount;
|
||||
int index;
|
||||
PLHashTable *tokenHashTable;
|
||||
PK11Object **tokObjects;
|
||||
SFTKObject **tokObjects;
|
||||
unsigned int tokObjHashSize;
|
||||
PK11Session **head;
|
||||
SFTKSession **head;
|
||||
unsigned int sessHashSize;
|
||||
char tokDescription[33];
|
||||
char slotDescription[64];
|
||||
|
@ -360,22 +360,22 @@ struct PK11SlotStr {
|
|||
/*
|
||||
* special joint operations Contexts
|
||||
*/
|
||||
struct PK11HashVerifyInfoStr {
|
||||
struct SFTKHashVerifyInfoStr {
|
||||
SECOidTag hashOid;
|
||||
NSSLOWKEYPublicKey *key;
|
||||
};
|
||||
|
||||
struct PK11HashSignInfoStr {
|
||||
struct SFTKHashSignInfoStr {
|
||||
SECOidTag hashOid;
|
||||
NSSLOWKEYPrivateKey *key;
|
||||
};
|
||||
|
||||
/* context for the Final SSLMAC message */
|
||||
struct PK11SSLMACInfoStr {
|
||||
struct SFTKSSLMACInfoStr {
|
||||
void *hashContext;
|
||||
PK11Begin begin;
|
||||
PK11Hash update;
|
||||
PK11End end;
|
||||
SFTKBegin begin;
|
||||
SFTKHash update;
|
||||
SFTKEnd end;
|
||||
CK_ULONG macSize;
|
||||
int padSize;
|
||||
unsigned char key[MAX_KEY_LEN];
|
||||
|
@ -385,27 +385,27 @@ struct PK11SSLMACInfoStr {
|
|||
/*
|
||||
* session handle modifiers
|
||||
*/
|
||||
#define PK11_SESSION_SLOT_MASK 0xff000000L
|
||||
#define SFTK_SESSION_SLOT_MASK 0xff000000L
|
||||
|
||||
/*
|
||||
* object handle modifiers
|
||||
*/
|
||||
#define PK11_TOKEN_MASK 0x80000000L
|
||||
#define PK11_TOKEN_MAGIC 0x80000000L
|
||||
#define PK11_TOKEN_TYPE_MASK 0x70000000L
|
||||
#define SFTK_TOKEN_MASK 0x80000000L
|
||||
#define SFTK_TOKEN_MAGIC 0x80000000L
|
||||
#define SFTK_TOKEN_TYPE_MASK 0x70000000L
|
||||
/* keydb (high bit == 0) */
|
||||
#define PK11_TOKEN_TYPE_PRIV 0x10000000L
|
||||
#define PK11_TOKEN_TYPE_PUB 0x20000000L
|
||||
#define PK11_TOKEN_TYPE_KEY 0x30000000L
|
||||
#define SFTK_TOKEN_TYPE_PRIV 0x10000000L
|
||||
#define SFTK_TOKEN_TYPE_PUB 0x20000000L
|
||||
#define SFTK_TOKEN_TYPE_KEY 0x30000000L
|
||||
/* certdb (high bit == 1) */
|
||||
#define PK11_TOKEN_TYPE_TRUST 0x40000000L
|
||||
#define PK11_TOKEN_TYPE_CRL 0x50000000L
|
||||
#define PK11_TOKEN_TYPE_SMIME 0x60000000L
|
||||
#define PK11_TOKEN_TYPE_CERT 0x70000000L
|
||||
#define SFTK_TOKEN_TYPE_TRUST 0x40000000L
|
||||
#define SFTK_TOKEN_TYPE_CRL 0x50000000L
|
||||
#define SFTK_TOKEN_TYPE_SMIME 0x60000000L
|
||||
#define SFTK_TOKEN_TYPE_CERT 0x70000000L
|
||||
|
||||
#define PK11_TOKEN_KRL_HANDLE (PK11_TOKEN_MAGIC|PK11_TOKEN_TYPE_CRL|1)
|
||||
#define SFTK_TOKEN_KRL_HANDLE (SFTK_TOKEN_MAGIC|SFTK_TOKEN_TYPE_CRL|1)
|
||||
/* how big a password/pin we can deal with */
|
||||
#define PK11_MAX_PIN 255
|
||||
#define SFTK_MAX_PIN 255
|
||||
|
||||
/* slot ID's */
|
||||
#define NETSCAPE_SLOT_ID 1
|
||||
|
@ -413,39 +413,39 @@ struct PK11SSLMACInfoStr {
|
|||
#define FIPS_SLOT_ID 3
|
||||
|
||||
/* slot helper macros */
|
||||
#define pk11_SlotFromSession(sp) ((sp)->slot)
|
||||
#define pk11_isToken(id) (((id) & PK11_TOKEN_MASK) == PK11_TOKEN_MAGIC)
|
||||
#define sftk_SlotFromSession(sp) ((sp)->slot)
|
||||
#define sftk_isToken(id) (((id) & SFTK_TOKEN_MASK) == SFTK_TOKEN_MAGIC)
|
||||
|
||||
/* the session hash multiplier (see bug 201081) */
|
||||
#define SHMULTIPLIER 1791398085
|
||||
|
||||
/* queueing helper macros */
|
||||
#define pk11_hash(value,size) \
|
||||
#define sftk_hash(value,size) \
|
||||
((PRUint32)((value) * SHMULTIPLIER) & (size-1))
|
||||
#define pk11queue_add(element,id,head,hash_size) \
|
||||
{ int tmp = pk11_hash(id,hash_size); \
|
||||
#define sftkqueue_add(element,id,head,hash_size) \
|
||||
{ int tmp = sftk_hash(id,hash_size); \
