mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Rename all internal private softoken functions types and symbols from 

PK11 or pk11 prefixes to SFTK or sftk prefixes.  Bug 286685.
r=relyea,wtchang  Modified Files:
 cmd/bltest/blapitest.c lib/pk11wrap/pk11pars.c lib/softoken/dbinit.c
 lib/softoken/dbmshim.c lib/softoken/fipstest.c lib/softoken/fipstokn.c
 lib/softoken/pcertdb.c lib/softoken/pk11db.c lib/softoken/pk11pars.h
 lib/softoken/pkcs11.c lib/softoken/pkcs11c.c lib/softoken/pkcs11i.h
 lib/softoken/pkcs11u.c lib/softoken/softoken.h lib/softoken/tlsprf.c
This commit is contained in:
nelsonb%netscape.com 2005-03-29 18:21:18 +00:00
Родитель 2028a434ec
Коммит c03b9d33fe
15 изменённых файлов: 2602 добавлений и 2602 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

2
security/nss/cmd/bltest/blapitest.c
Просмотреть файл

@ -2818,7 +2818,7 @@ int main(int argc, char **argv)
/* Do FIPS self-test */ /* Do FIPS self-test */
if (bltest.commands[cmd_FIPS].activated) { if (bltest.commands[cmd_FIPS].activated) {
CK_RV ckrv = pk11_fipsPowerUpSelfTest(); CK_RV ckrv = sftk_fipsPowerUpSelfTest();
fprintf(stdout, "CK_RV: %ld.\n", ckrv); fprintf(stdout, "CK_RV: %ld.\n", ckrv);
return 0; return 0;
} }

42
security/nss/lib/pk11wrap/pk11pars.c
Просмотреть файл

@ -128,26 +128,26 @@ SECMOD_CreateModule(const char *library, const char *moduleName,
if (parameters) { if (parameters) {
mod->libraryParams = PORT_ArenaStrdup(mod->arena,parameters); mod->libraryParams = PORT_ArenaStrdup(mod->arena,parameters);
} }
mod->internal = pk11_argHasFlag("flags","internal",nssc); mod->internal = sftk_argHasFlag("flags","internal",nssc);
mod->isFIPS = pk11_argHasFlag("flags","FIPS",nssc); mod->isFIPS = sftk_argHasFlag("flags","FIPS",nssc);
mod->isCritical = pk11_argHasFlag("flags","critical",nssc); mod->isCritical = sftk_argHasFlag("flags","critical",nssc);
slotParams = pk11_argGetParamValue("slotParams",nssc); slotParams = sftk_argGetParamValue("slotParams",nssc);
mod->slotInfo = pk11_argParseSlotInfo(mod->arena,slotParams, mod->slotInfo = sftk_argParseSlotInfo(mod->arena,slotParams,
&mod->slotInfoCount); &mod->slotInfoCount);
if (slotParams) PORT_Free(slotParams); if (slotParams) PORT_Free(slotParams);
/* new field */ /* new field */
mod->trustOrder = pk11_argReadLong("trustOrder",nssc, mod->trustOrder = sftk_argReadLong("trustOrder",nssc,
PK11_DEFAULT_TRUST_ORDER,NULL); SFTK_DEFAULT_TRUST_ORDER,NULL);
/* new field */ /* new field */
mod->cipherOrder = pk11_argReadLong("cipherOrder",nssc, mod->cipherOrder = sftk_argReadLong("cipherOrder",nssc,
PK11_DEFAULT_CIPHER_ORDER,NULL); SFTK_DEFAULT_CIPHER_ORDER,NULL);
/* new field */ /* new field */
mod->isModuleDB = pk11_argHasFlag("flags","moduleDB",nssc); mod->isModuleDB = sftk_argHasFlag("flags","moduleDB",nssc);
mod->moduleDBOnly = pk11_argHasFlag("flags","moduleDBOnly",nssc); mod->moduleDBOnly = sftk_argHasFlag("flags","moduleDBOnly",nssc);
if (mod->moduleDBOnly) mod->isModuleDB = PR_TRUE; if (mod->moduleDBOnly) mod->isModuleDB = PR_TRUE;
ciphers = pk11_argGetParamValue("ciphers",nssc); ciphers = sftk_argGetParamValue("ciphers",nssc);
pk11_argSetNewCipherFlags(&mod->ssl[0],ciphers); sftk_argSetNewCipherFlags(&mod->ssl[0],ciphers);
if (ciphers) PORT_Free(ciphers); if (ciphers) PORT_Free(ciphers);
secmod_PrivateModuleCount++; secmod_PrivateModuleCount++;
@ -156,7 +156,7 @@ SECMOD_CreateModule(const char *library, const char *moduleName,
} }
static char * static char *
pk11_mkModuleSpec(SECMODModule * module) secmod_mkModuleSpec(SECMODModule * module)
{ {
char *nss = NULL, *modSpec = NULL, **slotStrings = NULL; char *nss = NULL, *modSpec = NULL, **slotStrings = NULL;
int slotCount, i, si; int slotCount, i, si;
@ -189,7 +189,7 @@ pk11_mkModuleSpec(SECMODModule * module)
if (module->slots[i]->defaultFlags) { if (module->slots[i]->defaultFlags) {
PORT_Assert(si < slotCount); PORT_Assert(si < slotCount);
if (si >= slotCount) break; if (si >= slotCount) break;
slotStrings[si] = pk11_mkSlotString(module->slots[i]->slotID, slotStrings[si] = sftk_mkSlotString(module->slots[i]->slotID,
module->slots[i]->defaultFlags, module->slots[i]->defaultFlags,
module->slots[i]->timeout, module->slots[i]->timeout,
module->slots[i]->askpw, module->slots[i]->askpw,
@ -200,7 +200,7 @@ pk11_mkModuleSpec(SECMODModule * module)
} }
} else { } else {
for (i=0; i < slotCount; i++) { for (i=0; i < slotCount; i++) {
slotStrings[i] = pk11_mkSlotString(module->slotInfo[i].slotID, slotStrings[i] = sftk_mkSlotString(module->slotInfo[i].slotID,
module->slotInfo[i].defaultFlags, module->slotInfo[i].defaultFlags,
module->slotInfo[i].timeout, module->slotInfo[i].timeout,
module->slotInfo[i].askpw, module->slotInfo[i].askpw,
@ -210,10 +210,10 @@ pk11_mkModuleSpec(SECMODModule * module)
} }
SECMOD_ReleaseReadLock(moduleLock); SECMOD_ReleaseReadLock(moduleLock);
nss = pk11_mkNSS(slotStrings,slotCount,module->internal, module->isFIPS, nss = sftk_mkNSS(slotStrings,slotCount,module->internal, module->isFIPS,
module->isModuleDB, module->moduleDBOnly, module->isCritical, module->isModuleDB, module->moduleDBOnly, module->isCritical,
module->trustOrder,module->cipherOrder,module->ssl[0],module->ssl[1]); module->trustOrder,module->cipherOrder,module->ssl[0],module->ssl[1]);
modSpec= pk11_mkNewModuleSpec(module->dllName,module->commonName, modSpec= sftk_mkNewModuleSpec(module->dllName,module->commonName,
module->libraryParams,nss); module->libraryParams,nss);
PORT_Free(slotStrings); PORT_Free(slotStrings);
PR_smprintf_free(nss); PR_smprintf_free(nss);
@ -244,7 +244,7 @@ SECMOD_AddPermDB(SECMODModule *module)
func = (SECMODModuleDBFunc) module->parent->moduleDBFunc; func = (SECMODModuleDBFunc) module->parent->moduleDBFunc;
if (func) { if (func) {
moduleSpec = pk11_mkModuleSpec(module); moduleSpec = secmod_mkModuleSpec(module);
retString = (*func)(SECMOD_MODULE_DB_FUNCTION_ADD, retString = (*func)(SECMOD_MODULE_DB_FUNCTION_ADD,
module->parent->libraryParams,moduleSpec); module->parent->libraryParams,moduleSpec);
PORT_Free(moduleSpec); PORT_Free(moduleSpec);
@ -264,7 +264,7 @@ SECMOD_DeletePermDB(SECMODModule *module)
func = (SECMODModuleDBFunc) module->parent->moduleDBFunc; func = (SECMODModuleDBFunc) module->parent->moduleDBFunc;
if (func) { if (func) {
moduleSpec = pk11_mkModuleSpec(module); moduleSpec = secmod_mkModuleSpec(module);
retString = (*func)(SECMOD_MODULE_DB_FUNCTION_DEL, retString = (*func)(SECMOD_MODULE_DB_FUNCTION_DEL,
module->parent->libraryParams,moduleSpec); module->parent->libraryParams,moduleSpec);
PORT_Free(moduleSpec); PORT_Free(moduleSpec);
@ -300,7 +300,7 @@ SECMOD_LoadModule(char *modulespec,SECMODModule *parent, PRBool recurse)
/* initialize the underlying module structures */ /* initialize the underlying module structures */
SECMOD_Init(); SECMOD_Init();
status = pk11_argParseModuleSpec(modulespec, &library, &moduleName, status = sftk_argParseModuleSpec(modulespec, &library, &moduleName,
&parameters, &nss); &parameters, &nss);
if (status != SECSuccess) { if (status != SECSuccess) {
goto loser; goto loser;

54
security/nss/lib/softoken/dbinit.c
Просмотреть файл

@ -36,7 +36,7 @@
* the terms of any one of the MPL, the GPL or the LGPL. * the terms of any one of the MPL, the GPL or the LGPL.
* *
* ***** END LICENSE BLOCK ***** */ * ***** END LICENSE BLOCK ***** */
/* $Id: dbinit.c,v 1.24 2005/01/04 18:20:00 wtchang%redhat.com Exp $ */ /* $Id: dbinit.c,v 1.25 2005/03/29 18:21:18 nelsonb%netscape.com Exp $ */
#include <ctype.h> #include <ctype.h>
#include "seccomon.h" #include "seccomon.h"
@ -50,7 +50,7 @@
#include "pkcs11i.h" #include "pkcs11i.h"
static char * static char *
pk11_certdb_name_cb(void *arg, int dbVersion) sftk_certdb_name_cb(void *arg, int dbVersion)
{ {
const char *configdir = (const char *)arg; const char *configdir = (const char *)arg;
const char *dbver; const char *dbver;
@ -87,7 +87,7 @@ pk11_certdb_name_cb(void *arg, int dbVersion)
} }
static char * static char *
pk11_keydb_name_cb(void *arg, int dbVersion) sftk_keydb_name_cb(void *arg, int dbVersion)
{ {
const char *configdir = (const char *)arg; const char *configdir = (const char *)arg;
const char *dbver; const char *dbver;
@ -119,7 +119,7 @@ pk11_keydb_name_cb(void *arg, int dbVersion)
} }
const char * const char *
pk11_EvaluateConfigDir(const char *configdir,char **appName) sftk_EvaluateConfigDir(const char *configdir,char **appName)
{ {
if (PORT_Strncmp(configdir, MULTIACCESS, sizeof(MULTIACCESS)-1) == 0) { if (PORT_Strncmp(configdir, MULTIACCESS, sizeof(MULTIACCESS)-1) == 0) {
char *cdir; char *cdir;
@ -142,7 +142,7 @@ pk11_EvaluateConfigDir(const char *configdir,char **appName)
} }
static CK_RV static CK_RV
pk11_OpenCertDB(const char * configdir, const char *prefix, PRBool readOnly, sftk_OpenCertDB(const char * configdir, const char *prefix, PRBool readOnly,
NSSLOWCERTCertDBHandle **certdbPtr) NSSLOWCERTCertDBHandle **certdbPtr)
{ {
NSSLOWCERTCertDBHandle *certdb = NULL; NSSLOWCERTCertDBHandle *certdb = NULL;
@ -155,7 +155,7 @@ pk11_OpenCertDB(const char * configdir, const char *prefix, PRBool readOnly,
prefix = ""; prefix = "";
} }
configdir = pk11_EvaluateConfigDir(configdir, &appName); configdir = sftk_EvaluateConfigDir(configdir, &appName);
name = PR_smprintf("%s" PATH_SEPARATOR "%s",configdir,prefix); name = PR_smprintf("%s" PATH_SEPARATOR "%s",configdir,prefix);
if (name == NULL) goto loser; if (name == NULL) goto loser;
@ -166,7 +166,7 @@ pk11_OpenCertDB(const char * configdir, const char *prefix, PRBool readOnly,
/* fix when we get the DB in */ /* fix when we get the DB in */
rv = nsslowcert_OpenCertDB(certdb, readOnly, appName, prefix, rv = nsslowcert_OpenCertDB(certdb, readOnly, appName, prefix,
pk11_certdb_name_cb, (void *)name, PR_FALSE); sftk_certdb_name_cb, (void *)name, PR_FALSE);
if (rv == SECSuccess) { if (rv == SECSuccess) {
crv = CKR_OK; crv = CKR_OK;
*certdbPtr = certdb; *certdbPtr = certdb;
@ -180,7 +180,7 @@ loser:
} }
static CK_RV static CK_RV
pk11_OpenKeyDB(const char * configdir, const char *prefix, PRBool readOnly, sftk_OpenKeyDB(const char * configdir, const char *prefix, PRBool readOnly,
NSSLOWKEYDBHandle **keydbPtr) NSSLOWKEYDBHandle **keydbPtr)
{ {
NSSLOWKEYDBHandle *keydb; NSSLOWKEYDBHandle *keydb;
@ -190,13 +190,13 @@ pk11_OpenKeyDB(const char * configdir, const char *prefix, PRBool readOnly,
if (prefix == NULL) { if (prefix == NULL) {
prefix = ""; prefix = "";
} }
configdir = pk11_EvaluateConfigDir(configdir, &appName); configdir = sftk_EvaluateConfigDir(configdir, &appName);
name = PR_smprintf("%s" PATH_SEPARATOR "%s",configdir,prefix); name = PR_smprintf("%s" PATH_SEPARATOR "%s",configdir,prefix);
if (name == NULL) if (name == NULL)
return CKR_HOST_MEMORY; return CKR_HOST_MEMORY;
keydb = nsslowkey_OpenKeyDB(readOnly, appName, prefix, keydb = nsslowkey_OpenKeyDB(readOnly, appName, prefix,
pk11_keydb_name_cb, (void *)name); sftk_keydb_name_cb, (void *)name);
PR_smprintf_free(name); PR_smprintf_free(name);
if (appName) PORT_Free(appName); if (appName) PORT_Free(appName);
if (keydb == NULL) if (keydb == NULL)
@ -225,7 +225,7 @@ pk11_OpenKeyDB(const char * configdir, const char *prefix, PRBool readOnly,
* be opened. * be opened.
*/ */
CK_RV CK_RV
pk11_DBInit(const char *configdir, const char *certPrefix, sftk_DBInit(const char *configdir, const char *certPrefix,
const char *keyPrefix, PRBool readOnly, const char *keyPrefix, PRBool readOnly,
PRBool noCertDB, PRBool noKeyDB, PRBool forceOpen, PRBool noCertDB, PRBool noKeyDB, PRBool forceOpen,
NSSLOWCERTCertDBHandle **certdbPtr, NSSLOWKEYDBHandle **keydbPtr) NSSLOWCERTCertDBHandle **certdbPtr, NSSLOWKEYDBHandle **keydbPtr)
@ -234,7 +234,7 @@ pk11_DBInit(const char *configdir, const char *certPrefix,
if (!noCertDB) { if (!noCertDB) {
crv = pk11_OpenCertDB(configdir, certPrefix, readOnly, certdbPtr); crv = sftk_OpenCertDB(configdir, certPrefix, readOnly, certdbPtr);
if (crv != CKR_OK) { if (crv != CKR_OK) {
if (!forceOpen) goto loser; if (!forceOpen) goto loser;
crv = CKR_OK; crv = CKR_OK;
@ -242,7 +242,7 @@ pk11_DBInit(const char *configdir, const char *certPrefix,
} }
if (!noKeyDB) { if (!noKeyDB) {
crv = pk11_OpenKeyDB(configdir, keyPrefix, readOnly, keydbPtr); crv = sftk_OpenKeyDB(configdir, keyPrefix, readOnly, keydbPtr);
if (crv != CKR_OK) { if (crv != CKR_OK) {
if (!forceOpen) goto loser; if (!forceOpen) goto loser;
crv = CKR_OK; crv = CKR_OK;
@ -256,7 +256,7 @@ loser:
void void
pk11_DBShutdown(NSSLOWCERTCertDBHandle *certHandle, sftk_DBShutdown(NSSLOWCERTCertDBHandle *certHandle,
NSSLOWKEYDBHandle *keyHandle) NSSLOWKEYDBHandle *keyHandle)
{ {
if (certHandle) { if (certHandle) {
@ -270,8 +270,8 @@ pk11_DBShutdown(NSSLOWCERTCertDBHandle *certHandle,
} }
static int rdbmapflags(int flags); static int rdbmapflags(int flags);
static rdbfunc pk11_rdbfunc = NULL; static rdbfunc sftk_rdbfunc = NULL;
static rdbstatusfunc pk11_rdbstatusfunc = NULL; static rdbstatusfunc sftk_rdbstatusfunc = NULL;
/* NOTE: SHLIB_SUFFIX is defined on the command line */ /* NOTE: SHLIB_SUFFIX is defined on the command line */
#define RDBLIB SHLIB_PREFIX"rdb."SHLIB_SUFFIX #define RDBLIB SHLIB_PREFIX"rdb."SHLIB_SUFFIX
@ -282,10 +282,10 @@ DB * rdbopen(const char *appName, const char *prefix,
PRLibrary *lib; PRLibrary *lib;
DB *db; DB *db;
if (pk11_rdbfunc) { if (sftk_rdbfunc) {
db = (*pk11_rdbfunc)(appName,prefix,type,rdbmapflags(flags)); db = (*sftk_rdbfunc)(appName,prefix,type,rdbmapflags(flags));
if (!db && status && pk11_rdbstatusfunc) { if (!db && status && sftk_rdbstatusfunc) {
*status = (*pk11_rdbstatusfunc)(); *status = (*sftk_rdbstatusfunc)();
} }
return db; return db;
} }
@ -300,12 +300,12 @@ DB * rdbopen(const char *appName, const char *prefix,
} }
/* get the entry points */ /* get the entry points */
pk11_rdbstatusfunc = (rdbstatusfunc) PR_FindSymbol(lib,"rdbstatus"); sftk_rdbstatusfunc = (rdbstatusfunc) PR_FindSymbol(lib,"rdbstatus");
pk11_rdbfunc = (rdbfunc) PR_FindSymbol(lib,"rdbopen"); sftk_rdbfunc = (rdbfunc) PR_FindSymbol(lib,"rdbopen");
if (pk11_rdbfunc) { if (sftk_rdbfunc) {
db = (*pk11_rdbfunc)(appName,prefix,type,rdbmapflags(flags)); db = (*sftk_rdbfunc)(appName,prefix,type,rdbmapflags(flags));
if (!db && status && pk11_rdbstatusfunc) { if (!db && status && sftk_rdbstatusfunc) {
*status = (*pk11_rdbstatusfunc)(); *status = (*sftk_rdbstatusfunc)();
} }
return db; return db;
} }
@ -385,7 +385,7 @@ db_InitComplete(DB *db)
/* we should have addes a version number to the RDBS structure. Since we /* we should have addes a version number to the RDBS structure. Since we
* didn't, we detect that we have and 'extended' structure if the rdbstatus * didn't, we detect that we have and 'extended' structure if the rdbstatus
* func exists */ * func exists */
if (!pk11_rdbstatusfunc) { if (!sftk_rdbstatusfunc) {
return 0; return 0;
} }