|
||||
(element)->next = (head)[tmp]; \
|
||||
(element)->prev = NULL; \
|
||||
if ((head)[tmp]) (head)[tmp]->prev = (element); \
|
||||
(head)[tmp] = (element); }
|
||||
#define pk11queue_find(element,id,head,hash_size) \
|
||||
for( (element) = (head)[pk11_hash(id,hash_size)]; (element) != NULL; \
|
||||
#define sftkqueue_find(element,id,head,hash_size) \
|
||||
for( (element) = (head)[sftk_hash(id,hash_size)]; (element) != NULL; \
|
||||
(element) = (element)->next) { \
|
||||
if ((element)->handle == (id)) { break; } }
|
||||
#define pk11queue_is_queued(element,id,head,hash_size) \
|
||||
#define sftkqueue_is_queued(element,id,head,hash_size) \
|
||||
( ((element)->next) || ((element)->prev) || \
|
||||
((head)[pk11_hash(id,hash_size)] == (element)) )
|
||||
#define pk11queue_delete(element,id,head,hash_size) \
|
||||
((head)[sftk_hash(id,hash_size)] == (element)) )
|
||||
#define sftkqueue_delete(element,id,head,hash_size) \
|
||||
if ((element)->next) (element)->next->prev = (element)->prev; \
|
||||
if ((element)->prev) (element)->prev->next = (element)->next; \
|
||||
else (head)[pk11_hash(id,hash_size)] = ((element)->next); \
|
||||
else (head)[sftk_hash(id,hash_size)] = ((element)->next); \
|
||||
(element)->next = NULL; \
|
||||
(element)->prev = NULL; \
|
||||
|
||||
#define pk11queue_init_element(element) \
|
||||
#define sftkqueue_init_element(element) \
|
||||
(element)->prev = NULL;
|
||||
|
||||
#define pk11queue_add2(element, id, index, head) \
|
||||
#define sftkqueue_add2(element, id, index, head) \
|
||||
{ \
|
||||
(element)->next = (head)[index]; \
|
||||
if ((head)[index]) \
|
||||
|
@ -453,19 +453,19 @@ struct PK11SSLMACInfoStr {
|
|||
(head)[index] = (element); \
|
||||
}
|
||||
|
||||
#define pk11queue_find2(element, id, index, head) \
|
||||
#define sftkqueue_find2(element, id, index, head) \
|
||||
for ( (element) = (head)[index]; \
|
||||
(element) != NULL; \
|
||||
(element) = (element)->next) { \
|
||||
if ((element)->handle == (id)) { break; } \
|
||||
}
|
||||
|
||||
#define pk11queue_delete2(element, id, index, head) \
|
||||
#define sftkqueue_delete2(element, id, index, head) \
|
||||
if ((element)->next) (element)->next->prev = (element)->prev; \
|
||||
if ((element)->prev) (element)->prev->next = (element)->next; \
|
||||
else (head)[index] = ((element)->next);
|
||||
|
||||
#define pk11queue_clear_deleted_element(element) \
|
||||
#define sftkqueue_clear_deleted_element(element) \
|
||||
(element)->next = NULL; \
|
||||
(element)->prev = NULL; \
|
||||
|
||||
|
@ -473,20 +473,20 @@ struct PK11SSLMACInfoStr {
|
|||
/* sessionID (handle) is used to determine session lock bucket */
|
||||
#ifdef NOSPREAD
|
||||
/* NOSPREAD: (ID>>L2LPB) & (perbucket-1) */
|
||||
#define PK11_SESSION_LOCK(slot,handle) \
|
||||
#define SFTK_SESSION_LOCK(slot,handle) \
|
||||
((slot)->sessionLock[((handle) >> LOG2_BUCKETS_PER_SESSION_LOCK) \
|
||||
& (slot)->sessionLockMask])
|
||||
#else
|
||||
/* SPREAD: ID & (perbucket-1) */
|
||||
#define PK11_SESSION_LOCK(slot,handle) \
|
||||
#define SFTK_SESSION_LOCK(slot,handle) \
|
||||
((slot)->sessionLock[(handle) & (slot)->sessionLockMask])
|
||||
#endif
|
||||
|
||||
/* expand an attribute & secitem structures out */
|
||||
#define pk11_attr_expand(ap) (ap)->type,(ap)->pValue,(ap)->ulValueLen
|
||||
#define pk11_item_expand(ip) (ip)->data,(ip)->len
|
||||
#define sftk_attr_expand(ap) (ap)->type,(ap)->pValue,(ap)->ulValueLen
|
||||
#define sftk_item_expand(ip) (ip)->data,(ip)->len
|
||||
|
||||
typedef struct pk11_token_parametersStr {
|
||||