4
security/nss/lib/softoken/dbmshim.c
Просмотреть файл

@ -37,7 +37,7 @@
/* /*
* Berkeley DB 1.85 Shim code to handle blobs. * Berkeley DB 1.85 Shim code to handle blobs.
* *
* $Id: dbmshim.c,v 1.10 2004/04/25 15:03:16 gerv%gerv.net Exp $ * $Id: dbmshim.c,v 1.11 2005/03/29 18:21:18 nelsonb%netscape.com Exp $
*/ */
#include "mcom_db.h" #include "mcom_db.h"
#include "secitem.h" #include "secitem.h"
@ -45,7 +45,7 @@
#include "prprf.h" #include "prprf.h"
#include "cdbhdl.h" #include "cdbhdl.h"
/* Call to PK11_FreeSlot below */ /* Call to SFTK_FreeSlot below */
#include "pcertt.h" #include "pcertt.h"
#include "secasn1.h" #include "secasn1.h"

40
security/nss/lib/softoken/fipstest.c
Просмотреть файл

@ -36,7 +36,7 @@
* the terms of any one of the MPL, the GPL or the LGPL. * the terms of any one of the MPL, the GPL or the LGPL.
* *
* ***** END LICENSE BLOCK ***** */ * ***** END LICENSE BLOCK ***** */
/* $Id: fipstest.c,v 1.7 2004/04/27 23:04:38 gerv%gerv.net Exp $ */ /* $Id: fipstest.c,v 1.8 2005/03/29 18:21:18 nelsonb%netscape.com Exp $ */
#include "softoken.h" /* Required for RC2-ECB, RC2-CBC, RC4, DES-ECB, */ #include "softoken.h" /* Required for RC2-ECB, RC2-CBC, RC4, DES-ECB, */
/* DES-CBC, DES3-ECB, DES3-CBC, RSA */ /* DES-CBC, DES3-ECB, DES3-CBC, RSA */
@ -107,7 +107,7 @@
#define FIPS_DSA_BASE_LENGTH 64 /* 512-bits */ #define FIPS_DSA_BASE_LENGTH 64 /* 512-bits */
static CK_RV static CK_RV
pk11_fips_RC2_PowerUpSelfTest( void ) sftk_fips_RC2_PowerUpSelfTest( void )
{ {
/* RC2 Known Key (40-bits). */ /* RC2 Known Key (40-bits). */
static const PRUint8 rc2_known_key[] = { "RSARC" }; static const PRUint8 rc2_known_key[] = { "RSARC" };
@ -238,7 +238,7 @@ pk11_fips_RC2_PowerUpSelfTest( void )
static CK_RV static CK_RV
pk11_fips_RC4_PowerUpSelfTest( void ) sftk_fips_RC4_PowerUpSelfTest( void )
{ {
/* RC4 Known Key (40-bits). */ /* RC4 Known Key (40-bits). */
static const PRUint8 rc4_known_key[] = { "RSARC" }; static const PRUint8 rc4_known_key[] = { "RSARC" };
@ -307,7 +307,7 @@ pk11_fips_RC4_PowerUpSelfTest( void )
static CK_RV static CK_RV
pk11_fips_DES_PowerUpSelfTest( void ) sftk_fips_DES_PowerUpSelfTest( void )
{ {
/* DES Known Key (56-bits). */ /* DES Known Key (56-bits). */
static const PRUint8 des_known_key[] = { "ANSI DES" }; static const PRUint8 des_known_key[] = { "ANSI DES" };
@ -434,7 +434,7 @@ pk11_fips_DES_PowerUpSelfTest( void )
static CK_RV static CK_RV
pk11_fips_DES3_PowerUpSelfTest( void ) sftk_fips_DES3_PowerUpSelfTest( void )
{ {
/* DES3 Known Key (56-bits). */ /* DES3 Known Key (56-bits). */
static const PRUint8 des3_known_key[] = { "ANSI Triple-DES Key Data" }; static const PRUint8 des3_known_key[] = { "ANSI Triple-DES Key Data" };
@ -563,7 +563,7 @@ pk11_fips_DES3_PowerUpSelfTest( void )
static CK_RV static CK_RV
pk11_fips_MD2_PowerUpSelfTest( void ) sftk_fips_MD2_PowerUpSelfTest( void )
{ {
/* MD2 Known Hash Message (512-bits). */ /* MD2 Known Hash Message (512-bits). */
static const PRUint8 md2_known_hash_message[] = { static const PRUint8 md2_known_hash_message[] = {
@ -608,7 +608,7 @@ pk11_fips_MD2_PowerUpSelfTest( void )
static CK_RV static CK_RV
pk11_fips_MD5_PowerUpSelfTest( void ) sftk_fips_MD5_PowerUpSelfTest( void )
{ {
/* MD5 Known Hash Message (512-bits). */ /* MD5 Known Hash Message (512-bits). */
static const PRUint8 md5_known_hash_message[] = { static const PRUint8 md5_known_hash_message[] = {
@ -641,7 +641,7 @@ pk11_fips_MD5_PowerUpSelfTest( void )
static CK_RV static CK_RV
pk11_fips_SHA1_PowerUpSelfTest( void ) sftk_fips_SHA1_PowerUpSelfTest( void )
{ {
/* SHA-1 Known Hash Message (512-bits). */ /* SHA-1 Known Hash Message (512-bits). */
static const PRUint8 sha1_known_hash_message[] = { static const PRUint8 sha1_known_hash_message[] = {
@ -675,7 +675,7 @@ pk11_fips_SHA1_PowerUpSelfTest( void )
static CK_RV static CK_RV
pk11_fips_RSA_PowerUpSelfTest( void ) sftk_fips_RSA_PowerUpSelfTest( void )
{ {
/* RSA Known Modulus used in both Public/Private Key Values (520-bits). */ /* RSA Known Modulus used in both Public/Private Key Values (520-bits). */
static const PRUint8 rsa_modulus[FIPS_RSA_MODULUS_LENGTH] = { static const PRUint8 rsa_modulus[FIPS_RSA_MODULUS_LENGTH] = {
@ -913,7 +913,7 @@ rsa_loser:
static CK_RV static CK_RV
pk11_fips_DSA_PowerUpSelfTest( void ) sftk_fips_DSA_PowerUpSelfTest( void )
{ {
/* DSA Known P (512-bits), Q (160-bits), and G (512-bits) Values. */ /* DSA Known P (512-bits), Q (160-bits), and G (512-bits) Values. */
static const PRUint8 dsa_P[] = { static const PRUint8 dsa_P[] = {
@ -1032,60 +1032,60 @@ pk11_fips_DSA_PowerUpSelfTest( void )
CK_RV CK_RV
pk11_fipsPowerUpSelfTest( void ) sftk_fipsPowerUpSelfTest( void )
{ {
CK_RV rv; CK_RV rv;
/* RC2 Power-Up SelfTest(s). */ /* RC2 Power-Up SelfTest(s). */
rv = pk11_fips_RC2_PowerUpSelfTest(); rv = sftk_fips_RC2_PowerUpSelfTest();
if( rv != CKR_OK ) if( rv != CKR_OK )
return rv; return rv;
/* RC4 Power-Up SelfTest(s). */ /* RC4 Power-Up SelfTest(s). */
rv = pk11_fips_RC4_PowerUpSelfTest(); rv = sftk_fips_RC4_PowerUpSelfTest();
if( rv != CKR_OK ) if( rv != CKR_OK )
return rv; return rv;
/* DES Power-Up SelfTest(s). */ /* DES Power-Up SelfTest(s). */
rv = pk11_fips_DES_PowerUpSelfTest(); rv = sftk_fips_DES_PowerUpSelfTest();
if( rv != CKR_OK ) if( rv != CKR_OK )
return rv; return rv;
/* DES3 Power-Up SelfTest(s). */ /* DES3 Power-Up SelfTest(s). */
rv = pk11_fips_DES3_PowerUpSelfTest(); rv = sftk_fips_DES3_PowerUpSelfTest();
if( rv != CKR_OK ) if( rv != CKR_OK )
return rv; return rv;
/* MD2 Power-Up SelfTest(s). */ /* MD2 Power-Up SelfTest(s). */
rv = pk11_fips_MD2_PowerUpSelfTest(); rv = sftk_fips_MD2_PowerUpSelfTest();
if( rv != CKR_OK ) if( rv != CKR_OK )
return rv; return rv;
/* MD5 Power-Up SelfTest(s). */ /* MD5 Power-Up SelfTest(s). */
rv = pk11_fips_MD5_PowerUpSelfTest(); rv = sftk_fips_MD5_PowerUpSelfTest();
if( rv != CKR_OK ) if( rv != CKR_OK )
return rv; return rv;
/* SHA-1 Power-Up SelfTest(s). */ /* SHA-1 Power-Up SelfTest(s). */
rv = pk11_fips_SHA1_PowerUpSelfTest(); rv = sftk_fips_SHA1_PowerUpSelfTest();
if( rv != CKR_OK ) if( rv != CKR_OK )
return rv; return rv;
/* RSA Power-Up SelfTest(s). */ /* RSA Power-Up SelfTest(s). */
rv = pk11_fips_RSA_PowerUpSelfTest(); rv = sftk_fips_RSA_PowerUpSelfTest();
if( rv != CKR_OK ) if( rv != CKR_OK )
return rv; return rv;
/* DSA Power-Up SelfTest(s). */ /* DSA Power-Up SelfTest(s). */
rv = pk11_fips_DSA_PowerUpSelfTest(); rv = sftk_fips_DSA_PowerUpSelfTest();
if( rv != CKR_OK ) if( rv != CKR_OK )
return rv; return rv;