typedef struct sftk_token_parametersStr {
|
||||
CK_SLOT_ID slotID;
|
||||
char *configdir;
|
||||
char *certPrefix;
|
||||
|
@ -500,9 +500,9 @@ typedef struct pk11_token_parametersStr {
|
|||
PRBool forceOpen;
|
||||
PRBool pwRequired;
|
||||
PRBool optimizeSpace;
|
||||
} pk11_token_parameters;
|
||||
} sftk_token_parameters;
|
||||
|
||||
typedef struct pk11_parametersStr {
|
||||
typedef struct sftk_parametersStr {
|
||||
char *configdir;
|
||||
char *secmodName;
|
||||
char *man;
|
||||
|
@ -513,9 +513,9 @@ typedef struct pk11_parametersStr {
|
|||
PRBool forceOpen;
|
||||
PRBool pwRequired;
|
||||
PRBool optimizeSpace;
|
||||
pk11_token_parameters *tokens;
|
||||
sftk_token_parameters *tokens;
|
||||
int token_count;
|
||||
} pk11_parameters;
|
||||
} sftk_parameters;
|
||||
|
||||
|
||||
/* machine dependent path stuff used by dbinit.c and pk11db.c */
|
||||
|
@ -538,88 +538,88 @@ extern CK_RV nsc_CommonInitialize(CK_VOID_PTR pReserved, PRBool isFIPS);
|
|||
extern CK_RV nsc_CommonFinalize(CK_VOID_PTR pReserved, PRBool isFIPS);
|
||||
extern CK_RV nsc_CommonGetSlotList(CK_BBOOL tokPresent,
|
||||
CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount, int moduleIndex);
|
||||
/* shared functions between PKCS11.c and PK11FIPS.c */
|
||||
extern CK_RV PK11_SlotInit(char *configdir,pk11_token_parameters *params,
|
||||
/* shared functions between PKCS11.c and SFTKFIPS.c */
|
||||
extern CK_RV SFTK_SlotInit(char *configdir,sftk_token_parameters *params,
|
||||
int moduleIndex);
|
||||
|
||||
/* internal utility functions used by pkcs11.c */
|
||||
extern PK11Attribute *pk11_FindAttribute(PK11Object *object,
|
||||
extern SFTKAttribute *sftk_FindAttribute(SFTKObject *object,
|
||||
CK_ATTRIBUTE_TYPE type);
|
||||
extern void pk11_FreeAttribute(PK11Attribute *attribute);
|
||||
extern CK_RV pk11_AddAttributeType(PK11Object *object, CK_ATTRIBUTE_TYPE type,
|
||||
extern void sftk_FreeAttribute(SFTKAttribute *attribute);
|
||||
extern CK_RV sftk_AddAttributeType(SFTKObject *object, CK_ATTRIBUTE_TYPE type,
|
||||
void *valPtr,
|
||||
CK_ULONG length);
|
||||
extern CK_RV pk11_Attribute2SecItem(PLArenaPool *arena, SECItem *item,
|
||||
PK11Object *object, CK_ATTRIBUTE_TYPE type);
|
||||
extern unsigned int pk11_GetLengthInBits(unsigned char *buf,
|
||||
extern CK_RV sftk_Attribute2SecItem(PLArenaPool *arena, SECItem *item,
|
||||
SFTKObject *object, CK_ATTRIBUTE_TYPE type);
|
||||
extern unsigned int sftk_GetLengthInBits(unsigned char *buf,
|
||||
unsigned int bufLen);
|
||||
extern CK_RV pk11_ConstrainAttribute(PK11Object *object,
|
||||
extern CK_RV sftk_ConstrainAttribute(SFTKObject *object,
|
||||
CK_ATTRIBUTE_TYPE type, int minLength, int maxLength, int minMultiple);
|
||||
extern PRBool pk11_hasAttribute(PK11Object *object, CK_ATTRIBUTE_TYPE type);
|
||||
extern PRBool pk11_isTrue(PK11Object *object, CK_ATTRIBUTE_TYPE type);
|
||||
extern void pk11_DeleteAttributeType(PK11Object *object,
|
||||
extern PRBool sftk_hasAttribute(SFTKObject *object, CK_ATTRIBUTE_TYPE type);
|
||||
extern PRBool sftk_isTrue(SFTKObject *object, CK_ATTRIBUTE_TYPE type);
|
||||
extern void sftk_DeleteAttributeType(SFTKObject *object,
|
||||
CK_ATTRIBUTE_TYPE type);
|
||||
extern CK_RV pk11_Attribute2SecItem(PLArenaPool *arena, SECItem *item,
|
||||
PK11Object *object, CK_ATTRIBUTE_TYPE type);
|
||||
extern CK_RV pk11_Attribute2SSecItem(PLArenaPool *arena, SECItem *item,
|
||||
PK11Object *object,
|
||||
extern CK_RV sftk_Attribute2SecItem(PLArenaPool *arena, SECItem *item,
|
||||
SFTKObject *object, CK_ATTRIBUTE_TYPE type);
|
||||