134
security/nss/lib/softoken/fipstokn.c
Просмотреть файл

@ -64,7 +64,7 @@ static PRBool isLoggedIn = PR_FALSE;
static PRBool fatalError = PR_FALSE; static PRBool fatalError = PR_FALSE;
/* Fips required checks before any useful crypto graphic services */ /* Fips required checks before any useful crypto graphic services */
static CK_RV pk11_fipsCheck(void) { static CK_RV sftk_fipsCheck(void) {
if (isLoggedIn != PR_TRUE) if (isLoggedIn != PR_TRUE)
return CKR_USER_NOT_LOGGED_IN; return CKR_USER_NOT_LOGGED_IN;
if (fatalError) if (fatalError)
@ -73,11 +73,11 @@ static CK_RV pk11_fipsCheck(void) {
} }
#define PK11_FIPSCHECK() \ #define SFTK_FIPSCHECK() \
CK_RV rv; \ CK_RV rv; \
if ((rv = pk11_fipsCheck()) != CKR_OK) return rv; if ((rv = sftk_fipsCheck()) != CKR_OK) return rv;
#define PK11_FIPSFATALCHECK() \ #define SFTK_FIPSFATALCHECK() \
if (fatalError) return CKR_DEVICE_ERROR; if (fatalError) return CKR_DEVICE_ERROR;
@ -118,7 +118,7 @@ fc_getAttribute(CK_ATTRIBUTE_PTR pTemplate,
#include "pkcs11f.h" #include "pkcs11f.h"
/* ------------- build the CK_CRYPTO_TABLE ------------------------- */ /* ------------- build the CK_CRYPTO_TABLE ------------------------- */
static CK_FUNCTION_LIST pk11_fipsTable = { static CK_FUNCTION_LIST sftk_fipsTable = {
{ 1, 10 }, { 1, 10 },
#undef CK_NEED_ARG_LIST #undef CK_NEED_ARG_LIST
@ -149,7 +149,7 @@ fips_login_if_key_object(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject)
rv = NSC_GetAttributeValue(hSession, hObject, &class, 1); rv = NSC_GetAttributeValue(hSession, hObject, &class, 1);
if (rv == CKR_OK) { if (rv == CKR_OK) {
if ((objClass == CKO_PRIVATE_KEY) || (objClass == CKO_SECRET_KEY)) { if ((objClass == CKO_PRIVATE_KEY) || (objClass == CKO_SECRET_KEY)) {
rv = pk11_fipsCheck(); rv = sftk_fipsCheck();
} }
} }
return rv; return rv;
@ -163,7 +163,7 @@ fips_login_if_key_object(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject)
**********************************************************************/ **********************************************************************/
/* return the function list */ /* return the function list */
CK_RV FC_GetFunctionList(CK_FUNCTION_LIST_PTR *pFunctionList) { CK_RV FC_GetFunctionList(CK_FUNCTION_LIST_PTR *pFunctionList) {
*pFunctionList = &pk11_fipsTable; *pFunctionList = &sftk_fipsTable;
return CKR_OK; return CKR_OK;
} }
@ -180,7 +180,7 @@ CK_RV FC_Initialize(CK_VOID_PTR pReserved) {
crv = nsc_CommonInitialize(pReserved, PR_TRUE); crv = nsc_CommonInitialize(pReserved, PR_TRUE);
/* not an 'else' rv can be set by either PK11_LowInit or PK11_SlotInit*/ /* not an 'else' rv can be set by either SFTK_LowInit or SFTK_SlotInit*/
if (crv != CKR_OK) { if (crv != CKR_OK) {
fatalError = PR_TRUE; fatalError = PR_TRUE;
return crv; return crv;
@ -188,7 +188,7 @@ CK_RV FC_Initialize(CK_VOID_PTR pReserved) {
fatalError = PR_FALSE; /* any error has been reset */ fatalError = PR_FALSE; /* any error has been reset */
crv = pk11_fipsPowerUpSelfTest(); crv = sftk_fipsPowerUpSelfTest();
if (crv != CKR_OK) { if (crv != CKR_OK) {
nsc_CommonFinalize(NULL, PR_TRUE); nsc_CommonFinalize(NULL, PR_TRUE);
fatalError = PR_TRUE; fatalError = PR_TRUE;
@ -252,7 +252,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
/*FC_GetMechanismList obtains a list of mechanism types supported by a token.*/ /*FC_GetMechanismList obtains a list of mechanism types supported by a token.*/
CK_RV FC_GetMechanismList(CK_SLOT_ID slotID, CK_RV FC_GetMechanismList(CK_SLOT_ID slotID,
CK_MECHANISM_TYPE_PTR pMechanismList, CK_ULONG_PTR pusCount) { CK_MECHANISM_TYPE_PTR pMechanismList, CK_ULONG_PTR pusCount) {
PK11_FIPSFATALCHECK(); SFTK_FIPSFATALCHECK();
if (slotID == FIPS_SLOT_ID) slotID = NETSCAPE_SLOT_ID; if (slotID == FIPS_SLOT_ID) slotID = NETSCAPE_SLOT_ID;
/* FIPS Slot supports all functions */ /* FIPS Slot supports all functions */
return NSC_GetMechanismList(slotID,pMechanismList,pusCount); return NSC_GetMechanismList(slotID,pMechanismList,pusCount);
@ -263,7 +263,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
* possibly supported by a token. */ * possibly supported by a token. */
CK_RV FC_GetMechanismInfo(CK_SLOT_ID slotID, CK_MECHANISM_TYPE type, CK_RV FC_GetMechanismInfo(CK_SLOT_ID slotID, CK_MECHANISM_TYPE type,
CK_MECHANISM_INFO_PTR pInfo) { CK_MECHANISM_INFO_PTR pInfo) {
PK11_FIPSFATALCHECK(); SFTK_FIPSFATALCHECK();
if (slotID == FIPS_SLOT_ID) slotID = NETSCAPE_SLOT_ID; if (slotID == FIPS_SLOT_ID) slotID = NETSCAPE_SLOT_ID;
/* FIPS Slot supports all functions */ /* FIPS Slot supports all functions */
return NSC_GetMechanismInfo(slotID,type,pInfo); return NSC_GetMechanismInfo(slotID,type,pInfo);
@ -289,14 +289,14 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
CK_RV FC_SetPIN(CK_SESSION_HANDLE hSession, CK_CHAR_PTR pOldPin, CK_RV FC_SetPIN(CK_SESSION_HANDLE hSession, CK_CHAR_PTR pOldPin,
CK_ULONG usOldLen, CK_CHAR_PTR pNewPin, CK_ULONG usNewLen) { CK_ULONG usOldLen, CK_CHAR_PTR pNewPin, CK_ULONG usNewLen) {
CK_RV rv; CK_RV rv;
if ((rv = pk11_fipsCheck()) != CKR_OK) return rv; if ((rv = sftk_fipsCheck()) != CKR_OK) return rv;
return NSC_SetPIN(hSession,pOldPin,usOldLen,pNewPin,usNewLen); return NSC_SetPIN(hSession,pOldPin,usOldLen,pNewPin,usNewLen);
} }
/* FC_OpenSession opens a session between an application and a token. */ /* FC_OpenSession opens a session between an application and a token. */
CK_RV FC_OpenSession(CK_SLOT_ID slotID, CK_FLAGS flags, CK_RV FC_OpenSession(CK_SLOT_ID slotID, CK_FLAGS flags,
CK_VOID_PTR pApplication,CK_NOTIFY Notify,CK_SESSION_HANDLE_PTR phSession) { CK_VOID_PTR pApplication,CK_NOTIFY Notify,CK_SESSION_HANDLE_PTR phSession) {
PK11_FIPSFATALCHECK(); SFTK_FIPSFATALCHECK();
return NSC_OpenSession(slotID,flags,pApplication,Notify,phSession); return NSC_OpenSession(slotID,flags,pApplication,Notify,phSession);
} }
@ -317,7 +317,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
CK_RV FC_GetSessionInfo(CK_SESSION_HANDLE hSession, CK_RV FC_GetSessionInfo(CK_SESSION_HANDLE hSession,
CK_SESSION_INFO_PTR pInfo) { CK_SESSION_INFO_PTR pInfo) {
CK_RV rv; CK_RV rv;
PK11_FIPSFATALCHECK(); SFTK_FIPSFATALCHECK();
rv = NSC_GetSessionInfo(hSession,pInfo); rv = NSC_GetSessionInfo(hSession,pInfo);
if (rv == CKR_OK) { if (rv == CKR_OK) {
@ -335,7 +335,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
CK_RV FC_Login(CK_SESSION_HANDLE hSession, CK_USER_TYPE userType, CK_RV FC_Login(CK_SESSION_HANDLE hSession, CK_USER_TYPE userType,
CK_CHAR_PTR pPin, CK_ULONG usPinLen) { CK_CHAR_PTR pPin, CK_ULONG usPinLen) {
CK_RV rv; CK_RV rv;
PK11_FIPSFATALCHECK(); SFTK_FIPSFATALCHECK();
rv = NSC_Login(hSession,userType,pPin,usPinLen); rv = NSC_Login(hSession,userType,pPin,usPinLen);
if (rv == CKR_OK) if (rv == CKR_OK)
isLoggedIn = PR_TRUE; isLoggedIn = PR_TRUE;
@ -344,7 +344,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
isLoggedIn = PR_TRUE; isLoggedIn = PR_TRUE;
/* Provide FIPS PUB 140-1 power-up self-tests on demand. */ /* Provide FIPS PUB 140-1 power-up self-tests on demand. */
rv = pk11_fipsPowerUpSelfTest(); rv = sftk_fipsPowerUpSelfTest();
if (rv == CKR_OK) if (rv == CKR_OK)
return CKR_USER_ALREADY_LOGGED_IN; return CKR_USER_ALREADY_LOGGED_IN;
else else
@ -355,7 +355,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
/* FC_Logout logs a user out from a token. */ /* FC_Logout logs a user out from a token. */
CK_RV FC_Logout(CK_SESSION_HANDLE hSession) { CK_RV FC_Logout(CK_SESSION_HANDLE hSession) {
PK11_FIPSCHECK(); SFTK_FIPSCHECK();
rv = NSC_Logout(hSession); rv = NSC_Logout(hSession);
isLoggedIn = PR_FALSE; isLoggedIn = PR_FALSE;
@ -368,7 +368,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
CK_OBJECT_HANDLE_PTR phObject) { CK_OBJECT_HANDLE_PTR phObject) {
CK_OBJECT_CLASS * classptr; CK_OBJECT_CLASS * classptr;
PK11_FIPSCHECK(); SFTK_FIPSCHECK();
classptr = (CK_OBJECT_CLASS *)fc_getAttribute(pTemplate,ulCount,CKA_CLASS); classptr = (CK_OBJECT_CLASS *)fc_getAttribute(pTemplate,ulCount,CKA_CLASS);
if (classptr == NULL) return CKR_TEMPLATE_INCOMPLETE; if (classptr == NULL) return CKR_TEMPLATE_INCOMPLETE;
@ -388,7 +388,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG usCount, CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG usCount,
CK_OBJECT_HANDLE_PTR phNewObject) { CK_OBJECT_HANDLE_PTR phNewObject) {
CK_RV rv; CK_RV rv;
PK11_FIPSFATALCHECK(); SFTK_FIPSFATALCHECK();
rv = fips_login_if_key_object(hSession, hObject); rv = fips_login_if_key_object(hSession, hObject);
if (rv != CKR_OK) { if (rv != CKR_OK) {
return rv; return rv;
@ -401,7 +401,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
CK_RV FC_DestroyObject(CK_SESSION_HANDLE hSession, CK_RV FC_DestroyObject(CK_SESSION_HANDLE hSession,
CK_OBJECT_HANDLE hObject) { CK_OBJECT_HANDLE hObject) {
CK_RV rv; CK_RV rv;
PK11_FIPSFATALCHECK(); SFTK_FIPSFATALCHECK();
rv = fips_login_if_key_object(hSession, hObject); rv = fips_login_if_key_object(hSession, hObject);
if (rv != CKR_OK) { if (rv != CKR_OK) {
return rv; return rv;
@ -414,7 +414,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
CK_RV FC_GetObjectSize(CK_SESSION_HANDLE hSession, CK_RV FC_GetObjectSize(CK_SESSION_HANDLE hSession,
CK_OBJECT_HANDLE hObject, CK_ULONG_PTR pusSize) { CK_OBJECT_HANDLE hObject, CK_ULONG_PTR pusSize) {
CK_RV rv; CK_RV rv;
PK11_FIPSFATALCHECK(); SFTK_FIPSFATALCHECK();
rv = fips_login_if_key_object(hSession, hObject); rv = fips_login_if_key_object(hSession, hObject);
if (rv != CKR_OK) { if (rv != CKR_OK) {
return rv; return rv;
@ -427,7 +427,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
CK_RV FC_GetAttributeValue(CK_SESSION_HANDLE hSession, CK_RV FC_GetAttributeValue(CK_SESSION_HANDLE hSession,
CK_OBJECT_HANDLE hObject,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG usCount) { CK_OBJECT_HANDLE hObject,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG usCount) {
CK_RV rv; CK_RV rv;
PK11_FIPSFATALCHECK(); SFTK_FIPSFATALCHECK();
rv = fips_login_if_key_object(hSession, hObject); rv = fips_login_if_key_object(hSession, hObject);
if (rv != CKR_OK) { if (rv != CKR_OK) {
return rv; return rv;
@ -440,7 +440,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
CK_RV FC_SetAttributeValue (CK_SESSION_HANDLE hSession, CK_RV FC_SetAttributeValue (CK_SESSION_HANDLE hSession,
CK_OBJECT_HANDLE hObject,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG usCount) { CK_OBJECT_HANDLE hObject,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG usCount) {
CK_RV rv; CK_RV rv;
PK11_FIPSFATALCHECK(); SFTK_FIPSFATALCHECK();
rv = fips_login_if_key_object(hSession, hObject); rv = fips_login_if_key_object(hSession, hObject);
if (rv != CKR_OK) { if (rv != CKR_OK) {
return rv; return rv;
@ -459,7 +459,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
CK_RV rv; CK_RV rv;
PRBool needLogin = PR_FALSE; PRBool needLogin = PR_FALSE;
PK11_FIPSFATALCHECK(); SFTK_FIPSFATALCHECK();
for (i=0; i < usCount; i++) { for (i=0; i < usCount; i++) {
CK_OBJECT_CLASS class; CK_OBJECT_CLASS class;
@ -479,7 +479,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
} }
} }
if (needLogin) { if (needLogin) {
if ((rv = pk11_fipsCheck()) != CKR_OK) return rv; if ((rv = sftk_fipsCheck()) != CKR_OK) return rv;
} }
return NSC_FindObjectsInit(hSession,pTemplate,usCount); return NSC_FindObjectsInit(hSession,pTemplate,usCount);
} }
@ -491,7 +491,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
CK_OBJECT_HANDLE_PTR phObject,CK_ULONG usMaxObjectCount, CK_OBJECT_HANDLE_PTR phObject,CK_ULONG usMaxObjectCount,
CK_ULONG_PTR pusObjectCount) { CK_ULONG_PTR pusObjectCount) {
/* let publically readable object be found */ /* let publically readable object be found */
PK11_FIPSFATALCHECK(); SFTK_FIPSFATALCHECK();
return NSC_FindObjects(hSession,phObject,usMaxObjectCount, return NSC_FindObjects(hSession,phObject,usMaxObjectCount,
pusObjectCount); pusObjectCount);
} }
@ -504,7 +504,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
/* FC_EncryptInit initializes an encryption operation. */ /* FC_EncryptInit initializes an encryption operation. */
CK_RV FC_EncryptInit(CK_SESSION_HANDLE hSession, CK_RV FC_EncryptInit(CK_SESSION_HANDLE hSession,
CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) { CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) {
PK11_FIPSCHECK(); SFTK_FIPSCHECK();
return NSC_EncryptInit(hSession,pMechanism,hKey); return NSC_EncryptInit(hSession,pMechanism,hKey);
} }
@ -512,7 +512,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
CK_RV FC_Encrypt (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_RV FC_Encrypt (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
CK_ULONG usDataLen, CK_BYTE_PTR pEncryptedData, CK_ULONG usDataLen, CK_BYTE_PTR pEncryptedData,
CK_ULONG_PTR pusEncryptedDataLen) { CK_ULONG_PTR pusEncryptedDataLen) {
PK11_FIPSCHECK(); SFTK_FIPSCHECK();
return NSC_Encrypt(hSession,pData,usDataLen,pEncryptedData, return NSC_Encrypt(hSession,pData,usDataLen,pEncryptedData,
pusEncryptedDataLen); pusEncryptedDataLen);
} }
@ -522,7 +522,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
CK_RV FC_EncryptUpdate(CK_SESSION_HANDLE hSession, CK_RV FC_EncryptUpdate(CK_SESSION_HANDLE hSession,
CK_BYTE_PTR pPart, CK_ULONG usPartLen, CK_BYTE_PTR pEncryptedPart, CK_BYTE_PTR pPart, CK_ULONG usPartLen, CK_BYTE_PTR pEncryptedPart,
CK_ULONG_PTR pusEncryptedPartLen) { CK_ULONG_PTR pusEncryptedPartLen) {
PK11_FIPSCHECK(); SFTK_FIPSCHECK();
return NSC_EncryptUpdate(hSession,pPart,usPartLen,pEncryptedPart, return NSC_EncryptUpdate(hSession,pPart,usPartLen,pEncryptedPart,
pusEncryptedPartLen); pusEncryptedPartLen);
} }
@ -532,7 +532,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
CK_RV FC_EncryptFinal(CK_SESSION_HANDLE hSession, CK_RV FC_EncryptFinal(CK_SESSION_HANDLE hSession,
CK_BYTE_PTR pLastEncryptedPart, CK_ULONG_PTR pusLastEncryptedPartLen) { CK_BYTE_PTR pLastEncryptedPart, CK_ULONG_PTR pusLastEncryptedPartLen) {
PK11_FIPSCHECK(); SFTK_FIPSCHECK();
return NSC_EncryptFinal(hSession,pLastEncryptedPart, return NSC_EncryptFinal(hSession,pLastEncryptedPart,
pusLastEncryptedPartLen); pusLastEncryptedPartLen);
} }
@ -545,7 +545,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
/* FC_DecryptInit initializes a decryption operation. */ /* FC_DecryptInit initializes a decryption operation. */
CK_RV FC_DecryptInit( CK_SESSION_HANDLE hSession, CK_RV FC_DecryptInit( CK_SESSION_HANDLE hSession,
CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) { CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) {
PK11_FIPSCHECK(); SFTK_FIPSCHECK();
return NSC_DecryptInit(hSession,pMechanism,hKey); return NSC_DecryptInit(hSession,pMechanism,hKey);
} }
@ -553,7 +553,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
CK_RV FC_Decrypt(CK_SESSION_HANDLE hSession, CK_RV FC_Decrypt(CK_SESSION_HANDLE hSession,
CK_BYTE_PTR pEncryptedData,CK_ULONG usEncryptedDataLen,CK_BYTE_PTR pData, CK_BYTE_PTR pEncryptedData,CK_ULONG usEncryptedDataLen,CK_BYTE_PTR pData,
CK_ULONG_PTR pusDataLen) { CK_ULONG_PTR pusDataLen) {
PK11_FIPSCHECK(); SFTK_FIPSCHECK();
return NSC_Decrypt(hSession,pEncryptedData,usEncryptedDataLen,pData, return NSC_Decrypt(hSession,pEncryptedData,usEncryptedDataLen,pData,
pusDataLen); pusDataLen);
} }
@ -563,7 +563,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
CK_RV FC_DecryptUpdate(CK_SESSION_HANDLE hSession, CK_RV FC_DecryptUpdate(CK_SESSION_HANDLE hSession,
CK_BYTE_PTR pEncryptedPart, CK_ULONG usEncryptedPartLen, CK_BYTE_PTR pEncryptedPart, CK_ULONG usEncryptedPartLen,
CK_BYTE_PTR pPart, CK_ULONG_PTR pusPartLen) { CK_BYTE_PTR pPart, CK_ULONG_PTR pusPartLen) {
PK11_FIPSCHECK(); SFTK_FIPSCHECK();
return NSC_DecryptUpdate(hSession,pEncryptedPart,usEncryptedPartLen, return NSC_DecryptUpdate(hSession,pEncryptedPart,usEncryptedPartLen,
pPart,pusPartLen); pPart,pusPartLen);
} }
@ -572,7 +572,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
/* FC_DecryptFinal finishes a multiple-part decryption operation. */ /* FC_DecryptFinal finishes a multiple-part decryption operation. */
CK_RV FC_DecryptFinal(CK_SESSION_HANDLE hSession, CK_RV FC_DecryptFinal(CK_SESSION_HANDLE hSession,
CK_BYTE_PTR pLastPart, CK_ULONG_PTR pusLastPartLen) { CK_BYTE_PTR pLastPart, CK_ULONG_PTR pusLastPartLen) {
PK11_FIPSCHECK(); SFTK_FIPSCHECK();
return NSC_DecryptFinal(hSession,pLastPart,pusLastPartLen); return NSC_DecryptFinal(hSession,pLastPart,pusLastPartLen);
} }
@ -584,7 +584,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
/* FC_DigestInit initializes a message-digesting operation. */ /* FC_DigestInit initializes a message-digesting operation. */
CK_RV FC_DigestInit(CK_SESSION_HANDLE hSession, CK_RV FC_DigestInit(CK_SESSION_HANDLE hSession,
CK_MECHANISM_PTR pMechanism) { CK_MECHANISM_PTR pMechanism) {
PK11_FIPSFATALCHECK(); SFTK_FIPSFATALCHECK();
return NSC_DigestInit(hSession, pMechanism); return NSC_DigestInit(hSession, pMechanism);
} }
@ -593,7 +593,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
CK_RV FC_Digest(CK_SESSION_HANDLE hSession, CK_RV FC_Digest(CK_SESSION_HANDLE hSession,
CK_BYTE_PTR pData, CK_ULONG usDataLen, CK_BYTE_PTR pDigest, CK_BYTE_PTR pData, CK_ULONG usDataLen, CK_BYTE_PTR pDigest,
CK_ULONG_PTR pusDigestLen) { CK_ULONG_PTR pusDigestLen) {
PK11_FIPSFATALCHECK(); SFTK_FIPSFATALCHECK();
return NSC_Digest(hSession,pData,usDataLen,pDigest,pusDigestLen); return NSC_Digest(hSession,pData,usDataLen,pDigest,pusDigestLen);
} }
@ -601,7 +601,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
/* FC_DigestUpdate continues a multiple-part message-digesting operation. */ /* FC_DigestUpdate continues a multiple-part message-digesting operation. */
CK_RV FC_DigestUpdate(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pPart, CK_RV FC_DigestUpdate(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pPart,
CK_ULONG usPartLen) { CK_ULONG usPartLen) {
PK11_FIPSFATALCHECK(); SFTK_FIPSFATALCHECK();
return NSC_DigestUpdate(hSession,pPart,usPartLen); return NSC_DigestUpdate(hSession,pPart,usPartLen);
} }
@ -609,7 +609,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
/* FC_DigestFinal finishes a multiple-part message-digesting operation. */ /* FC_DigestFinal finishes a multiple-part message-digesting operation. */
CK_RV FC_DigestFinal(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pDigest, CK_RV FC_DigestFinal(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pDigest,
CK_ULONG_PTR pusDigestLen) { CK_ULONG_PTR pusDigestLen) {
PK11_FIPSFATALCHECK(); SFTK_FIPSFATALCHECK();
return NSC_DigestFinal(hSession,pDigest,pusDigestLen); return NSC_DigestFinal(hSession,pDigest,pusDigestLen);
} }
@ -623,7 +623,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
* and plaintext cannot be recovered from the signature */ * and plaintext cannot be recovered from the signature */
CK_RV FC_SignInit(CK_SESSION_HANDLE hSession, CK_RV FC_SignInit(CK_SESSION_HANDLE hSession,
CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) { CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) {
PK11_FIPSCHECK(); SFTK_FIPSCHECK();
return NSC_SignInit(hSession,pMechanism,hKey); return NSC_SignInit(hSession,pMechanism,hKey);
} }
@ -634,7 +634,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
CK_RV FC_Sign(CK_SESSION_HANDLE hSession, CK_RV FC_Sign(CK_SESSION_HANDLE hSession,
CK_BYTE_PTR pData,CK_ULONG usDataLen,CK_BYTE_PTR pSignature, CK_BYTE_PTR pData,CK_ULONG usDataLen,CK_BYTE_PTR pSignature,
CK_ULONG_PTR pusSignatureLen) { CK_ULONG_PTR pusSignatureLen) {
PK11_FIPSCHECK(); SFTK_FIPSCHECK();
return NSC_Sign(hSession,pData,usDataLen,pSignature,pusSignatureLen); return NSC_Sign(hSession,pData,usDataLen,pSignature,pusSignatureLen);
} }
@ -644,7 +644,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
* and plaintext cannot be recovered from the signature */ * and plaintext cannot be recovered from the signature */
CK_RV FC_SignUpdate(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pPart, CK_RV FC_SignUpdate(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pPart,
CK_ULONG usPartLen) { CK_ULONG usPartLen) {
PK11_FIPSCHECK(); SFTK_FIPSCHECK();
return NSC_SignUpdate(hSession,pPart,usPartLen); return NSC_SignUpdate(hSession,pPart,usPartLen);
} }
@ -653,7 +653,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
* returning the signature. */ * returning the signature. */
CK_RV FC_SignFinal(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pSignature, CK_RV FC_SignFinal(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pSignature,
CK_ULONG_PTR pusSignatureLen) { CK_ULONG_PTR pusSignatureLen) {
PK11_FIPSCHECK(); SFTK_FIPSCHECK();
return NSC_SignFinal(hSession,pSignature,pusSignatureLen); return NSC_SignFinal(hSession,pSignature,pusSignatureLen);
} }
@ -665,7 +665,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
* E.g. encryption with the user's private key */ * E.g. encryption with the user's private key */
CK_RV FC_SignRecoverInit(CK_SESSION_HANDLE hSession, CK_RV FC_SignRecoverInit(CK_SESSION_HANDLE hSession,
CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey) { CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey) {
PK11_FIPSCHECK(); SFTK_FIPSCHECK();
return NSC_SignRecoverInit(hSession,pMechanism,hKey); return NSC_SignRecoverInit(hSession,pMechanism,hKey);
} }
@ -675,7 +675,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
* E.g. encryption with the user's private key */ * E.g. encryption with the user's private key */
CK_RV FC_SignRecover(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_RV FC_SignRecover(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
CK_ULONG usDataLen, CK_BYTE_PTR pSignature, CK_ULONG_PTR pusSignatureLen) { CK_ULONG usDataLen, CK_BYTE_PTR pSignature, CK_ULONG_PTR pusSignatureLen) {
PK11_FIPSCHECK(); SFTK_FIPSCHECK();
return NSC_SignRecover(hSession,pData,usDataLen,pSignature,pusSignatureLen); return NSC_SignRecover(hSession,pData,usDataLen,pSignature,pusSignatureLen);
} }
@ -688,7 +688,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
* and plaintext cannot be recovered from the signature (e.g. DSA) */ * and plaintext cannot be recovered from the signature (e.g. DSA) */
CK_RV FC_VerifyInit(CK_SESSION_HANDLE hSession, CK_RV FC_VerifyInit(CK_SESSION_HANDLE hSession,
CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey) { CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey) {
PK11_FIPSCHECK(); SFTK_FIPSCHECK();
return NSC_VerifyInit(hSession,pMechanism,hKey); return NSC_VerifyInit(hSession,pMechanism,hKey);
} }
@ -699,7 +699,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
CK_RV FC_Verify(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_RV FC_Verify(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
CK_ULONG usDataLen, CK_BYTE_PTR pSignature, CK_ULONG usSignatureLen) { CK_ULONG usDataLen, CK_BYTE_PTR pSignature, CK_ULONG usSignatureLen) {
/* make sure we're legal */ /* make sure we're legal */
PK11_FIPSCHECK(); SFTK_FIPSCHECK();
return NSC_Verify(hSession,pData,usDataLen,pSignature,usSignatureLen); return NSC_Verify(hSession,pData,usDataLen,pSignature,usSignatureLen);
} }
@ -709,7 +709,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
* and plaintext cannot be recovered from the signature */ * and plaintext cannot be recovered from the signature */
CK_RV FC_VerifyUpdate( CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_RV FC_VerifyUpdate( CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
CK_ULONG usPartLen) { CK_ULONG usPartLen) {
PK11_FIPSCHECK(); SFTK_FIPSCHECK();
return NSC_VerifyUpdate(hSession,pPart,usPartLen); return NSC_VerifyUpdate(hSession,pPart,usPartLen);
} }
@ -718,7 +718,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
* checking the signature. */ * checking the signature. */
CK_RV FC_VerifyFinal(CK_SESSION_HANDLE hSession, CK_RV FC_VerifyFinal(CK_SESSION_HANDLE hSession,
CK_BYTE_PTR pSignature,CK_ULONG usSignatureLen) { CK_BYTE_PTR pSignature,CK_ULONG usSignatureLen) {
PK11_FIPSCHECK(); SFTK_FIPSCHECK();
return NSC_VerifyFinal(hSession,pSignature,usSignatureLen); return NSC_VerifyFinal(hSession,pSignature,usSignatureLen);
} }
@ -731,7 +731,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
* E.g. Decryption with the user's public key */ * E.g. Decryption with the user's public key */
CK_RV FC_VerifyRecoverInit(CK_SESSION_HANDLE hSession, CK_RV FC_VerifyRecoverInit(CK_SESSION_HANDLE hSession,
CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey) { CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey) {
PK11_FIPSCHECK(); SFTK_FIPSCHECK();
return NSC_VerifyRecoverInit(hSession,pMechanism,hKey); return NSC_VerifyRecoverInit(hSession,pMechanism,hKey);
} }
@ -742,7 +742,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
CK_RV FC_VerifyRecover(CK_SESSION_HANDLE hSession, CK_RV FC_VerifyRecover(CK_SESSION_HANDLE hSession,
CK_BYTE_PTR pSignature,CK_ULONG usSignatureLen, CK_BYTE_PTR pSignature,CK_ULONG usSignatureLen,
CK_BYTE_PTR pData,CK_ULONG_PTR pusDataLen) { CK_BYTE_PTR pData,CK_ULONG_PTR pusDataLen) {
PK11_FIPSCHECK(); SFTK_FIPSCHECK();
return NSC_VerifyRecover(hSession,pSignature,usSignatureLen,pData, return NSC_VerifyRecover(hSession,pSignature,usSignatureLen,pData,
pusDataLen); pusDataLen);
} }
@ -757,7 +757,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
CK_OBJECT_HANDLE_PTR phKey) { CK_OBJECT_HANDLE_PTR phKey) {
CK_BBOOL *boolptr; CK_BBOOL *boolptr;
PK11_FIPSCHECK(); SFTK_FIPSCHECK();
/* all secret keys must be sensitive, if the upper level code tries to say /* all secret keys must be sensitive, if the upper level code tries to say
* otherwise, reject it. */ * otherwise, reject it. */
@ -781,7 +781,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
CK_OBJECT_HANDLE_PTR phPrivateKey) { CK_OBJECT_HANDLE_PTR phPrivateKey) {
CK_BBOOL *boolptr; CK_BBOOL *boolptr;
PK11_FIPSCHECK(); SFTK_FIPSCHECK();
/* all private keys must be sensitive, if the upper level code tries to say /* all private keys must be sensitive, if the upper level code tries to say
* otherwise, reject it. */ * otherwise, reject it. */
@ -803,7 +803,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hWrappingKey, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hWrappingKey,
CK_OBJECT_HANDLE hKey, CK_BYTE_PTR pWrappedKey, CK_OBJECT_HANDLE hKey, CK_BYTE_PTR pWrappedKey,
CK_ULONG_PTR pusWrappedKeyLen) { CK_ULONG_PTR pusWrappedKeyLen) {
PK11_FIPSCHECK(); SFTK_FIPSCHECK();
return NSC_WrapKey(hSession,pMechanism,hWrappingKey,hKey,pWrappedKey, return NSC_WrapKey(hSession,pMechanism,hWrappingKey,hKey,pWrappedKey,
pusWrappedKeyLen); pusWrappedKeyLen);
} }
@ -817,7 +817,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
CK_OBJECT_HANDLE_PTR phKey) { CK_OBJECT_HANDLE_PTR phKey) {
CK_BBOOL *boolptr; CK_BBOOL *boolptr;
PK11_FIPSCHECK(); SFTK_FIPSCHECK();
/* all secret keys must be sensitive, if the upper level code tries to say /* all secret keys must be sensitive, if the upper level code tries to say
* otherwise, reject it. */ * otherwise, reject it. */
@ -840,7 +840,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
CK_OBJECT_HANDLE_PTR phKey) { CK_OBJECT_HANDLE_PTR phKey) {
CK_BBOOL *boolptr; CK_BBOOL *boolptr;
PK11_FIPSCHECK(); SFTK_FIPSCHECK();
/* all secret keys must be sensitive, if the upper level code tries to say /* all secret keys must be sensitive, if the upper level code tries to say
* otherwise, reject it. */ * otherwise, reject it. */
@ -865,7 +865,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
CK_ULONG usSeedLen) { CK_ULONG usSeedLen) {
CK_RV crv; CK_RV crv;
PK11_FIPSFATALCHECK(); SFTK_FIPSFATALCHECK();
crv = NSC_SeedRandom(hSession,pSeed,usSeedLen); crv = NSC_SeedRandom(hSession,pSeed,usSeedLen);
if (crv != CKR_OK) { if (crv != CKR_OK) {
fatalError = PR_TRUE; fatalError = PR_TRUE;
@ -879,7 +879,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
CK_BYTE_PTR pRandomData, CK_ULONG usRandomLen) { CK_BYTE_PTR pRandomData, CK_ULONG usRandomLen) {
CK_RV crv; CK_RV crv;
PK11_FIPSFATALCHECK(); SFTK_FIPSFATALCHECK();
crv = NSC_GenerateRandom(hSession,pRandomData,usRandomLen); crv = NSC_GenerateRandom(hSession,pRandomData,usRandomLen);
if (crv != CKR_OK) { if (crv != CKR_OK) {
fatalError = PR_TRUE; fatalError = PR_TRUE;
@ -891,14 +891,14 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
/* FC_GetFunctionStatus obtains an updated status of a function running /* FC_GetFunctionStatus obtains an updated status of a function running
* in parallel with an application. */ * in parallel with an application. */
CK_RV FC_GetFunctionStatus(CK_SESSION_HANDLE hSession) { CK_RV FC_GetFunctionStatus(CK_SESSION_HANDLE hSession) {
PK11_FIPSCHECK(); SFTK_FIPSCHECK();
return NSC_GetFunctionStatus(hSession); return NSC_GetFunctionStatus(hSession);
} }
/* FC_CancelFunction cancels a function running in parallel */ /* FC_CancelFunction cancels a function running in parallel */
CK_RV FC_CancelFunction(CK_SESSION_HANDLE hSession) { CK_RV FC_CancelFunction(CK_SESSION_HANDLE hSession) {
PK11_FIPSCHECK(); SFTK_FIPSCHECK();
return NSC_CancelFunction(hSession); return NSC_CancelFunction(hSession);
} }
@ -910,7 +910,7 @@ CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
*operation in a session. */ *operation in a session. */
CK_RV FC_GetOperationState(CK_SESSION_HANDLE hSession, CK_RV FC_GetOperationState(CK_SESSION_HANDLE hSession,
CK_BYTE_PTR pOperationState, CK_ULONG_PTR pulOperationStateLen) { CK_BYTE_PTR pOperationState, CK_ULONG_PTR pulOperationStateLen) {
PK11_FIPSFATALCHECK(); SFTK_FIPSFATALCHECK();
return NSC_GetOperationState(hSession,pOperationState,pulOperationStateLen); return NSC_GetOperationState(hSession,pOperationState,pulOperationStateLen);
} }
@ -920,7 +920,7 @@ CK_RV FC_GetOperationState(CK_SESSION_HANDLE hSession,
CK_RV FC_SetOperationState(CK_SESSION_HANDLE hSession, CK_RV FC_SetOperationState(CK_SESSION_HANDLE hSession,
CK_BYTE_PTR pOperationState, CK_ULONG ulOperationStateLen, CK_BYTE_PTR pOperationState, CK_ULONG ulOperationStateLen,
CK_OBJECT_HANDLE hEncryptionKey, CK_OBJECT_HANDLE hAuthenticationKey) { CK_OBJECT_HANDLE hEncryptionKey, CK_OBJECT_HANDLE hAuthenticationKey) {
PK11_FIPSFATALCHECK(); SFTK_FIPSFATALCHECK();
return NSC_SetOperationState(hSession,pOperationState,ulOperationStateLen, return NSC_SetOperationState(hSession,pOperationState,ulOperationStateLen,
hEncryptionKey,hAuthenticationKey); hEncryptionKey,hAuthenticationKey);
} }
@ -928,7 +928,7 @@ CK_RV FC_SetOperationState(CK_SESSION_HANDLE hSession,
/* FC_FindObjectsFinal finishes a search for token and session objects. */ /* FC_FindObjectsFinal finishes a search for token and session objects. */
CK_RV FC_FindObjectsFinal(CK_SESSION_HANDLE hSession) { CK_RV FC_FindObjectsFinal(CK_SESSION_HANDLE hSession) {
/* let publically readable object be found */ /* let publically readable object be found */
PK11_FIPSFATALCHECK(); SFTK_FIPSFATALCHECK();
return NSC_FindObjectsFinal(hSession); return NSC_FindObjectsFinal(hSession);
} }
@ -940,7 +940,7 @@ CK_RV FC_FindObjectsFinal(CK_SESSION_HANDLE hSession) {
CK_RV FC_DigestEncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_RV FC_DigestEncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart, CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart,
CK_ULONG_PTR pulEncryptedPartLen) { CK_ULONG_PTR pulEncryptedPartLen) {
PK11_FIPSCHECK(); SFTK_FIPSCHECK();
return NSC_DigestEncryptUpdate(hSession,pPart,ulPartLen,pEncryptedPart, return NSC_DigestEncryptUpdate(hSession,pPart,ulPartLen,pEncryptedPart,
pulEncryptedPartLen); pulEncryptedPartLen);
} }
@ -952,7 +952,7 @@ CK_RV FC_DecryptDigestUpdate(CK_SESSION_HANDLE hSession,
CK_BYTE_PTR pEncryptedPart, CK_ULONG ulEncryptedPartLen, CK_BYTE_PTR pEncryptedPart, CK_ULONG ulEncryptedPartLen,
CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen) { CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen) {
PK11_FIPSCHECK(); SFTK_FIPSCHECK();
return NSC_DecryptDigestUpdate(hSession, pEncryptedPart,ulEncryptedPartLen, return NSC_DecryptDigestUpdate(hSession, pEncryptedPart,ulEncryptedPartLen,
pPart,pulPartLen); pPart,pulPartLen);
} }
@ -963,7 +963,7 @@ CK_RV FC_SignEncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart, CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart,
CK_ULONG_PTR pulEncryptedPartLen) { CK_ULONG_PTR pulEncryptedPartLen) {
PK11_FIPSCHECK(); SFTK_FIPSCHECK();
return NSC_SignEncryptUpdate(hSession,pPart,ulPartLen,pEncryptedPart, return NSC_SignEncryptUpdate(hSession,pPart,ulPartLen,pEncryptedPart,
pulEncryptedPartLen); pulEncryptedPartLen);
} }
@ -974,7 +974,7 @@ CK_RV FC_DecryptVerifyUpdate(CK_SESSION_HANDLE hSession,
CK_BYTE_PTR pEncryptedData, CK_ULONG ulEncryptedDataLen, CK_BYTE_PTR pEncryptedData, CK_ULONG ulEncryptedDataLen,
CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen) { CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen) {
PK11_FIPSCHECK(); SFTK_FIPSCHECK();
return NSC_DecryptVerifyUpdate(hSession,pEncryptedData,ulEncryptedDataLen, return NSC_DecryptVerifyUpdate(hSession,pEncryptedData,ulEncryptedDataLen,
pData,pulDataLen); pData,pulDataLen);
} }
@ -984,7 +984,7 @@ CK_RV FC_DecryptVerifyUpdate(CK_SESSION_HANDLE hSession,
* by digesting the value of a secret key as part of the data already digested. * by digesting the value of a secret key as part of the data already digested.
*/ */
CK_RV FC_DigestKey(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey) { CK_RV FC_DigestKey(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey) {
PK11_FIPSCHECK(); SFTK_FIPSCHECK();
return NSC_DigestKey(hSession,hKey); return NSC_DigestKey(hSession,hKey);
} }