extern CK_RV sftk_Attribute2SSecItem(PLArenaPool *arena, SECItem *item,
|
||||
SFTKObject *object,
|
||||
CK_ATTRIBUTE_TYPE type);
|
||||
extern PK11ModifyType pk11_modifyType(CK_ATTRIBUTE_TYPE type,
|
||||
extern SFTKModifyType sftk_modifyType(CK_ATTRIBUTE_TYPE type,
|
||||
CK_OBJECT_CLASS inClass);
|
||||
extern PRBool pk11_isSensitive(CK_ATTRIBUTE_TYPE type, CK_OBJECT_CLASS inClass);
|
||||
extern char *pk11_getString(PK11Object *object, CK_ATTRIBUTE_TYPE type);
|
||||
extern void pk11_nullAttribute(PK11Object *object,CK_ATTRIBUTE_TYPE type);
|
||||
extern CK_RV pk11_GetULongAttribute(PK11Object *object, CK_ATTRIBUTE_TYPE type,
|
||||
extern PRBool sftk_isSensitive(CK_ATTRIBUTE_TYPE type, CK_OBJECT_CLASS inClass);
|
||||
extern char *sftk_getString(SFTKObject *object, CK_ATTRIBUTE_TYPE type);
|
||||
extern void sftk_nullAttribute(SFTKObject *object,CK_ATTRIBUTE_TYPE type);
|
||||
extern CK_RV sftk_GetULongAttribute(SFTKObject *object, CK_ATTRIBUTE_TYPE type,
|
||||
CK_ULONG *longData);
|
||||
extern CK_RV pk11_forceAttribute(PK11Object *object, CK_ATTRIBUTE_TYPE type,
|
||||
extern CK_RV sftk_forceAttribute(SFTKObject *object, CK_ATTRIBUTE_TYPE type,
|
||||
void *value, unsigned int len);
|
||||
extern CK_RV pk11_defaultAttribute(PK11Object *object, CK_ATTRIBUTE_TYPE type,
|
||||
extern CK_RV sftk_defaultAttribute(SFTKObject *object, CK_ATTRIBUTE_TYPE type,
|
||||
void *value, unsigned int len);
|
||||
extern unsigned int pk11_MapTrust(CK_TRUST trust, PRBool clientAuth);
|
||||
extern unsigned int sftk_MapTrust(CK_TRUST trust, PRBool clientAuth);
|
||||
|
||||
extern PK11Object *pk11_NewObject(PK11Slot *slot);
|
||||
extern CK_RV pk11_CopyObject(PK11Object *destObject, PK11Object *srcObject);
|
||||
extern PK11FreeStatus pk11_FreeObject(PK11Object *object);
|
||||
extern CK_RV pk11_DeleteObject(PK11Session *session, PK11Object *object);
|
||||
extern void pk11_ReferenceObject(PK11Object *object);
|
||||
extern PK11Object *pk11_ObjectFromHandle(CK_OBJECT_HANDLE handle,
|
||||
PK11Session *session);
|
||||
extern void pk11_AddSlotObject(PK11Slot *slot, PK11Object *object);
|
||||
extern void pk11_AddObject(PK11Session *session, PK11Object *object);
|
||||
extern SFTKObject *sftk_NewObject(SFTKSlot *slot);
|
||||
extern CK_RV sftk_CopyObject(SFTKObject *destObject, SFTKObject *srcObject);
|
||||
extern SFTKFreeStatus sftk_FreeObject(SFTKObject *object);
|
||||
extern CK_RV sftk_DeleteObject(SFTKSession *session, SFTKObject *object);
|
||||
extern void sftk_ReferenceObject(SFTKObject *object);
|
||||
extern SFTKObject *sftk_ObjectFromHandle(CK_OBJECT_HANDLE handle,
|
||||
SFTKSession *session);
|
||||
extern void sftk_AddSlotObject(SFTKSlot *slot, SFTKObject *object);
|
||||
extern void sftk_AddObject(SFTKSession *session, SFTKObject *object);
|
||||
|
||||
extern CK_RV pk11_searchObjectList(PK11SearchResults *search,
|
||||
PK11Object **head, unsigned int size,
|
||||
extern CK_RV sftk_searchObjectList(SFTKSearchResults *search,
|
||||
SFTKObject **head, unsigned int size,
|
||||
PZLock *lock, CK_ATTRIBUTE_PTR inTemplate,
|
||||
int count, PRBool isLoggedIn);
|
||||
extern PK11ObjectListElement *pk11_FreeObjectListElement(
|
||||
PK11ObjectListElement *objectList);
|
||||
extern void pk11_FreeObjectList(PK11ObjectListElement *objectList);
|
||||
extern void pk11_FreeSearch(PK11SearchResults *search);
|
||||
extern CK_RV pk11_handleObject(PK11Object *object, PK11Session *session);
|
||||
extern SFTKObjectListElement *sftk_FreeObjectListElement(
|
||||
SFTKObjectListElement *objectList);
|
||||
extern void sftk_FreeObjectList(SFTKObjectListElement *objectList);