4
security/nss/lib/softoken/pcertdb.c
Просмотреть файл

@ -37,7 +37,7 @@
/* /*
* Permanent Certificate database handling code * Permanent Certificate database handling code
* *
* $Id: pcertdb.c,v 1.48 2004/04/25 15:03:16 gerv%gerv.net Exp $ * $Id: pcertdb.c,v 1.49 2005/03/29 18:21:18 nelsonb%netscape.com Exp $
*/ */
#include "prtime.h" #include "prtime.h"
@ -48,7 +48,7 @@
#include "secitem.h" #include "secitem.h"
#include "secder.h" #include "secder.h"
/* Call to PK11_FreeSlot below */ /* Call to SFTK_FreeSlot below */
#include "secasn1.h" #include "secasn1.h"
#include "secerr.h" #include "secerr.h"

176
security/nss/lib/softoken/pk11db.c
Просмотреть файл

@ -48,83 +48,83 @@
#define FREE_CLEAR(p) if (p) { PORT_Free(p); p = NULL; } #define FREE_CLEAR(p) if (p) { PORT_Free(p); p = NULL; }
static void static void
secmod_parseTokenFlags(char *tmp, pk11_token_parameters *parsed) { secmod_parseTokenFlags(char *tmp, sftk_token_parameters *parsed) {
parsed->readOnly = pk11_argHasFlag("flags","readOnly",tmp); parsed->readOnly = sftk_argHasFlag("flags","readOnly",tmp);
parsed->noCertDB = pk11_argHasFlag("flags","noCertDB",tmp); parsed->noCertDB = sftk_argHasFlag("flags","noCertDB",tmp);
parsed->noKeyDB = pk11_argHasFlag("flags","noKeyDB",tmp); parsed->noKeyDB = sftk_argHasFlag("flags","noKeyDB",tmp);
parsed->forceOpen = pk11_argHasFlag("flags","forceOpen",tmp); parsed->forceOpen = sftk_argHasFlag("flags","forceOpen",tmp);
parsed->pwRequired = pk11_argHasFlag("flags","passwordRequired",tmp); parsed->pwRequired = sftk_argHasFlag("flags","passwordRequired",tmp);
parsed->optimizeSpace = pk11_argHasFlag("flags","optimizeSpace",tmp); parsed->optimizeSpace = sftk_argHasFlag("flags","optimizeSpace",tmp);
return; return;
} }
static void static void
secmod_parseFlags(char *tmp, pk11_parameters *parsed) { secmod_parseFlags(char *tmp, sftk_parameters *parsed) {
parsed->noModDB = pk11_argHasFlag("flags","noModDB",tmp); parsed->noModDB = sftk_argHasFlag("flags","noModDB",tmp);
parsed->readOnly = pk11_argHasFlag("flags","readOnly",tmp); parsed->readOnly = sftk_argHasFlag("flags","readOnly",tmp);
/* keep legacy interface working */ /* keep legacy interface working */
parsed->noCertDB = pk11_argHasFlag("flags","noCertDB",tmp); parsed->noCertDB = sftk_argHasFlag("flags","noCertDB",tmp);
parsed->forceOpen = pk11_argHasFlag("flags","forceOpen",tmp); parsed->forceOpen = sftk_argHasFlag("flags","forceOpen",tmp);
parsed->pwRequired = pk11_argHasFlag("flags","passwordRequired",tmp); parsed->pwRequired = sftk_argHasFlag("flags","passwordRequired",tmp);
parsed->optimizeSpace = pk11_argHasFlag("flags","optimizeSpace",tmp); parsed->optimizeSpace = sftk_argHasFlag("flags","optimizeSpace",tmp);
return; return;
} }
CK_RV CK_RV
secmod_parseTokenParameters(char *param, pk11_token_parameters *parsed) secmod_parseTokenParameters(char *param, sftk_token_parameters *parsed)
{ {
int next; int next;
char *tmp; char *tmp;
char *index; char *index;
index = pk11_argStrip(param); index = sftk_argStrip(param);
while (*index) { while (*index) {
PK11_HANDLE_STRING_ARG(index,parsed->configdir,"configDir=",;) SFTK_HANDLE_STRING_ARG(index,parsed->configdir,"configDir=",;)
PK11_HANDLE_STRING_ARG(index,parsed->certPrefix,"certPrefix=",;) SFTK_HANDLE_STRING_ARG(index,parsed->certPrefix,"certPrefix=",;)
PK11_HANDLE_STRING_ARG(index,parsed->keyPrefix,"keyPrefix=",;) SFTK_HANDLE_STRING_ARG(index,parsed->keyPrefix,"keyPrefix=",;)
PK11_HANDLE_STRING_ARG(index,parsed->tokdes,"tokenDescription=",;) SFTK_HANDLE_STRING_ARG(index,parsed->tokdes,"tokenDescription=",;)
PK11_HANDLE_STRING_ARG(index,parsed->slotdes,"slotDescription=",;) SFTK_HANDLE_STRING_ARG(index,parsed->slotdes,"slotDescription=",;)
PK11_HANDLE_STRING_ARG(index,tmp,"minPWLen=", SFTK_HANDLE_STRING_ARG(index,tmp,"minPWLen=",
if(tmp) { parsed->minPW=atoi(tmp); PORT_Free(tmp); }) if(tmp) { parsed->minPW=atoi(tmp); PORT_Free(tmp); })
PK11_HANDLE_STRING_ARG(index,tmp,"flags=", SFTK_HANDLE_STRING_ARG(index,tmp,"flags=",
if(tmp) { secmod_parseTokenFlags(param,parsed); PORT_Free(tmp); }) if(tmp) { secmod_parseTokenFlags(param,parsed); PORT_Free(tmp); })
PK11_HANDLE_FINAL_ARG(index) SFTK_HANDLE_FINAL_ARG(index)
} }
return CKR_OK; return CKR_OK;
} }
static void static void
secmod_parseTokens(char *tokenParams, pk11_parameters *parsed) secmod_parseTokens(char *tokenParams, sftk_parameters *parsed)
{ {
char *tokenIndex; char *tokenIndex;
pk11_token_parameters *tokens = NULL; sftk_token_parameters *tokens = NULL;
int i=0,count = 0,next; int i=0,count = 0,next;
if ((tokenParams == NULL) || (*tokenParams == 0)) return; if ((tokenParams == NULL) || (*tokenParams == 0)) return;
/* first count the number of slots */ /* first count the number of slots */
for (tokenIndex = pk11_argStrip(tokenParams); *tokenIndex; for (tokenIndex = sftk_argStrip(tokenParams); *tokenIndex;
tokenIndex = pk11_argStrip(pk11_argSkipParameter(tokenIndex))) { tokenIndex = sftk_argStrip(sftk_argSkipParameter(tokenIndex))) {
count++; count++;
} }
/* get the data structures */ /* get the data structures */
tokens = (pk11_token_parameters *) tokens = (sftk_token_parameters *)
PORT_ZAlloc(count*sizeof(pk11_token_parameters)); PORT_ZAlloc(count*sizeof(sftk_token_parameters));
if (tokens == NULL) return; if (tokens == NULL) return;
for (tokenIndex = pk11_argStrip(tokenParams), i = 0; for (tokenIndex = sftk_argStrip(tokenParams), i = 0;
*tokenIndex && i < count ; i++ ) { *tokenIndex && i < count ; i++ ) {
char *name; char *name;
name = pk11_argGetName(tokenIndex,&next); name = sftk_argGetName(tokenIndex,&next);
tokenIndex += next; tokenIndex += next;
tokens[i].slotID = pk11_argDecodeNumber(name); tokens[i].slotID = sftk_argDecodeNumber(name);
tokens[i].readOnly = PR_TRUE; tokens[i].readOnly = PR_TRUE;
tokens[i].noCertDB = PR_TRUE; tokens[i].noCertDB = PR_TRUE;
tokens[i].noKeyDB = PR_TRUE; tokens[i].noKeyDB = PR_TRUE;
if (!pk11_argIsBlank(*tokenIndex)) { if (!sftk_argIsBlank(*tokenIndex)) {
char *args = pk11_argFetchValue(tokenIndex,&next); char *args = sftk_argFetchValue(tokenIndex,&next);
tokenIndex += next; tokenIndex += next;
if (args) { if (args) {
secmod_parseTokenParameters(args,&tokens[i]); secmod_parseTokenParameters(args,&tokens[i]);
@ -132,7 +132,7 @@ secmod_parseTokens(char *tokenParams, pk11_parameters *parsed)
} }
} }
if (name) PORT_Free(name); if (name) PORT_Free(name);
tokenIndex = pk11_argStrip(tokenIndex); tokenIndex = sftk_argStrip(tokenIndex);
} }
parsed->token_count = i; parsed->token_count = i;
parsed->tokens = tokens; parsed->tokens = tokens;
@ -140,7 +140,7 @@ secmod_parseTokens(char *tokenParams, pk11_parameters *parsed)
} }
CK_RV CK_RV
secmod_parseParameters(char *param, pk11_parameters *parsed, PRBool isFIPS) secmod_parseParameters(char *param, sftk_parameters *parsed, PRBool isFIPS)
{ {
int next; int next;
char *tmp; char *tmp;
@ -150,39 +150,39 @@ secmod_parseParameters(char *param, pk11_parameters *parsed, PRBool isFIPS)
char *slotdes = NULL, *pslotdes = NULL; char *slotdes = NULL, *pslotdes = NULL;
char *fslotdes = NULL, *fpslotdes = NULL; char *fslotdes = NULL, *fpslotdes = NULL;
char *minPW = NULL; char *minPW = NULL;
index = pk11_argStrip(param); index = sftk_argStrip(param);
PORT_Memset(parsed, 0, sizeof(pk11_parameters)); PORT_Memset(parsed, 0, sizeof(sftk_parameters));
while (*index) { while (*index) {
PK11_HANDLE_STRING_ARG(index,parsed->configdir,"configDir=",;) SFTK_HANDLE_STRING_ARG(index,parsed->configdir,"configDir=",;)
PK11_HANDLE_STRING_ARG(index,parsed->secmodName,"secmod=",;) SFTK_HANDLE_STRING_ARG(index,parsed->secmodName,"secmod=",;)
PK11_HANDLE_STRING_ARG(index,parsed->man,"manufacturerID=",;) SFTK_HANDLE_STRING_ARG(index,parsed->man,"manufacturerID=",;)
PK11_HANDLE_STRING_ARG(index,parsed->libdes,"libraryDescription=",;) SFTK_HANDLE_STRING_ARG(index,parsed->libdes,"libraryDescription=",;)
/* constructed values, used so legacy interfaces still work */ /* constructed values, used so legacy interfaces still work */
PK11_HANDLE_STRING_ARG(index,certPrefix,"certPrefix=",;) SFTK_HANDLE_STRING_ARG(index,certPrefix,"certPrefix=",;)
PK11_HANDLE_STRING_ARG(index,keyPrefix,"keyPrefix=",;) SFTK_HANDLE_STRING_ARG(index,keyPrefix,"keyPrefix=",;)
PK11_HANDLE_STRING_ARG(index,tokdes,"cryptoTokenDescription=",;) SFTK_HANDLE_STRING_ARG(index,tokdes,"cryptoTokenDescription=",;)
PK11_HANDLE_STRING_ARG(index,ptokdes,"dbTokenDescription=",;) SFTK_HANDLE_STRING_ARG(index,ptokdes,"dbTokenDescription=",;)
PK11_HANDLE_STRING_ARG(index,slotdes,"cryptoSlotDescription=",;) SFTK_HANDLE_STRING_ARG(index,slotdes,"cryptoSlotDescription=",;)
PK11_HANDLE_STRING_ARG(index,pslotdes,"dbSlotDescription=",;) SFTK_HANDLE_STRING_ARG(index,pslotdes,"dbSlotDescription=",;)
PK11_HANDLE_STRING_ARG(index,fslotdes,"FIPSSlotDescription=",;) SFTK_HANDLE_STRING_ARG(index,fslotdes,"FIPSSlotDescription=",;)
PK11_HANDLE_STRING_ARG(index,minPW,"FIPSTokenDescription=",;) SFTK_HANDLE_STRING_ARG(index,minPW,"FIPSTokenDescription=",;)
PK11_HANDLE_STRING_ARG(index,tmp,"minPWLen=",;) SFTK_HANDLE_STRING_ARG(index,tmp,"minPWLen=",;)
PK11_HANDLE_STRING_ARG(index,tmp,"flags=", SFTK_HANDLE_STRING_ARG(index,tmp,"flags=",
if(tmp) { secmod_parseFlags(param,parsed); PORT_Free(tmp); }) if(tmp) { secmod_parseFlags(param,parsed); PORT_Free(tmp); })
PK11_HANDLE_STRING_ARG(index,tmp,"tokens=", SFTK_HANDLE_STRING_ARG(index,tmp,"tokens=",
if(tmp) { secmod_parseTokens(tmp,parsed); PORT_Free(tmp); }) if(tmp) { secmod_parseTokens(tmp,parsed); PORT_Free(tmp); })
PK11_HANDLE_FINAL_ARG(index) SFTK_HANDLE_FINAL_ARG(index)
} }
if (parsed->tokens == NULL) { if (parsed->tokens == NULL) {
int count = isFIPS ? 1 : 2; int count = isFIPS ? 1 : 2;
int index = count-1; int index = count-1;
pk11_token_parameters *tokens = NULL; sftk_token_parameters *tokens = NULL;
tokens = (pk11_token_parameters *) tokens = (sftk_token_parameters *)
PORT_ZAlloc(count*sizeof(pk11_token_parameters)); PORT_ZAlloc(count*sizeof(sftk_token_parameters));
if (tokens == NULL) { if (tokens == NULL) {
goto loser; goto loser;
} }
@ -235,7 +235,7 @@ loser:
} }
void void
secmod_freeParams(pk11_parameters *params) secmod_freeParams(sftk_parameters *params)
{ {
int i; int i;
@ -264,18 +264,18 @@ secmod_getSecmodName(char *param, char **appName, char **filename,PRBool *rw)
char *value = NULL; char *value = NULL;
char *save_params = param; char *save_params = param;
const char *lconfigdir; const char *lconfigdir;
param = pk11_argStrip(param); param = sftk_argStrip(param);
while (*param) { while (*param) {
PK11_HANDLE_STRING_ARG(param,configdir,"configDir=",;) SFTK_HANDLE_STRING_ARG(param,configdir,"configDir=",;)
PK11_HANDLE_STRING_ARG(param,secmodName,"secmod=",;) SFTK_HANDLE_STRING_ARG(param,secmodName,"secmod=",;)
PK11_HANDLE_FINAL_ARG(param) SFTK_HANDLE_FINAL_ARG(param)
} }
*rw = PR_TRUE; *rw = PR_TRUE;
if (pk11_argHasFlag("flags","readOnly",save_params) || if (sftk_argHasFlag("flags","readOnly",save_params) ||
pk11_argHasFlag("flags","noModDB",save_params)) *rw = PR_FALSE; sftk_argHasFlag("flags","noModDB",save_params)) *rw = PR_FALSE;
if (!secmodName || *secmodName == '\0') { if (!secmodName || *secmodName == '\0') {
if (secmodName) PORT_Free(secmodName); if (secmodName) PORT_Free(secmodName);
@ -283,7 +283,7 @@ secmod_getSecmodName(char *param, char **appName, char **filename,PRBool *rw)
} }
*filename = secmodName; *filename = secmodName;
lconfigdir = pk11_EvaluateConfigDir(configdir, appName); lconfigdir = sftk_EvaluateConfigDir(configdir, appName);
if (lconfigdir) { if (lconfigdir) {
value = PR_smprintf("%s" PATH_SEPARATOR "%s",lconfigdir,secmodName); value = PR_smprintf("%s" PATH_SEPARATOR "%s",lconfigdir,secmodName);
@ -299,9 +299,9 @@ static SECStatus secmod_MakeKey(DBT *key, char * module) {
int len = 0; int len = 0;
char *commonName; char *commonName;
commonName = pk11_argGetParamValue("name",module); commonName = sftk_argGetParamValue("name",module);
if (commonName == NULL) { if (commonName == NULL) {
commonName = pk11_argGetParamValue("library",module); commonName = sftk_argGetParamValue("library",module);
} }
if (commonName == NULL) return SECFailure; if (commonName == NULL) return SECFailure;
len = PORT_Strlen(commonName); len = PORT_Strlen(commonName);
@ -393,7 +393,7 @@ secmod_EncodeData(DBT *data, char * module)
PK11PreSlotInfo *slotInfo = NULL; PK11PreSlotInfo *slotInfo = NULL;
SECStatus rv = SECFailure; SECStatus rv = SECFailure;
rv = pk11_argParseModuleSpec(module,&dllName,&commonName,&param,&nss); rv = sftk_argParseModuleSpec(module,&dllName,&commonName,&param,&nss);
if (rv != SECSuccess) return rv; if (rv != SECSuccess) return rv;
rv = SECFailure; rv = SECFailure;
@ -410,8 +410,8 @@ secmod_EncodeData(DBT *data, char * module)
len3 = PORT_Strlen(param); len3 = PORT_Strlen(param);
} }
slotParams = pk11_argGetParamValue("slotParams",nss); slotParams = sftk_argGetParamValue("slotParams",nss);
slotInfo = pk11_argParseSlotInfo(NULL,slotParams,&count); slotInfo = sftk_argParseSlotInfo(NULL,slotParams,&count);
if (slotParams) PORT_Free(slotParams); if (slotParams) PORT_Free(slotParams);
if (count && slotInfo == NULL) { if (count && slotInfo == NULL) {
@ -435,24 +435,24 @@ secmod_EncodeData(DBT *data, char * module)
encoded->major = SECMOD_DB_VERSION_MAJOR; encoded->major = SECMOD_DB_VERSION_MAJOR;
encoded->minor = SECMOD_DB_VERSION_MINOR; encoded->minor = SECMOD_DB_VERSION_MINOR;
encoded->internal = (unsigned char) encoded->internal = (unsigned char)
(pk11_argHasFlag("flags","internal",nss) ? 1 : 0); (sftk_argHasFlag("flags","internal",nss) ? 1 : 0);
encoded->fips = (unsigned char) encoded->fips = (unsigned char)
(pk11_argHasFlag("flags","FIPS",nss) ? 1 : 0); (sftk_argHasFlag("flags","FIPS",nss) ? 1 : 0);
encoded->isModuleDB = (unsigned char) encoded->isModuleDB = (unsigned char)
(pk11_argHasFlag("flags","isModuleDB",nss) ? 1 : 0); (sftk_argHasFlag("flags","isModuleDB",nss) ? 1 : 0);
encoded->isModuleDBOnly = (unsigned char) encoded->isModuleDBOnly = (unsigned char)
(pk11_argHasFlag("flags","isModuleDBOnly",nss) ? 1 : 0); (sftk_argHasFlag("flags","isModuleDBOnly",nss) ? 1 : 0);
encoded->isCritical = (unsigned char) encoded->isCritical = (unsigned char)
(pk11_argHasFlag("flags","critical",nss) ? 1 : 0); (sftk_argHasFlag("flags","critical",nss) ? 1 : 0);
order = pk11_argReadLong("trustOrder",nss, PK11_DEFAULT_TRUST_ORDER, NULL); order = sftk_argReadLong("trustOrder",nss, SFTK_DEFAULT_TRUST_ORDER, NULL);
SECMOD_PUTLONG(encoded->trustOrder,order); SECMOD_PUTLONG(encoded->trustOrder,order);
order = pk11_argReadLong("cipherOrder",nss,PK11_DEFAULT_CIPHER_ORDER,NULL); order = sftk_argReadLong("cipherOrder",nss,SFTK_DEFAULT_CIPHER_ORDER,NULL);
SECMOD_PUTLONG(encoded->cipherOrder,order); SECMOD_PUTLONG(encoded->cipherOrder,order);
ciphers = pk11_argGetParamValue("ciphers",nss); ciphers = sftk_argGetParamValue("ciphers",nss);
pk11_argSetNewCipherFlags(&ssl[0], ciphers); sftk_argSetNewCipherFlags(&ssl[0], ciphers);
SECMOD_PUTLONG(encoded->ssl,ssl[0]); SECMOD_PUTLONG(encoded->ssl,ssl[0]);
SECMOD_PUTLONG(&encoded->ssl[4],ssl[1]); SECMOD_PUTLONG(&encoded->ssl[4],ssl[1]);
if (ciphers) PORT_Free(ciphers); if (ciphers) PORT_Free(ciphers);
@ -549,8 +549,8 @@ secmod_DecodeData(char *defParams, DBT *data, PRBool *retInternal)
unsigned long slotID; unsigned long slotID;
unsigned long defaultFlags; unsigned long defaultFlags;
unsigned long timeout; unsigned long timeout;
unsigned long trustOrder =PK11_DEFAULT_TRUST_ORDER; unsigned long trustOrder =SFTK_DEFAULT_TRUST_ORDER;
unsigned long cipherOrder =PK11_DEFAULT_CIPHER_ORDER; unsigned long cipherOrder =SFTK_DEFAULT_CIPHER_ORDER;
unsigned short len; unsigned short len;
unsigned short namesOffset = 0; /* start of the names block */ unsigned short namesOffset = 0; /* start of the names block */
unsigned long namesRunningOffset; /* offset to name we are unsigned long namesRunningOffset; /* offset to name we are
@ -726,14 +726,14 @@ secmod_DecodeData(char *defParams, DBT *data, PRBool *retInternal)
hasRootCerts = slots->hasRootCerts; hasRootCerts = slots->hasRootCerts;
if (isOldVersion && internal && (slotID != 2)) { if (isOldVersion && internal && (slotID != 2)) {
unsigned long internalFlags= unsigned long internalFlags=
pk11_argSlotFlags("slotFlags",SECMOD_SLOT_FLAGS); sftk_argSlotFlags("slotFlags",SECMOD_SLOT_FLAGS);
defaultFlags |= internalFlags; defaultFlags |= internalFlags;
} }
if (hasRootCerts && !extended) { if (hasRootCerts && !extended) {
trustOrder = 100; trustOrder = 100;
} }
slotStrings[i] = pk11_mkSlotString(slotID, defaultFlags, timeout, slotStrings[i] = sftk_mkSlotString(slotID, defaultFlags, timeout,
(unsigned char)slots->askpw, (unsigned char)slots->askpw,
hasRootCerts, hasRootTrust); hasRootCerts, hasRootTrust);
if (slotStrings[i] == NULL) { if (slotStrings[i] == NULL) {
@ -742,13 +742,13 @@ secmod_DecodeData(char *defParams, DBT *data, PRBool *retInternal)
} }
} }
nss = pk11_mkNSS(slotStrings, slotCount, internal, isFIPS, isModuleDB, nss = sftk_mkNSS(slotStrings, slotCount, internal, isFIPS, isModuleDB,
isModuleDBOnly, internal, trustOrder, cipherOrder, isModuleDBOnly, internal, trustOrder, cipherOrder,
ssl0, ssl1); ssl0, ssl1);
secmod_FreeSlotStrings(slotStrings,slotCount); secmod_FreeSlotStrings(slotStrings,slotCount);
/* it's permissible (and normal) for nss to be NULL. it simply means /* it's permissible (and normal) for nss to be NULL. it simply means
* there are no NSS specific parameters in the database */ * there are no NSS specific parameters in the database */
moduleSpec = pk11_mkNewModuleSpec(dllName,commonName,parameters,nss); moduleSpec = sftk_mkNewModuleSpec(dllName,commonName,parameters,nss);
PR_smprintf_free(nss); PR_smprintf_free(nss);
PORT_FreeArena(arena,PR_TRUE); PORT_FreeArena(arena,PR_TRUE);
return moduleSpec; return moduleSpec;
@ -855,7 +855,7 @@ secmod_addEscape(const char *string, char quote)
} }
#define SECMOD_STEP 10 #define SECMOD_STEP 10
#define PK11_DEFAULT_INTERNAL_INIT "library= name=\"NSS Internal PKCS #11 Module\" parameters=\"%s\" NSS=\"Flags=internal,critical trustOrder=75 cipherOrder=100 slotParams=(1={%s askpw=any timeout=30})\"" #define SFTK_DEFAULT_INTERNAL_INIT "library= name=\"NSS Internal PKCS #11 Module\" parameters=\"%s\" NSS=\"Flags=internal,critical trustOrder=75 cipherOrder=100 slotParams=(1={%s askpw=any timeout=30})\""
/* /*
* Read all the existing modules in * Read all the existing modules in
*/ */
@ -905,7 +905,7 @@ done:
if (!moduleList[0]) { if (!moduleList[0]) {
char * newparams = secmod_addEscape(params,'"'); char * newparams = secmod_addEscape(params,'"');
if (newparams) { if (newparams) {
moduleList[0] = PR_smprintf(PK11_DEFAULT_INTERNAL_INIT,newparams, moduleList[0] = PR_smprintf(SFTK_DEFAULT_INTERNAL_INIT,newparams,
SECMOD_SLOT_FLAGS); SECMOD_SLOT_FLAGS);
PORT_Free(newparams); PORT_Free(newparams);
} }