|
||||
extern void sftk_FreeSearch(SFTKSearchResults *search);
|
||||
extern CK_RV sftk_handleObject(SFTKObject *object, SFTKSession *session);
|
||||
|
||||
extern PK11Slot *pk11_SlotFromID(CK_SLOT_ID slotID);
|
||||
extern PK11Slot *pk11_SlotFromSessionHandle(CK_SESSION_HANDLE handle);
|
||||
extern PK11Session *pk11_SessionFromHandle(CK_SESSION_HANDLE handle);
|
||||
extern void pk11_FreeSession(PK11Session *session);
|
||||
extern PK11Session *pk11_NewSession(CK_SLOT_ID slotID, CK_NOTIFY notify,
|
||||
extern SFTKSlot *sftk_SlotFromID(CK_SLOT_ID slotID);
|
||||
extern SFTKSlot *sftk_SlotFromSessionHandle(CK_SESSION_HANDLE handle);
|
||||
extern SFTKSession *sftk_SessionFromHandle(CK_SESSION_HANDLE handle);
|
||||
extern void sftk_FreeSession(SFTKSession *session);
|
||||
extern SFTKSession *sftk_NewSession(CK_SLOT_ID slotID, CK_NOTIFY notify,
|
||||
CK_VOID_PTR pApplication, CK_FLAGS flags);
|
||||
extern void pk11_update_state(PK11Slot *slot,PK11Session *session);
|
||||
extern void pk11_update_all_states(PK11Slot *slot);
|
||||
extern void pk11_FreeContext(PK11SessionContext *context);
|
||||
extern void pk11_InitFreeLists(void);
|
||||
extern void pk11_CleanupFreeLists(void);
|
||||
extern void sftk_update_state(SFTKSlot *slot,SFTKSession *session);
|
||||
extern void sftk_update_all_states(SFTKSlot *slot);
|
||||
extern void sftk_FreeContext(SFTKSessionContext *context);
|
||||
extern void sftk_InitFreeLists(void);
|
||||
extern void sftk_CleanupFreeLists(void);
|
||||
|
||||
extern NSSLOWKEYPublicKey *pk11_GetPubKey(PK11Object *object,
|
||||
extern NSSLOWKEYPublicKey *sftk_GetPubKey(SFTKObject *object,
|
||||
CK_KEY_TYPE key_type, CK_RV *crvp);
|
||||
extern NSSLOWKEYPrivateKey *pk11_GetPrivKey(PK11Object *object,
|
||||
extern NSSLOWKEYPrivateKey *sftk_GetPrivKey(SFTKObject *object,
|
||||
CK_KEY_TYPE key_type, CK_RV *crvp);
|
||||
extern void pk11_FormatDESKey(unsigned char *key, int length);
|
||||
extern PRBool pk11_CheckDESKey(unsigned char *key);
|
||||
extern PRBool pk11_IsWeakKey(unsigned char *key,CK_KEY_TYPE key_type);
|
||||
extern void sftk_FormatDESKey(unsigned char *key, int length);
|
||||
extern PRBool sftk_CheckDESKey(unsigned char *key);
|
||||
extern PRBool sftk_IsWeakKey(unsigned char *key,CK_KEY_TYPE key_type);
|
||||
|
||||
extern CK_RV secmod_parseParameters(char *param, pk11_parameters *parsed,
|
||||
extern CK_RV secmod_parseParameters(char *param, sftk_parameters *parsed,
|
||||
PRBool isFIPS);
|
||||
extern void secmod_freeParams(pk11_parameters *params);
|
||||
extern void secmod_freeParams(sftk_parameters *params);
|
||||
extern char *secmod_getSecmodName(char *params, char **domain,
|
||||
char **filename, PRBool *rw);
|
||||
extern char ** secmod_ReadPermDB(const char *domain, const char *filename,
|
||||
|
@ -631,7 +631,7 @@ extern SECStatus secmod_AddPermDB(const char *domain, const char *filename,
|
|||
extern SECStatus secmod_ReleasePermDBData(const char *domain,
|
||||
const char *filename, const char *dbname, char **specList, PRBool rw);
|
||||
/* mechanism allows this operation */
|
||||
extern CK_RV pk11_MechAllowsOperation(CK_MECHANISM_TYPE type, CK_ATTRIBUTE_TYPE op);
|
||||
extern CK_RV sftk_MechAllowsOperation(CK_MECHANISM_TYPE type, CK_ATTRIBUTE_TYPE op);
|
||||
/*
|
||||
* OK there are now lots of options here, lets go through them all:
|
||||
*
|
||||
|
@ -649,47 +649,47 @@ extern CK_RV pk11_MechAllowsOperation(CK_MECHANISM_TYPE type, CK_ATTRIBUTE_TYPE
|
|||
* forceOpen - Continue to force initializations even if the databases cannot
|
||||
* be opened.