328
security/nss/lib/softoken/pk11pars.h
Просмотреть файл

@ -51,61 +51,61 @@
#include "secmodt.h" #include "secmodt.h"
#include "pk11init.h" #include "pk11init.h"
#define PK11_ARG_LIBRARY_PARAMETER "library=" #define SFTK_ARG_LIBRARY_PARAMETER "library="
#define PK11_ARG_NAME_PARAMETER "name=" #define SFTK_ARG_NAME_PARAMETER "name="
#define PK11_ARG_MODULE_PARAMETER "parameters=" #define SFTK_ARG_MODULE_PARAMETER "parameters="
#define PK11_ARG_NSS_PARAMETER "NSS=" #define SFTK_ARG_NSS_PARAMETER "NSS="
#define PK11_ARG_FORTEZZA_FLAG "FORTEZZA" #define SFTK_ARG_FORTEZZA_FLAG "FORTEZZA"
#define PK11_ARG_ESCAPE '\\' #define SFTK_ARG_ESCAPE '\\'
struct pk11argSlotFlagTable { struct sftkargSlotFlagTable {
char *name; char *name;
int len; int len;
unsigned long value; unsigned long value;
}; };
#define PK11_DEFAULT_CIPHER_ORDER 0 #define SFTK_DEFAULT_CIPHER_ORDER 0
#define PK11_DEFAULT_TRUST_ORDER 50 #define SFTK_DEFAULT_TRUST_ORDER 50
#define PK11_ARG_ENTRY(arg,flag) \ #define SFTK_ARG_ENTRY(arg,flag) \
{ #arg , sizeof(#arg)-1, flag } { #arg , sizeof(#arg)-1, flag }
static struct pk11argSlotFlagTable pk11_argSlotFlagTable[] = { static struct sftkargSlotFlagTable sftk_argSlotFlagTable[] = {
PK11_ARG_ENTRY(RSA,SECMOD_RSA_FLAG), SFTK_ARG_ENTRY(RSA,SECMOD_RSA_FLAG),
PK11_ARG_ENTRY(DSA,SECMOD_RSA_FLAG), SFTK_ARG_ENTRY(DSA,SECMOD_RSA_FLAG),
PK11_ARG_ENTRY(RC2,SECMOD_RC4_FLAG), SFTK_ARG_ENTRY(RC2,SECMOD_RC4_FLAG),
PK11_ARG_ENTRY(RC4,SECMOD_RC2_FLAG), SFTK_ARG_ENTRY(RC4,SECMOD_RC2_FLAG),
PK11_ARG_ENTRY(DES,SECMOD_DES_FLAG), SFTK_ARG_ENTRY(DES,SECMOD_DES_FLAG),
PK11_ARG_ENTRY(DH,SECMOD_DH_FLAG), SFTK_ARG_ENTRY(DH,SECMOD_DH_FLAG),
PK11_ARG_ENTRY(FORTEZZA,SECMOD_FORTEZZA_FLAG), SFTK_ARG_ENTRY(FORTEZZA,SECMOD_FORTEZZA_FLAG),
PK11_ARG_ENTRY(RC5,SECMOD_RC5_FLAG), SFTK_ARG_ENTRY(RC5,SECMOD_RC5_FLAG),
PK11_ARG_ENTRY(SHA1,SECMOD_SHA1_FLAG), SFTK_ARG_ENTRY(SHA1,SECMOD_SHA1_FLAG),
PK11_ARG_ENTRY(MD5,SECMOD_MD5_FLAG), SFTK_ARG_ENTRY(MD5,SECMOD_MD5_FLAG),
PK11_ARG_ENTRY(MD2,SECMOD_MD2_FLAG), SFTK_ARG_ENTRY(MD2,SECMOD_MD2_FLAG),
PK11_ARG_ENTRY(SSL,SECMOD_SSL_FLAG), SFTK_ARG_ENTRY(SSL,SECMOD_SSL_FLAG),
PK11_ARG_ENTRY(TLS,SECMOD_TLS_FLAG), SFTK_ARG_ENTRY(TLS,SECMOD_TLS_FLAG),
PK11_ARG_ENTRY(AES,SECMOD_AES_FLAG), SFTK_ARG_ENTRY(AES,SECMOD_AES_FLAG),
PK11_ARG_ENTRY(PublicCerts,SECMOD_FRIENDLY_FLAG), SFTK_ARG_ENTRY(PublicCerts,SECMOD_FRIENDLY_FLAG),
PK11_ARG_ENTRY(RANDOM,SECMOD_RANDOM_FLAG), SFTK_ARG_ENTRY(RANDOM,SECMOD_RANDOM_FLAG),
}; };
#define PK11_HANDLE_STRING_ARG(param,target,value,command) \ #define SFTK_HANDLE_STRING_ARG(param,target,value,command) \
if (PORT_Strncasecmp(param,value,sizeof(value)-1) == 0) { \ if (PORT_Strncasecmp(param,value,sizeof(value)-1) == 0) { \
param += sizeof(value)-1; \ param += sizeof(value)-1; \
target = pk11_argFetchValue(param,&next); \ target = sftk_argFetchValue(param,&next); \
param += next; \ param += next; \
command ;\ command ;\
} else } else
#define PK11_HANDLE_FINAL_ARG(param) \ #define SFTK_HANDLE_FINAL_ARG(param) \
{ param = pk11_argSkipParameter(param); } param = pk11_argStrip(param); { param = sftk_argSkipParameter(param); } param = sftk_argStrip(param);
static int pk11_argSlotFlagTableSize = static int sftk_argSlotFlagTableSize =
sizeof(pk11_argSlotFlagTable)/sizeof(pk11_argSlotFlagTable[0]); sizeof(sftk_argSlotFlagTable)/sizeof(sftk_argSlotFlagTable[0]);
static PRBool pk11_argGetPair(char c) { static PRBool sftk_argGetPair(char c) {
switch (c) { switch (c) {
case '\'': return c; case '\'': return c;
case '\"': return c; case '\"': return c;
@ -118,15 +118,15 @@ static PRBool pk11_argGetPair(char c) {
return ' '; return ' ';
} }
static PRBool pk11_argIsBlank(char c) { static PRBool sftk_argIsBlank(char c) {
return isspace(c); return isspace(c);
} }
static PRBool pk11_argIsEscape(char c) { static PRBool sftk_argIsEscape(char c) {
return c == '\\'; return c == '\\';
} }
static PRBool pk11_argIsQuote(char c) { static PRBool sftk_argIsQuote(char c) {
switch (c) { switch (c) {
case '\'': case '\'':
case '\"': case '\"':
@ -139,7 +139,7 @@ static PRBool pk11_argIsQuote(char c) {
return PR_FALSE; return PR_FALSE;
} }
static PRBool pk11_argHasChar(char *v, char c) static PRBool sftk_argHasChar(char *v, char c)
{ {
for ( ;*v; v++) { for ( ;*v; v++) {
if (*v == c) return PR_TRUE; if (*v == c) return PR_TRUE;
@ -147,26 +147,26 @@ static PRBool pk11_argHasChar(char *v, char c)
return PR_FALSE; return PR_FALSE;
} }
static PRBool pk11_argHasBlanks(char *v) static PRBool sftk_argHasBlanks(char *v)
{ {
for ( ;*v; v++) { for ( ;*v; v++) {
if (pk11_argIsBlank(*v)) return PR_TRUE; if (sftk_argIsBlank(*v)) return PR_TRUE;
} }
return PR_FALSE; return PR_FALSE;
} }
static char *pk11_argStrip(char *c) { static char *sftk_argStrip(char *c) {
while (*c && pk11_argIsBlank(*c)) c++; while (*c && sftk_argIsBlank(*c)) c++;
return c; return c;
} }
static char * static char *
pk11_argFindEnd(char *string) { sftk_argFindEnd(char *string) {
char endChar = ' '; char endChar = ' ';
PRBool lastEscape = PR_FALSE; PRBool lastEscape = PR_FALSE;
if (pk11_argIsQuote(*string)) { if (sftk_argIsQuote(*string)) {
endChar = pk11_argGetPair(*string); endChar = sftk_argGetPair(*string);
string++; string++;
} }
@ -175,11 +175,11 @@ pk11_argFindEnd(char *string) {
lastEscape = PR_FALSE; lastEscape = PR_FALSE;
continue; continue;
} }
if (pk11_argIsEscape(*string) && !lastEscape) { if (sftk_argIsEscape(*string) && !lastEscape) {
lastEscape = PR_TRUE; lastEscape = PR_TRUE;
continue; continue;
} }
if ((endChar == ' ') && pk11_argIsBlank(*string)) break; if ((endChar == ' ') && sftk_argIsBlank(*string)) break;
if (*string == endChar) { if (*string == endChar) {
break; break;
} }
@ -189,9 +189,9 @@ pk11_argFindEnd(char *string) {
} }
static char * static char *
pk11_argFetchValue(char *string, int *pcount) sftk_argFetchValue(char *string, int *pcount)
{ {
char *end = pk11_argFindEnd(string); char *end = sftk_argFindEnd(string);
char *retString, *copyString; char *retString, *copyString;
PRBool lastEscape = PR_FALSE; PRBool lastEscape = PR_FALSE;
@ -202,9 +202,9 @@ pk11_argFetchValue(char *string, int *pcount)
copyString = retString = (char *)PORT_Alloc(*pcount); copyString = retString = (char *)PORT_Alloc(*pcount);
if (retString == NULL) return NULL; if (retString == NULL) return NULL;
if (pk11_argIsQuote(*string)) string++; if (sftk_argIsQuote(*string)) string++;
for (; string < end; string++) { for (; string < end; string++) {
if (pk11_argIsEscape(*string) && !lastEscape) { if (sftk_argIsEscape(*string) && !lastEscape) {
lastEscape = PR_TRUE; lastEscape = PR_TRUE;
continue; continue;
} }
@ -216,44 +216,44 @@ pk11_argFetchValue(char *string, int *pcount)
} }
static char * static char *
pk11_argSkipParameter(char *string) sftk_argSkipParameter(char *string)
{ {
char *end; char *end;
/* look for the end of the <name>= */ /* look for the end of the <name>= */
for (;*string; string++) { for (;*string; string++) {
if (*string == '=') { string++; break; } if (*string == '=') { string++; break; }
if (pk11_argIsBlank(*string)) return(string); if (sftk_argIsBlank(*string)) return(string);
} }
end = pk11_argFindEnd(string); end = sftk_argFindEnd(string);
if (*end) end++; if (*end) end++;
return end; return end;
} }
static SECStatus static SECStatus
pk11_argParseModuleSpec(char *modulespec, char **lib, char **mod, sftk_argParseModuleSpec(char *modulespec, char **lib, char **mod,
char **parameters, char **nss) char **parameters, char **nss)
{ {
int next; int next;
modulespec = pk11_argStrip(modulespec); modulespec = sftk_argStrip(modulespec);
*lib = *mod = *parameters = *nss = 0; *lib = *mod = *parameters = *nss = 0;
while (*modulespec) { while (*modulespec) {
PK11_HANDLE_STRING_ARG(modulespec,*lib,PK11_ARG_LIBRARY_PARAMETER,;) SFTK_HANDLE_STRING_ARG(modulespec,*lib,SFTK_ARG_LIBRARY_PARAMETER,;)
PK11_HANDLE_STRING_ARG(modulespec,*mod,PK11_ARG_NAME_PARAMETER,;) SFTK_HANDLE_STRING_ARG(modulespec,*mod,SFTK_ARG_NAME_PARAMETER,;)
PK11_HANDLE_STRING_ARG(modulespec,*parameters, SFTK_HANDLE_STRING_ARG(modulespec,*parameters,
PK11_ARG_MODULE_PARAMETER,;) SFTK_ARG_MODULE_PARAMETER,;)
PK11_HANDLE_STRING_ARG(modulespec,*nss,PK11_ARG_NSS_PARAMETER,;) SFTK_HANDLE_STRING_ARG(modulespec,*nss,SFTK_ARG_NSS_PARAMETER,;)
PK11_HANDLE_FINAL_ARG(modulespec) SFTK_HANDLE_FINAL_ARG(modulespec)
} }
return SECSuccess; return SECSuccess;
} }
static char * static char *
pk11_argGetParamValue(char *paramName,char *parameters) sftk_argGetParamValue(char *paramName,char *parameters)
{ {
char searchValue[256]; char searchValue[256];
int paramLen = strlen(paramName); int paramLen = strlen(paramName);
@ -269,19 +269,19 @@ pk11_argGetParamValue(char *paramName,char *parameters)
while (*parameters) { while (*parameters) {
if (PORT_Strncasecmp(parameters,searchValue,paramLen+1) == 0) { if (PORT_Strncasecmp(parameters,searchValue,paramLen+1) == 0) {
parameters += paramLen+1; parameters += paramLen+1;
returnValue = pk11_argFetchValue(parameters,&next); returnValue = sftk_argFetchValue(parameters,&next);
break; break;
} else { } else {
parameters = pk11_argSkipParameter(parameters); parameters = sftk_argSkipParameter(parameters);
} }
parameters = pk11_argStrip(parameters); parameters = sftk_argStrip(parameters);
} }
return returnValue; return returnValue;
} }
static char * static char *
pk11_argNextFlag(char *flags) sftk_argNextFlag(char *flags)
{ {
for (; *flags ; flags++) { for (; *flags ; flags++) {
if (*flags == ',') { if (*flags == ',') {
@ -293,16 +293,16 @@ pk11_argNextFlag(char *flags)
} }
static PRBool static PRBool
pk11_argHasFlag(char *label, char *flag, char *parameters) sftk_argHasFlag(char *label, char *flag, char *parameters)
{ {
char *flags,*index; char *flags,*index;
int len = strlen(flag); int len = strlen(flag);
PRBool found = PR_FALSE; PRBool found = PR_FALSE;
flags = pk11_argGetParamValue(label,parameters); flags = sftk_argGetParamValue(label,parameters);
if (flags == NULL) return PR_FALSE; if (flags == NULL) return PR_FALSE;
for (index=flags; *index; index=pk11_argNextFlag(index)) { for (index=flags; *index; index=sftk_argNextFlag(index)) {
if (PORT_Strncasecmp(index,flag,len) == 0) { if (PORT_Strncasecmp(index,flag,len) == 0) {
found=PR_TRUE; found=PR_TRUE;
break; break;
@ -313,14 +313,14 @@ pk11_argHasFlag(char *label, char *flag, char *parameters)
} }
static void static void
pk11_argSetNewCipherFlags(unsigned long *newCiphers,char *cipherList) sftk_argSetNewCipherFlags(unsigned long *newCiphers,char *cipherList)
{ {
newCiphers[0] = newCiphers[1] = 0; newCiphers[0] = newCiphers[1] = 0;
if ((cipherList == NULL) || (*cipherList == 0)) return; if ((cipherList == NULL) || (*cipherList == 0)) return;
for (;*cipherList; cipherList=pk11_argNextFlag(cipherList)) { for (;*cipherList; cipherList=sftk_argNextFlag(cipherList)) {
if (PORT_Strncasecmp(cipherList,PK11_ARG_FORTEZZA_FLAG, if (PORT_Strncasecmp(cipherList,SFTK_ARG_FORTEZZA_FLAG,
sizeof(PK11_ARG_FORTEZZA_FLAG)-1) == 0) { sizeof(SFTK_ARG_FORTEZZA_FLAG)-1) == 0) {
newCiphers[0] |= SECMOD_FORTEZZA_FLAG; newCiphers[0] |= SECMOD_FORTEZZA_FLAG;
} }
@ -341,7 +341,7 @@ pk11_argSetNewCipherFlags(unsigned long *newCiphers,char *cipherList)
* decode a number. handle octal (leading '0'), hex (leading '0x') or decimal * decode a number. handle octal (leading '0'), hex (leading '0x') or decimal
*/ */
static long static long
pk11_argDecodeNumber(char *num) sftk_argDecodeNumber(char *num)
{ {
int radix = 10; int radix = 10;
unsigned long value = 0; unsigned long value = 0;
@ -351,7 +351,7 @@ pk11_argDecodeNumber(char *num)
if (num == NULL) return retValue; if (num == NULL) return retValue;
num = pk11_argStrip(num); num = sftk_argStrip(num);
if (*num == '-') { if (*num == '-') {
sign = -1; sign = -1;
@ -387,18 +387,18 @@ pk11_argDecodeNumber(char *num)
} }
static long static long
pk11_argReadLong(char *label,char *params, long defValue, PRBool *isdefault) sftk_argReadLong(char *label,char *params, long defValue, PRBool *isdefault)
{ {
char *value; char *value;
long retValue; long retValue;
if (isdefault) *isdefault = PR_FALSE; if (isdefault) *isdefault = PR_FALSE;
value = pk11_argGetParamValue(label,params); value = sftk_argGetParamValue(label,params);
if (value == NULL) { if (value == NULL) {
if (isdefault) *isdefault = PR_TRUE; if (isdefault) *isdefault = PR_TRUE;
return defValue; return defValue;
} }
retValue = pk11_argDecodeNumber(value); retValue = sftk_argDecodeNumber(value);
if (value) PORT_Free(value); if (value) PORT_Free(value);
return retValue; return retValue;
@ -406,23 +406,23 @@ pk11_argReadLong(char *label,char *params, long defValue, PRBool *isdefault)
static unsigned long static unsigned long
pk11_argSlotFlags(char *label,char *params) sftk_argSlotFlags(char *label,char *params)
{ {
char *flags,*index; char *flags,*index;
unsigned long retValue = 0; unsigned long retValue = 0;
int i; int i;
PRBool all = PR_FALSE; PRBool all = PR_FALSE;
flags = pk11_argGetParamValue(label,params); flags = sftk_argGetParamValue(label,params);
if (flags == NULL) return 0; if (flags == NULL) return 0;
if (PORT_Strcasecmp(flags,"all") == 0) all = PR_TRUE; if (PORT_Strcasecmp(flags,"all") == 0) all = PR_TRUE;
for (index=flags; *index; index=pk11_argNextFlag(index)) { for (index=flags; *index; index=sftk_argNextFlag(index)) {
for (i=0; i < pk11_argSlotFlagTableSize; i++) { for (i=0; i < sftk_argSlotFlagTableSize; i++) {
if (all || (PORT_Strncasecmp(index, pk11_argSlotFlagTable[i].name, if (all || (PORT_Strncasecmp(index, sftk_argSlotFlagTable[i].name,
pk11_argSlotFlagTable[i].len) == 0)) { sftk_argSlotFlagTable[i].len) == 0)) {
retValue |= pk11_argSlotFlagTable[i].value; retValue |= sftk_argSlotFlagTable[i].value;
} }
} }
} }
@ -432,15 +432,15 @@ pk11_argSlotFlags(char *label,char *params)
static void static void
pk11_argDecodeSingleSlotInfo(char *name,char *params,PK11PreSlotInfo *slotInfo) sftk_argDecodeSingleSlotInfo(char *name,char *params,PK11PreSlotInfo *slotInfo)
{ {
char *askpw; char *askpw;
slotInfo->slotID=pk11_argDecodeNumber(name); slotInfo->slotID=sftk_argDecodeNumber(name);
slotInfo->defaultFlags=pk11_argSlotFlags("slotFlags",params); slotInfo->defaultFlags=sftk_argSlotFlags("slotFlags",params);
slotInfo->timeout=pk11_argReadLong("timeout",params, 0, NULL); slotInfo->timeout=sftk_argReadLong("timeout",params, 0, NULL);
askpw = pk11_argGetParamValue("askpw",params); askpw = sftk_argGetParamValue("askpw",params);
slotInfo->askpw = 0; slotInfo->askpw = 0;
if (askpw) { if (askpw) {
@ -452,12 +452,12 @@ pk11_argDecodeSingleSlotInfo(char *name,char *params,PK11PreSlotInfo *slotInfo)
PORT_Free(askpw); PORT_Free(askpw);
slotInfo->defaultFlags |= PK11_OWN_PW_DEFAULTS; slotInfo->defaultFlags |= PK11_OWN_PW_DEFAULTS;
} }
slotInfo->hasRootCerts = pk11_argHasFlag("rootFlags","hasRootCerts",params); slotInfo->hasRootCerts = sftk_argHasFlag("rootFlags","hasRootCerts",params);
slotInfo->hasRootTrust = pk11_argHasFlag("rootFlags","hasRootTrust",params); slotInfo->hasRootTrust = sftk_argHasFlag("rootFlags","hasRootTrust",params);
} }
static char * static char *
pk11_argGetName(char *inString, int *next) sftk_argGetName(char *inString, int *next)
{ {
char *name=NULL; char *name=NULL;
char *string; char *string;
@ -466,7 +466,7 @@ pk11_argGetName(char *inString, int *next)
/* look for the end of the <name>= */ /* look for the end of the <name>= */
for (string = inString;*string; string++) { for (string = inString;*string; string++) {
if (*string == '=') { break; } if (*string == '=') { break; }
if (pk11_argIsBlank(*string)) break; if (sftk_argIsBlank(*string)) break;
} }
len = string - inString; len = string - inString;
@ -482,7 +482,7 @@ pk11_argGetName(char *inString, int *next)
} }
static PK11PreSlotInfo * static PK11PreSlotInfo *
pk11_argParseSlotInfo(PRArenaPool *arena, char *slotParams, int *retCount) sftk_argParseSlotInfo(PRArenaPool *arena, char *slotParams, int *retCount)
{ {
char *slotIndex; char *slotIndex;
PK11PreSlotInfo *slotInfo = NULL; PK11PreSlotInfo *slotInfo = NULL;
@ -492,8 +492,8 @@ pk11_argParseSlotInfo(PRArenaPool *arena, char *slotParams, int *retCount)
if ((slotParams == NULL) || (*slotParams == 0)) return NULL; if ((slotParams == NULL) || (*slotParams == 0)) return NULL;
/* first count the number of slots */ /* first count the number of slots */
for (slotIndex = pk11_argStrip(slotParams); *slotIndex; for (slotIndex = sftk_argStrip(slotParams); *slotIndex;
slotIndex = pk11_argStrip(pk11_argSkipParameter(slotIndex))) { slotIndex = sftk_argStrip(sftk_argSkipParameter(slotIndex))) {
count++; count++;
} }
@ -508,38 +508,38 @@ pk11_argParseSlotInfo(PRArenaPool *arena, char *slotParams, int *retCount)
} }
if (slotInfo == NULL) return NULL; if (slotInfo == NULL) return NULL;
for (slotIndex = pk11_argStrip(slotParams), i = 0; for (slotIndex = sftk_argStrip(slotParams), i = 0;
*slotIndex && i < count ; ) { *slotIndex && i < count ; ) {
char *name; char *name;
name = pk11_argGetName(slotIndex,&next); name = sftk_argGetName(slotIndex,&next);
slotIndex += next; slotIndex += next;
if (!pk11_argIsBlank(*slotIndex)) { if (!sftk_argIsBlank(*slotIndex)) {
char *args = pk11_argFetchValue(slotIndex,&next); char *args = sftk_argFetchValue(slotIndex,&next);
slotIndex += next; slotIndex += next;
if (args) { if (args) {
pk11_argDecodeSingleSlotInfo(name,args,&slotInfo[i]); sftk_argDecodeSingleSlotInfo(name,args,&slotInfo[i]);
i++; i++;
PORT_Free(args); PORT_Free(args);
} }
} }
if (name) PORT_Free(name); if (name) PORT_Free(name);
slotIndex = pk11_argStrip(slotIndex); slotIndex = sftk_argStrip(slotIndex);
} }
*retCount = i; *retCount = i;
return slotInfo; return slotInfo;
} }
static char *pk11_nullString = ""; static char *sftk_nullString = "";
static char * static char *
pk11_formatValue(PRArenaPool *arena, char *value, char quote) sftk_formatValue(PRArenaPool *arena, char *value, char quote)
{ {
char *vp,*vp2,*retval; char *vp,*vp2,*retval;
int size = 0, escapes = 0; int size = 0, escapes = 0;
for (vp=value; *vp ;vp++) { for (vp=value; *vp ;vp++) {
if ((*vp == quote) || (*vp == PK11_ARG_ESCAPE)) escapes++; if ((*vp == quote) || (*vp == SFTK_ARG_ESCAPE)) escapes++;
size++; size++;
} }
if (arena) { if (arena) {
@ -550,48 +550,48 @@ pk11_formatValue(PRArenaPool *arena, char *value, char quote)
if (retval == NULL) return NULL; if (retval == NULL) return NULL;
vp2 = retval; vp2 = retval;
for (vp=value; *vp; vp++) { for (vp=value; *vp; vp++) {
if ((*vp == quote) || (*vp == PK11_ARG_ESCAPE)) if ((*vp == quote) || (*vp == SFTK_ARG_ESCAPE))
*vp2++ = PK11_ARG_ESCAPE; *vp2++ = SFTK_ARG_ESCAPE;
*vp2++ = *vp; *vp2++ = *vp;
} }
return retval; return retval;
} }
static char *pk11_formatPair(char *name,char *value, char quote) static char *sftk_formatPair(char *name,char *value, char quote)
{ {
char openQuote = quote; char openQuote = quote;
char closeQuote = pk11_argGetPair(quote); char closeQuote = sftk_argGetPair(quote);
char *newValue = NULL; char *newValue = NULL;
char *returnValue; char *returnValue;
PRBool need_quote = PR_FALSE; PRBool need_quote = PR_FALSE;
if (!value || (*value == 0)) return pk11_nullString; if (!value || (*value == 0)) return sftk_nullString;
if (pk11_argHasBlanks(value) || pk11_argIsQuote(value[0])) if (sftk_argHasBlanks(value) || sftk_argIsQuote(value[0]))
need_quote=PR_TRUE; need_quote=PR_TRUE;
if ((need_quote && pk11_argHasChar(value,closeQuote)) if ((need_quote && sftk_argHasChar(value,closeQuote))
|| pk11_argHasChar(value,PK11_ARG_ESCAPE)) { || sftk_argHasChar(value,SFTK_ARG_ESCAPE)) {
value = newValue = pk11_formatValue(NULL, value,quote); value = newValue = sftk_formatValue(NULL, value,quote);
if (newValue == NULL) return pk11_nullString; if (newValue == NULL) return sftk_nullString;
} }
if (need_quote) { if (need_quote) {
returnValue = PR_smprintf("%s=%c%s%c",name,openQuote,value,closeQuote); returnValue = PR_smprintf("%s=%c%s%c",name,openQuote,value,closeQuote);
} else { } else {
returnValue = PR_smprintf("%s=%s",name,value); returnValue = PR_smprintf("%s=%s",name,value);
} }
if (returnValue == NULL) returnValue = pk11_nullString; if (returnValue == NULL) returnValue = sftk_nullString;
if (newValue) PORT_Free(newValue); if (newValue) PORT_Free(newValue);
return returnValue; return returnValue;
} }
static char *pk11_formatIntPair(char *name,unsigned long value, unsigned long def) static char *sftk_formatIntPair(char *name,unsigned long value, unsigned long def)
{ {
char *returnValue; char *returnValue;
if (value == def) return pk11_nullString; if (value == def) return sftk_nullString;
returnValue = PR_smprintf("%s=%d",name,value); returnValue = PR_smprintf("%s=%d",name,value);
@ -599,9 +599,9 @@ static char *pk11_formatIntPair(char *name,unsigned long value, unsigned long de
} }
static void static void
pk11_freePair(char *pair) sftk_freePair(char *pair)
{ {
if (pair && pair != pk11_nullString) { if (pair && pair != sftk_nullString) {
PR_smprintf_free(pair); PR_smprintf_free(pair);
} }
} }
@ -609,7 +609,7 @@ pk11_freePair(char *pair)
#define MAX_FLAG_SIZE sizeof("internal")+sizeof("FIPS")+sizeof("moduleDB")+\ #define MAX_FLAG_SIZE sizeof("internal")+sizeof("FIPS")+sizeof("moduleDB")+\
sizeof("moduleDBOnly")+sizeof("critical") sizeof("moduleDBOnly")+sizeof("critical")
static char * static char *
pk11_mkNSSFlags(PRBool internal, PRBool isFIPS, sftk_mkNSSFlags(PRBool internal, PRBool isFIPS,
PRBool isModuleDB, PRBool isModuleDBOnly, PRBool isCritical) PRBool isModuleDB, PRBool isModuleDBOnly, PRBool isCritical)
{ {
char *flags = (char *)PORT_ZAlloc(MAX_FLAG_SIZE); char *flags = (char *)PORT_ZAlloc(MAX_FLAG_SIZE);
@ -644,7 +644,7 @@ pk11_mkNSSFlags(PRBool internal, PRBool isFIPS,
} }
static char * static char *
pk11_mkCipherFlags(unsigned long ssl0, unsigned long ssl1) sftk_mkCipherFlags(unsigned long ssl0, unsigned long ssl1)
{ {
char *cipher = NULL; char *cipher = NULL;
int i; int i;
@ -685,7 +685,7 @@ pk11_mkCipherFlags(unsigned long ssl0, unsigned long ssl1)
} }
static char * static char *
pk11_mkSlotFlags(unsigned long defaultFlags) sftk_mkSlotFlags(unsigned long defaultFlags)
{ {
char *flags=NULL; char *flags=NULL;
int i,j; int i,j;
@ -694,9 +694,9 @@ pk11_mkSlotFlags(unsigned long defaultFlags)
if (defaultFlags & (1<<i)) { if (defaultFlags & (1<<i)) {
char *string = NULL; char *string = NULL;
for (j=0; j < pk11_argSlotFlagTableSize; j++) { for (j=0; j < sftk_argSlotFlagTableSize; j++) {
if (pk11_argSlotFlagTable[j].value == (((unsigned long)1)<<i)) { if (sftk_argSlotFlagTable[j].value == (((unsigned long)1)<<i)) {
string = pk11_argSlotFlagTable[j].name; string = sftk_argSlotFlagTable[j].name;
break; break;
} }
} }
@ -716,15 +716,15 @@ pk11_mkSlotFlags(unsigned long defaultFlags)
return flags; return flags;
} }
#define PK11_MAX_ROOT_FLAG_SIZE sizeof("hasRootCerts")+sizeof("hasRootTrust") #define SFTK_MAX_ROOT_FLAG_SIZE sizeof("hasRootCerts")+sizeof("hasRootTrust")
static char * static char *
pk11_mkRootFlags(PRBool hasRootCerts, PRBool hasRootTrust) sftk_mkRootFlags(PRBool hasRootCerts, PRBool hasRootTrust)
{ {
char *flags= (char *)PORT_ZAlloc(PK11_MAX_ROOT_FLAG_SIZE); char *flags= (char *)PORT_ZAlloc(SFTK_MAX_ROOT_FLAG_SIZE);
PRBool first = PR_TRUE; PRBool first = PR_TRUE;
PORT_Memset(flags,0,PK11_MAX_ROOT_FLAG_SIZE); PORT_Memset(flags,0,SFTK_MAX_ROOT_FLAG_SIZE);
if (hasRootCerts) { if (hasRootCerts) {
PORT_Strcat(flags,"hasRootCerts"); PORT_Strcat(flags,"hasRootCerts");
first = PR_FALSE; first = PR_FALSE;
@ -738,7 +738,7 @@ pk11_mkRootFlags(PRBool hasRootCerts, PRBool hasRootTrust)
} }
static char * static char *
pk11_mkSlotString(unsigned long slotID, unsigned long defaultFlags, sftk_mkSlotString(unsigned long slotID, unsigned long defaultFlags,
unsigned long timeout, unsigned char askpw_in, unsigned long timeout, unsigned char askpw_in,
PRBool hasRootCerts, PRBool hasRootTrust) { PRBool hasRootCerts, PRBool hasRootTrust) {
char *askpw,*flags,*rootFlags,*slotString; char *askpw,*flags,*rootFlags,*slotString;
@ -755,10 +755,10 @@ pk11_mkSlotString(unsigned long slotID, unsigned long defaultFlags,
askpw = "any"; askpw = "any";
break; break;
} }
flags = pk11_mkSlotFlags(defaultFlags); flags = sftk_mkSlotFlags(defaultFlags);
rootFlags = pk11_mkRootFlags(hasRootCerts,hasRootTrust); rootFlags = sftk_mkRootFlags(hasRootCerts,hasRootTrust);
flagPair=pk11_formatPair("slotFlags",flags,'\''); flagPair=sftk_formatPair("slotFlags",flags,'\'');
rootFlagsPair=pk11_formatPair("rootFlags",rootFlags,'\''); rootFlagsPair=sftk_formatPair("rootFlags",rootFlags,'\'');
if (flags) PR_smprintf_free(flags); if (flags) PR_smprintf_free(flags);
if (rootFlags) PORT_Free(rootFlags); if (rootFlags) PORT_Free(rootFlags);
if (defaultFlags & PK11_OWN_PW_DEFAULTS) { if (defaultFlags & PK11_OWN_PW_DEFAULTS) {
@ -769,13 +769,13 @@ pk11_mkSlotString(unsigned long slotID, unsigned long defaultFlags,
slotString = PR_smprintf("0x%08lx=[%s %s]", slotString = PR_smprintf("0x%08lx=[%s %s]",
(PRUint32)slotID,flagPair,rootFlagsPair); (PRUint32)slotID,flagPair,rootFlagsPair);
} }
pk11_freePair(flagPair); sftk_freePair(flagPair);
pk11_freePair(rootFlagsPair); sftk_freePair(rootFlagsPair);
return slotString; return slotString;
} }
static char * static char *
pk11_mkNSS(char **slotStrings, int slotCount, PRBool internal, PRBool isFIPS, sftk_mkNSS(char **slotStrings, int slotCount, PRBool internal, PRBool isFIPS,
PRBool isModuleDB, PRBool isModuleDBOnly, PRBool isCritical, PRBool isModuleDB, PRBool isModuleDBOnly, PRBool isCritical,
unsigned long trustOrder, unsigned long cipherOrder, unsigned long trustOrder, unsigned long cipherOrder,
unsigned long ssl0, unsigned long ssl1) { unsigned long ssl0, unsigned long ssl1) {
@ -805,29 +805,29 @@ pk11_mkNSS(char **slotStrings, int slotCount, PRBool internal, PRBool isFIPS,
/* /*
* now the NSS structure * now the NSS structure
*/ */
nssFlags = pk11_mkNSSFlags(internal,isFIPS,isModuleDB,isModuleDBOnly, nssFlags = sftk_mkNSSFlags(internal,isFIPS,isModuleDB,isModuleDBOnly,
isCritical); isCritical);
/* for now only the internal module is critical */ /* for now only the internal module is critical */
ciphers = pk11_mkCipherFlags(ssl0, ssl1); ciphers = sftk_mkCipherFlags(ssl0, ssl1);
trustOrderPair=pk11_formatIntPair("trustOrder",trustOrder, trustOrderPair=sftk_formatIntPair("trustOrder",trustOrder,
PK11_DEFAULT_TRUST_ORDER); SFTK_DEFAULT_TRUST_ORDER);
cipherOrderPair=pk11_formatIntPair("cipherOrder",cipherOrder, cipherOrderPair=sftk_formatIntPair("cipherOrder",cipherOrder,
PK11_DEFAULT_CIPHER_ORDER); SFTK_DEFAULT_CIPHER_ORDER);
slotPair=pk11_formatPair("slotParams",slotParams,'{'); /* } */ slotPair=sftk_formatPair("slotParams",slotParams,'{'); /* } */
if (slotParams) PORT_Free(slotParams); if (slotParams) PORT_Free(slotParams);
cipherPair=pk11_formatPair("ciphers",ciphers,'\''); cipherPair=sftk_formatPair("ciphers",ciphers,'\'');
if (ciphers) PR_smprintf_free(ciphers); if (ciphers) PR_smprintf_free(ciphers);
flagPair=pk11_formatPair("Flags",nssFlags,'\''); flagPair=sftk_formatPair("Flags",nssFlags,'\'');
if (nssFlags) PORT_Free(nssFlags); if (nssFlags) PORT_Free(nssFlags);
nss = PR_smprintf("%s %s %s %s %s",trustOrderPair, nss = PR_smprintf("%s %s %s %s %s",trustOrderPair,
cipherOrderPair,slotPair,cipherPair,flagPair); cipherOrderPair,slotPair,cipherPair,flagPair);
pk11_freePair(trustOrderPair); sftk_freePair(trustOrderPair);
pk11_freePair(cipherOrderPair); sftk_freePair(cipherOrderPair);
pk11_freePair(slotPair); sftk_freePair(slotPair);
pk11_freePair(cipherPair); sftk_freePair(cipherPair);
pk11_freePair(flagPair); sftk_freePair(flagPair);
tmp = pk11_argStrip(nss); tmp = sftk_argStrip(nss);
if (*tmp == '\0') { if (*tmp == '\0') {
PR_smprintf_free(nss); PR_smprintf_free(nss);
nss = NULL; nss = NULL;
@ -836,7 +836,7 @@ pk11_mkNSS(char **slotStrings, int slotCount, PRBool internal, PRBool isFIPS,
} }
static char * static char *
pk11_mkNewModuleSpec(char *dllName, char *commonName, char *parameters, sftk_mkNewModuleSpec(char *dllName, char *commonName, char *parameters,
char *NSS) { char *NSS) {
char *moduleSpec; char *moduleSpec;
char *lib,*name,*param,*nss; char *lib,*name,*param,*nss;
@ -844,15 +844,15 @@ pk11_mkNewModuleSpec(char *dllName, char *commonName, char *parameters,
/* /*
* now the final spec * now the final spec
*/ */
lib = pk11_formatPair("library",dllName,'\"'); lib = sftk_formatPair("library",dllName,'\"');
name = pk11_formatPair("name",commonName,'\"'); name = sftk_formatPair("name",commonName,'\"');
param = pk11_formatPair("parameters",parameters,'\"'); param = sftk_formatPair("parameters",parameters,'\"');
nss = pk11_formatPair("NSS",NSS,'\"'); nss = sftk_formatPair("NSS",NSS,'\"');
moduleSpec = PR_smprintf("%s %s %s %s", lib,name,param,nss); moduleSpec = PR_smprintf("%s %s %s %s", lib,name,param,nss);
pk11_freePair(lib); sftk_freePair(lib);
pk11_freePair(name); sftk_freePair(name);
pk11_freePair(param); sftk_freePair(param);
pk11_freePair(nss); sftk_freePair(nss);
return (moduleSpec); return (moduleSpec);
} }