|
||||
*/
|
||||
CK_RV pk11_DBInit(const char *configdir, const char *certPrefix,
|
||||
CK_RV sftk_DBInit(const char *configdir, const char *certPrefix,
|
||||
const char *keyPrefix, PRBool readOnly, PRBool noCertDB,
|
||||
PRBool noKeyDB, PRBool forceOpen,
|
||||
NSSLOWCERTCertDBHandle **certDB, NSSLOWKEYDBHandle **keyDB);
|
||||
|
||||
void pk11_DBShutdown(NSSLOWCERTCertDBHandle *certHandle,
|
||||
void sftk_DBShutdown(NSSLOWCERTCertDBHandle *certHandle,
|
||||
NSSLOWKEYDBHandle *keyHandle);
|
||||
|
||||
const char *pk11_EvaluateConfigDir(const char *configdir, char **domain);
|
||||
const char *sftk_EvaluateConfigDir(const char *configdir, char **domain);
|
||||
|
||||
/*
|
||||
* narrow objects
|
||||
*/
|
||||
PK11SessionObject * pk11_narrowToSessionObject(PK11Object *);
|
||||
PK11TokenObject * pk11_narrowToTokenObject(PK11Object *);
|
||||
SFTKSessionObject * sftk_narrowToSessionObject(SFTKObject *);
|
||||
SFTKTokenObject * sftk_narrowToTokenObject(SFTKObject *);
|
||||
|
||||
/*
|
||||
* token object utilities
|
||||
*/
|
||||
void pk11_addHandle(PK11SearchResults *search, CK_OBJECT_HANDLE handle);
|
||||
PRBool pk11_poisonHandle(PK11Slot *slot, SECItem *dbkey,
|
||||
void sftk_addHandle(SFTKSearchResults *search, CK_OBJECT_HANDLE handle);
|
||||
PRBool sftk_poisonHandle(SFTKSlot *slot, SECItem *dbkey,
|
||||
CK_OBJECT_HANDLE handle);
|
||||
PRBool pk11_tokenMatch(PK11Slot *slot, SECItem *dbKey, CK_OBJECT_HANDLE class,
|
||||
PRBool sftk_tokenMatch(SFTKSlot *slot, SECItem *dbKey, CK_OBJECT_HANDLE class,
|
||||
CK_ATTRIBUTE_PTR theTemplate,int count);
|
||||
CK_OBJECT_HANDLE pk11_mkHandle(PK11Slot *slot,
|
||||
CK_OBJECT_HANDLE sftk_mkHandle(SFTKSlot *slot,
|
||||
SECItem *dbKey, CK_OBJECT_HANDLE class);
|
||||
PK11Object * pk11_NewTokenObject(PK11Slot *slot, SECItem *dbKey,
|
||||
SFTKObject * sftk_NewTokenObject(SFTKSlot *slot, SECItem *dbKey,
|
||||
CK_OBJECT_HANDLE handle);
|
||||
PK11TokenObject *pk11_convertSessionToToken(PK11Object *so);
|
||||
SFTKTokenObject *sftk_convertSessionToToken(SFTKObject *so);
|
||||
|
||||
/****************************************
|
||||
* implement TLS Pseudo Random Function (PRF)
|
||||
*/
|
||||
|
||||
extern SECStatus
|
||||
pk11_PRF(const SECItem *secret, const char *label, SECItem *seed,
|
||||
sftk_PRF(const SECItem *secret, const char *label, SECItem *seed,
|
||||
SECItem *result, PRBool isFIPS);
|
||||
|
||||
extern CK_RV
|
||||
pk11_TLSPRFInit(PK11SessionContext *context,
|
||||
PK11Object * key,
|
||||
sftk_TLSPRFInit(SFTKSessionContext *context,
|
||||
SFTKObject * key,
|
||||
CK_KEY_TYPE key_type);
|
||||
|
||||
SEC_END_PROTOS
|
||||
|
|
Разница между файлами не показана из-за своего большого размера
Загрузить разницу
|
@ -36,7 +36,7 @@
|
|||
* the terms of any one of the MPL, the GPL or the LGPL.
|
||||
*
|
||||
* ***** END LICENSE BLOCK ***** */
|
||||
/* $Id: softoken.h,v 1.6 2004/04/27 23:04:38 gerv%gerv.net Exp $ */
|
||||
/* $Id: softoken.h,v 1.7 2005/03/29 18:21:18 nelsonb%netscape.com Exp $ */
|
||||
|
||||
#ifndef _SOFTOKEN_H_
|
||||
#define _SOFTOKEN_H_
|
||||
|
@ -46,7 +46,7 @@
|
|||
#include "softoknt.h"
|
||||
#include "secoidt.h"
|
||||
|
||||
#include "pkcs11t.h" /* CK_RV Required for pk11_fipsPowerUpSelfTest(). */
|
||||
#include "pkcs11t.h" /* CK_RV Required for sftk_fipsPowerUpSelfTest(). */
|
||||
|
||||
SEC_BEGIN_PROTOS
|
||||
|
||||
|
@ -152,12 +152,12 @@ extern unsigned char * DES_PadBuffer(PRArenaPool *arena, unsigned char *inbuf,
|
|||
** Power-Up selftests required for FIPS and invoked only
|
||||
** under PKCS #11 FIPS mode.
|
||||
*/
|
||||
extern CK_RV pk11_fipsPowerUpSelfTest( void );
|
||||
extern CK_RV sftk_fipsPowerUpSelfTest( void );
|
||||
|
||||
/*
|
||||
** make known fixed PKCS #11 key types to their sizes in bytes
|
||||
*/
|
||||
unsigned long pk11_MapKeySize(CK_KEY_TYPE keyType);
|
||||
unsigned long sftk_MapKeySize(CK_KEY_TYPE keyType);
|
||||
|
||||
SEC_END_PROTOS
|
||||
|
||||
|
|
|
@ -35,19 +35,19 @@
|
|||
* the terms of any one of the MPL, the GPL or the LGPL.
|
||||
*
|
||||
* ***** END LICENSE BLOCK ***** */
|
||||
/* $Id: tlsprf.c,v 1.4 2004/04/27 23:04:38 gerv%gerv.net Exp $ */
|
||||
/* $Id: tlsprf.c,v 1.5 2005/03/29 18:21:18 nelsonb%netscape.com Exp $ */
|
||||
|
||||
#include "pkcs11i.h"
|
||||
#include "sechash.h"
|
||||
#include "alghmac.h"
|
||||
|
||||
#define PK11_OFFSETOF(str, memb) ((PRPtrdiff)(&(((str *)0)->memb)))
|
||||
#define SFTK_OFFSETOF(str, memb) ((PRPtrdiff)(&(((str *)0)->memb)))
|
||||
|
||||
#define PHASH_STATE_MAX_LEN 20
|
||||
|
||||
/* TLS P_hash function */
|
||||
static SECStatus
|
||||
pk11_P_hash(HASH_HashType hashType, const SECItem *secret, const char *label,
|
||||
sftk_P_hash(HASH_HashType hashType, const SECItem *secret, const char *label,
|
||||
SECItem *seed, SECItem *result, PRBool isFIPS)
|
||||
{
|
||||
unsigned char state[PHASH_STATE_MAX_LEN];
|
||||
|
@ -119,7 +119,7 @@ loser:
|
|||
}
|
||||
|
||||
SECStatus
|
||||
pk11_PRF(const SECItem *secret, const char *label, SECItem *seed,
|
||||
sftk_PRF(const SECItem *secret, const char *label, SECItem *seed,
|
||||
SECItem *result, PRBool isFIPS)
|
||||
{
|
||||
SECStatus rv = SECFailure, status;
|
||||
|
@ -145,11 +145,11 @@ pk11_PRF(const SECItem *secret, const char *label, SECItem *seed,
|
|||
goto loser;
|
||||
tmp.len = result->len;
|
||||
|
||||
status = pk11_P_hash(HASH_AlgMD5, &S1, label, seed, result, isFIPS);
|
||||
status = sftk_P_hash(HASH_AlgMD5, &S1, label, seed, result, isFIPS);
|
||||
if (status != SECSuccess)
|
||||
goto loser;
|
||||
|
||||
status = pk11_P_hash(HASH_AlgSHA1, &S2, label, seed, &tmp, isFIPS);
|
||||
status = sftk_P_hash(HASH_AlgSHA1, &S2, label, seed, &tmp, isFIPS);
|
||||
if (status != SECSuccess)
|
||||
goto loser;
|
||||
|
||||
|
@ -164,7 +164,7 @@ loser:
|
|||
return rv;
|
||||
}
|
||||
|
||||
static void pk11_TLSPRFNull(void *data, PRBool freeit)
|
||||
static void sftk_TLSPRFNull(void *data, PRBool freeit)
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
@ -181,7 +181,7 @@ typedef struct {
|
|||
} TLSPRFContext;
|
||||
|
||||
static void
|
||||
pk11_TLSPRFHashUpdate(TLSPRFContext *cx, const unsigned char *data,
|
||||
sftk_TLSPRFHashUpdate(TLSPRFContext *cx, const unsigned char *data,
|
||||
unsigned int data_len)
|
||||
{
|
||||
PRUint32 bytesUsed = cx->cxKeyLen + cx->cxDataLen;
|
||||
|
@ -211,7 +211,7 @@ pk11_TLSPRFHashUpdate(TLSPRFContext *cx, const unsigned char *data,
|
|||
}
|
||||
|
||||
static void
|
||||
pk11_TLSPRFEnd(TLSPRFContext *ctx, unsigned char *hashout,
|
||||
sftk_TLSPRFEnd(TLSPRFContext *ctx, unsigned char *hashout,
|
||||
unsigned int *pDigestLen, unsigned int maxDigestLen)
|
||||
{
|
||||
*pDigestLen = 0; /* tells Verify that no data has been input yet. */
|
||||
|
@ -219,7 +219,7 @@ pk11_TLSPRFEnd(TLSPRFContext *ctx, unsigned char *hashout,
|
|||
|
||||
/* Compute the PRF values from the data previously input. */
|
||||
static SECStatus
|
||||
pk11_TLSPRFUpdate(TLSPRFContext *cx,
|
||||
sftk_TLSPRFUpdate(TLSPRFContext *cx,
|
||||
unsigned char *sig, /* output goes here. */
|
||||
unsigned int * sigLen, /* how much output. */
|
||||
unsigned int maxLen, /* output buffer size */
|
||||
|
@ -243,7 +243,7 @@ pk11_TLSPRFUpdate(TLSPRFContext *cx,
|
|||
sigItem.data = sig;
|
||||
sigItem.len = maxLen;
|
||||
|
||||
rv = pk11_PRF(&secretItem, NULL, &seedItem, &sigItem, cx->cxIsFIPS);
|
||||
rv = sftk_PRF(&secretItem, NULL, &seedItem, &sigItem, cx->cxIsFIPS);
|
||||
if (rv == SECSuccess && sigLen != NULL)
|
||||
*sigLen = sigItem.len;
|
||||
return rv;
|
||||
|
@ -251,7 +251,7 @@ pk11_TLSPRFUpdate(TLSPRFContext *cx,
|
|||
}
|
||||
|
||||
static SECStatus
|
||||
pk11_TLSPRFVerify(TLSPRFContext *cx,
|
||||
sftk_TLSPRFVerify(TLSPRFContext *cx,
|
||||
unsigned char *sig, /* input, for comparison. */
|
||||
unsigned int sigLen, /* length of sig. */
|
||||
unsigned char *hash, /* data to be verified. */
|
||||
|
@ -267,9 +267,9 @@ pk11_TLSPRFVerify(TLSPRFContext *cx,
|
|||
/* hashLen is non-zero when the user does a one-step verify.
|
||||
** In this case, none of the data has been input yet.
|
||||
*/
|
||||
pk11_TLSPRFHashUpdate(cx, hash, hashLen);
|
||||
sftk_TLSPRFHashUpdate(cx, hash, hashLen);
|
||||
}
|
||||
rv = pk11_TLSPRFUpdate(cx, tmp, &tmpLen, sigLen, NULL, 0);
|
||||
rv = sftk_TLSPRFUpdate(cx, tmp, &tmpLen, sigLen, NULL, 0);
|
||||
if (rv == SECSuccess) {
|
||||
rv = (SECStatus)(1 - !PORT_Memcmp(tmp, sig, sigLen));
|
||||
}
|
||||
|
@ -278,7 +278,7 @@ pk11_TLSPRFVerify(TLSPRFContext *cx,
|
|||
}
|
||||
|
||||
static void
|
||||
pk11_TLSPRFHashDestroy(TLSPRFContext *cx, PRBool freeit)
|
||||
sftk_TLSPRFHashDestroy(TLSPRFContext *cx, PRBool freeit)
|
||||
{
|
||||
if (freeit) {
|
||||
if (cx->cxBufPtr != cx->cxBuf)
|
||||
|
@ -288,11 +288,11 @@ pk11_TLSPRFHashDestroy(TLSPRFContext *cx, PRBool freeit)
|
|||
}
|
||||
|
||||
CK_RV
|
||||
pk11_TLSPRFInit(PK11SessionContext *context,
|
||||
PK11Object * key,
|
||||
sftk_TLSPRFInit(SFTKSessionContext *context,
|
||||
SFTKObject * key,
|
||||
CK_KEY_TYPE key_type)
|
||||
{
|
||||
PK11Attribute * keyVal;
|
||||
SFTKAttribute * keyVal;
|
||||
TLSPRFContext * prf_cx;
|
||||
CK_RV crv = CKR_HOST_MEMORY;
|
||||
PRUint32 keySize;
|
||||
|
@ -303,7 +303,7 @@ pk11_TLSPRFInit(PK11SessionContext *context,
|
|||
|
||||
context->multi = PR_TRUE;
|
||||
|
||||
keyVal = pk11_FindAttribute(key, CKA_VALUE);
|
||||
keyVal = sftk_FindAttribute(key, CKA_VALUE);
|
||||
keySize = (!keyVal) ? 0 : keyVal->attrib.ulValueLen;
|
||||
blockSize = keySize + sizeof(TLSPRFContext);
|
||||
prf_cx = (TLSPRFContext *)PORT_Alloc(blockSize);
|
||||
|
@ -312,7 +312,7 @@ pk11_TLSPRFInit(PK11SessionContext *context,
|
|||
prf_cx->cxSize = blockSize;
|
||||
prf_cx->cxKeyLen = keySize;
|
||||
prf_cx->cxDataLen = 0;
|
||||
prf_cx->cxBufSize = blockSize - PK11_OFFSETOF(TLSPRFContext, cxBuf);
|
||||
prf_cx->cxBufSize = blockSize - SFTK_OFFSETOF(TLSPRFContext, cxBuf);
|
||||
prf_cx->cxRv = SECSuccess;
|
||||
prf_cx->cxIsFIPS = (key->slot->slotID == FIPS_SLOT_ID);
|
||||
prf_cx->cxBufPtr = prf_cx->cxBuf;
|
||||
|
@ -321,17 +321,17 @@ pk11_TLSPRFInit(PK11SessionContext *context,
|
|||
|
||||
context->hashInfo = (void *) prf_cx;
|
||||
context->cipherInfo = (void *) prf_cx;
|
||||
context->hashUpdate = (PK11Hash) pk11_TLSPRFHashUpdate;
|
||||
context->end = (PK11End) pk11_TLSPRFEnd;
|
||||
context->update = (PK11Cipher) pk11_TLSPRFUpdate;
|
||||
context->verify = (PK11Verify) pk11_TLSPRFVerify;
|
||||
context->destroy = (PK11Destroy) pk11_TLSPRFNull;
|
||||
context->hashdestroy = (PK11Destroy) pk11_TLSPRFHashDestroy;
|
||||
context->hashUpdate = (SFTKHash) sftk_TLSPRFHashUpdate;
|
||||
context->end = (SFTKEnd) sftk_TLSPRFEnd;
|
||||
context->update = (SFTKCipher) sftk_TLSPRFUpdate;
|
||||
context->verify = (SFTKVerify) sftk_TLSPRFVerify;
|
||||
context->destroy = (SFTKDestroy) sftk_TLSPRFNull;
|
||||
context->hashdestroy = (SFTKDestroy) sftk_TLSPRFHashDestroy;
|
||||
crv = CKR_OK;
|
||||
|
||||
done:
|
||||
if (keyVal)
|
||||
pk11_FreeAttribute(keyVal);
|
||||
sftk_FreeAttribute(keyVal);
|
||||
return crv;
|
||||
}
|
||||
|
||||
|
|
Загрузка…
Ссылка в новой задаче