1296
security/nss/lib/softoken/pkcs11.c
Просмотреть файл

Разница между файлами не показана из-за своего большого размера Загрузить разницу

1534
security/nss/lib/softoken/pkcs11c.c
Просмотреть файл

Разница между файлами не показана из-за своего большого размера Загрузить разницу

414
security/nss/lib/softoken/pkcs11i.h
Просмотреть файл

@ -121,30 +121,30 @@
/* NOSPREAD sessionID to hash table index macro has been slower. */ /* NOSPREAD sessionID to hash table index macro has been slower. */
/* define typedefs, double as forward declarations as well */ /* define typedefs, double as forward declarations as well */
typedef struct PK11AttributeStr PK11Attribute; typedef struct SFTKAttributeStr SFTKAttribute;
typedef struct PK11ObjectListStr PK11ObjectList; typedef struct SFTKObjectListStr SFTKObjectList;
typedef struct PK11ObjectFreeListStr PK11ObjectFreeList; typedef struct SFTKObjectFreeListStr SFTKObjectFreeList;
typedef struct PK11ObjectListElementStr PK11ObjectListElement; typedef struct SFTKObjectListElementStr SFTKObjectListElement;
typedef struct PK11ObjectStr PK11Object; typedef struct SFTKObjectStr SFTKObject;
typedef struct PK11SessionObjectStr PK11SessionObject; typedef struct SFTKSessionObjectStr SFTKSessionObject;
typedef struct PK11TokenObjectStr PK11TokenObject; typedef struct SFTKTokenObjectStr SFTKTokenObject;
typedef struct PK11SessionStr PK11Session; typedef struct SFTKSessionStr SFTKSession;
typedef struct PK11SlotStr PK11Slot; typedef struct SFTKSlotStr SFTKSlot;
typedef struct PK11SessionContextStr PK11SessionContext; typedef struct SFTKSessionContextStr SFTKSessionContext;
typedef struct PK11SearchResultsStr PK11SearchResults; typedef struct SFTKSearchResultsStr SFTKSearchResults;
typedef struct PK11HashVerifyInfoStr PK11HashVerifyInfo; typedef struct SFTKHashVerifyInfoStr SFTKHashVerifyInfo;
typedef struct PK11HashSignInfoStr PK11HashSignInfo; typedef struct SFTKHashSignInfoStr SFTKHashSignInfo;
typedef struct PK11SSLMACInfoStr PK11SSLMACInfo; typedef struct SFTKSSLMACInfoStr SFTKSSLMACInfo;
/* define function pointer typdefs for pointer tables */ /* define function pointer typdefs for pointer tables */
typedef void (*PK11Destroy)(void *, PRBool); typedef void (*SFTKDestroy)(void *, PRBool);
typedef void (*PK11Begin)(void *); typedef void (*SFTKBegin)(void *);
typedef SECStatus (*PK11Cipher)(void *,void *,unsigned int *,unsigned int, typedef SECStatus (*SFTKCipher)(void *,void *,unsigned int *,unsigned int,
void *, unsigned int); void *, unsigned int);
typedef SECStatus (*PK11Verify)(void *,void *,unsigned int,void *,unsigned int); typedef SECStatus (*SFTKVerify)(void *,void *,unsigned int,void *,unsigned int);
typedef void (*PK11Hash)(void *,void *,unsigned int); typedef void (*SFTKHash)(void *,void *,unsigned int);
typedef void (*PK11End)(void *,void *,unsigned int *,unsigned int); typedef void (*SFTKEnd)(void *,void *,unsigned int *,unsigned int);
typedef void (*PK11Free)(void *); typedef void (*SFTKFree)(void *);
/* Value to tell if an attribute is modifiable or not. /* Value to tell if an attribute is modifiable or not.
* NEVER: attribute is only set on creation. * NEVER: attribute is only set on creation.
@ -153,31 +153,31 @@ typedef void (*PK11Free)(void *);
* ALWAYS: attribute can always be changed. * ALWAYS: attribute can always be changed.
*/ */
typedef enum { typedef enum {
PK11_NEVER = 0, SFTK_NEVER = 0,
PK11_ONCOPY = 1, SFTK_ONCOPY = 1,
PK11_SENSITIVE = 2, SFTK_SENSITIVE = 2,
PK11_ALWAYS = 3 SFTK_ALWAYS = 3
} PK11ModifyType; } SFTKModifyType;
/* /*
* Free Status Enum... tell us more information when we think we're * Free Status Enum... tell us more information when we think we're
* deleting an object. * deleting an object.
*/ */
typedef enum { typedef enum {
PK11_DestroyFailure, SFTK_DestroyFailure,
PK11_Destroyed, SFTK_Destroyed,
PK11_Busy SFTK_Busy
} PK11FreeStatus; } SFTKFreeStatus;
/* /*
* attribute values of an object. * attribute values of an object.
*/ */
struct PK11AttributeStr { struct SFTKAttributeStr {
PK11Attribute *next; SFTKAttribute *next;
PK11Attribute *prev; SFTKAttribute *prev;
PRBool freeAttr; PRBool freeAttr;
PRBool freeData; PRBool freeData;
/*must be called handle to make pk11queue_find work */ /*must be called handle to make sftkqueue_find work */
CK_ATTRIBUTE_TYPE handle; CK_ATTRIBUTE_TYPE handle;
CK_ATTRIBUTE attrib; CK_ATTRIBUTE attrib;
unsigned char space[ATTR_SPACE]; unsigned char space[ATTR_SPACE];
@ -187,14 +187,14 @@ struct PK11AttributeStr {
/* /*
* doubly link list of objects * doubly link list of objects
*/ */
struct PK11ObjectListStr { struct SFTKObjectListStr {
PK11ObjectList *next; SFTKObjectList *next;
PK11ObjectList *prev; SFTKObjectList *prev;
PK11Object *parent; SFTKObject *parent;
}; };
struct PK11ObjectFreeListStr { struct SFTKObjectFreeListStr {
PK11Object *head; SFTKObject *head;
PZLock *lock; PZLock *lock;
int count; int count;
}; };
@ -202,48 +202,48 @@ struct PK11ObjectFreeListStr {
/* /*
* PKCS 11 crypto object structure * PKCS 11 crypto object structure
*/ */
struct PK11ObjectStr { struct SFTKObjectStr {
PK11Object *next; SFTKObject *next;
PK11Object *prev; SFTKObject *prev;
CK_OBJECT_CLASS objclass; CK_OBJECT_CLASS objclass;
CK_OBJECT_HANDLE handle; CK_OBJECT_HANDLE handle;
int refCount; int refCount;
PZLock *refLock; PZLock *refLock;
PK11Slot *slot; SFTKSlot *slot;
void *objectInfo; void *objectInfo;
PK11Free infoFree; SFTKFree infoFree;
}; };
struct PK11TokenObjectStr { struct SFTKTokenObjectStr {
PK11Object obj; SFTKObject obj;
SECItem dbKey; SECItem dbKey;
}; };
struct PK11SessionObjectStr { struct SFTKSessionObjectStr {
PK11Object obj; SFTKObject obj;
PK11ObjectList sessionList; SFTKObjectList sessionList;
PZLock *attributeLock; PZLock *attributeLock;
PK11Session *session; SFTKSession *session;
PRBool wasDerived; PRBool wasDerived;
int nextAttr; int nextAttr;
PK11Attribute attrList[MAX_OBJS_ATTRS]; SFTKAttribute attrList[MAX_OBJS_ATTRS];
PRBool optimizeSpace; PRBool optimizeSpace;
unsigned int hashSize; unsigned int hashSize;
PK11Attribute *head[1]; SFTKAttribute *head[1];
}; };
/* /*
* struct to deal with a temparary list of objects * struct to deal with a temparary list of objects
*/ */
struct PK11ObjectListElementStr { struct SFTKObjectListElementStr {
PK11ObjectListElement *next; SFTKObjectListElement *next;
PK11Object *object; SFTKObject *object;
}; };
/* /*
* Area to hold Search results * Area to hold Search results
*/ */
struct PK11SearchResultsStr { struct SFTKSearchResultsStr {
CK_OBJECT_HANDLE *handles; CK_OBJECT_HANDLE *handles;
int size; int size;
int index; int index;
@ -255,50 +255,50 @@ struct PK11SearchResultsStr {
* the universal crypto/hash/sign/verify context structure * the universal crypto/hash/sign/verify context structure
*/ */
typedef enum { typedef enum {
PK11_ENCRYPT, SFTK_ENCRYPT,
PK11_DECRYPT, SFTK_DECRYPT,
PK11_HASH, SFTK_HASH,
PK11_SIGN, SFTK_SIGN,
PK11_SIGN_RECOVER, SFTK_SIGN_RECOVER,
PK11_VERIFY, SFTK_VERIFY,
PK11_VERIFY_RECOVER SFTK_VERIFY_RECOVER
} PK11ContextType; } SFTKContextType;
#define PK11_MAX_BLOCK_SIZE 16 #define SFTK_MAX_BLOCK_SIZE 16
/* currently SHA512 is the biggest hash length */ /* currently SHA512 is the biggest hash length */
#define PK11_MAX_MAC_LENGTH 64 #define SFTK_MAX_MAC_LENGTH 64
#define PK11_INVALID_MAC_SIZE 0xffffffff #define SFTK_INVALID_MAC_SIZE 0xffffffff
struct PK11SessionContextStr { struct SFTKSessionContextStr {
PK11ContextType type; SFTKContextType type;
PRBool multi; /* is multipart */ PRBool multi; /* is multipart */
PRBool doPad; /* use PKCS padding for block ciphers */ PRBool doPad; /* use PKCS padding for block ciphers */
unsigned int blockSize; /* blocksize for padding */ unsigned int blockSize; /* blocksize for padding */
unsigned int padDataLength; /* length of the valid data in padbuf */ unsigned int padDataLength; /* length of the valid data in padbuf */
unsigned char padBuf[PK11_MAX_BLOCK_SIZE]; unsigned char padBuf[SFTK_MAX_BLOCK_SIZE];
unsigned char macBuf[PK11_MAX_BLOCK_SIZE]; unsigned char macBuf[SFTK_MAX_BLOCK_SIZE];
CK_ULONG macSize; /* size of a general block cipher mac*/ CK_ULONG macSize; /* size of a general block cipher mac*/
void *cipherInfo; void *cipherInfo;
void *hashInfo; void *hashInfo;
unsigned int cipherInfoLen; unsigned int cipherInfoLen;
CK_MECHANISM_TYPE currentMech; CK_MECHANISM_TYPE currentMech;
PK11Cipher update; SFTKCipher update;
PK11Hash hashUpdate; SFTKHash hashUpdate;
PK11End end; SFTKEnd end;
PK11Destroy destroy; SFTKDestroy destroy;
PK11Destroy hashdestroy; SFTKDestroy hashdestroy;
PK11Verify verify; SFTKVerify verify;
unsigned int maxLen; unsigned int maxLen;
PK11Object *key; SFTKObject *key;
}; };
/* /*
* Sessions (have objects) * Sessions (have objects)
*/ */
struct PK11SessionStr { struct SFTKSessionStr {
PK11Session *next; SFTKSession *next;
PK11Session *prev; SFTKSession *prev;
CK_SESSION_HANDLE handle; CK_SESSION_HANDLE handle;
int refCount; int refCount;
PZLock *objectLock; PZLock *objectLock;
@ -306,12 +306,12 @@ struct PK11SessionStr {
CK_SESSION_INFO info; CK_SESSION_INFO info;
CK_NOTIFY notify; CK_NOTIFY notify;
CK_VOID_PTR appData; CK_VOID_PTR appData;
PK11Slot *slot; SFTKSlot *slot;
PK11SearchResults *search; SFTKSearchResults *search;
PK11SessionContext *enc_context; SFTKSessionContext *enc_context;
PK11SessionContext *hash_context; SFTKSessionContext *hash_context;
PK11SessionContext *sign_context; SFTKSessionContext *sign_context;
PK11ObjectList *objects[1]; SFTKObjectList *objects[1];
}; };
/* /*
@ -324,7 +324,7 @@ struct PK11SessionStr {
* and slotLock protects the remaining protected elements: * and slotLock protects the remaining protected elements:
* password, isLoggedIn, ssoLoggedIn, and sessionCount * password, isLoggedIn, ssoLoggedIn, and sessionCount
*/ */
struct PK11SlotStr { struct SFTKSlotStr {
CK_SLOT_ID slotID; CK_SLOT_ID slotID;
PZLock *slotLock; PZLock *slotLock;
PZLock **sessionLock; PZLock **sessionLock;
@ -349,9 +349,9 @@ struct PK11SlotStr {
int tokenIDCount; int tokenIDCount;
int index; int index;
PLHashTable *tokenHashTable; PLHashTable *tokenHashTable;
PK11Object **tokObjects; SFTKObject **tokObjects;
unsigned int tokObjHashSize; unsigned int tokObjHashSize;
PK11Session **head; SFTKSession **head;
unsigned int sessHashSize; unsigned int sessHashSize;
char tokDescription[33]; char tokDescription[33];
char slotDescription[64]; char slotDescription[64];
@ -360,22 +360,22 @@ struct PK11SlotStr {
/* /*
* special joint operations Contexts * special joint operations Contexts
*/ */
struct PK11HashVerifyInfoStr { struct SFTKHashVerifyInfoStr {
SECOidTag hashOid; SECOidTag hashOid;
NSSLOWKEYPublicKey *key; NSSLOWKEYPublicKey *key;
}; };
struct PK11HashSignInfoStr { struct SFTKHashSignInfoStr {
SECOidTag hashOid; SECOidTag hashOid;
NSSLOWKEYPrivateKey *key; NSSLOWKEYPrivateKey *key;
}; };
/* context for the Final SSLMAC message */ /* context for the Final SSLMAC message */
struct PK11SSLMACInfoStr { struct SFTKSSLMACInfoStr {
void *hashContext; void *hashContext;
PK11Begin begin; SFTKBegin begin;
PK11Hash update; SFTKHash update;
PK11End end; SFTKEnd end;
CK_ULONG macSize; CK_ULONG macSize;
int padSize; int padSize;
unsigned char key[MAX_KEY_LEN]; unsigned char key[MAX_KEY_LEN];
@ -385,27 +385,27 @@ struct PK11SSLMACInfoStr {
/* /*
* session handle modifiers * session handle modifiers
*/ */
#define PK11_SESSION_SLOT_MASK 0xff000000L #define SFTK_SESSION_SLOT_MASK 0xff000000L
/* /*
* object handle modifiers * object handle modifiers
*/ */
#define PK11_TOKEN_MASK 0x80000000L #define SFTK_TOKEN_MASK 0x80000000L
#define PK11_TOKEN_MAGIC 0x80000000L #define SFTK_TOKEN_MAGIC 0x80000000L
#define PK11_TOKEN_TYPE_MASK 0x70000000L #define SFTK_TOKEN_TYPE_MASK 0x70000000L
/* keydb (high bit == 0) */ /* keydb (high bit == 0) */
#define PK11_TOKEN_TYPE_PRIV 0x10000000L #define SFTK_TOKEN_TYPE_PRIV 0x10000000L
#define PK11_TOKEN_TYPE_PUB 0x20000000L #define SFTK_TOKEN_TYPE_PUB 0x20000000L
#define PK11_TOKEN_TYPE_KEY 0x30000000L #define SFTK_TOKEN_TYPE_KEY 0x30000000L
/* certdb (high bit == 1) */ /* certdb (high bit == 1) */
#define PK11_TOKEN_TYPE_TRUST 0x40000000L #define SFTK_TOKEN_TYPE_TRUST 0x40000000L
#define PK11_TOKEN_TYPE_CRL 0x50000000L #define SFTK_TOKEN_TYPE_CRL 0x50000000L
#define PK11_TOKEN_TYPE_SMIME 0x60000000L #define SFTK_TOKEN_TYPE_SMIME 0x60000000L
#define PK11_TOKEN_TYPE_CERT 0x70000000L #define SFTK_TOKEN_TYPE_CERT 0x70000000L
#define PK11_TOKEN_KRL_HANDLE (PK11_TOKEN_MAGIC|PK11_TOKEN_TYPE_CRL|1) #define SFTK_TOKEN_KRL_HANDLE (SFTK_TOKEN_MAGIC|SFTK_TOKEN_TYPE_CRL|1)
/* how big a password/pin we can deal with */ /* how big a password/pin we can deal with */
#define PK11_MAX_PIN 255 #define SFTK_MAX_PIN 255
/* slot ID's */ /* slot ID's */
#define NETSCAPE_SLOT_ID 1 #define NETSCAPE_SLOT_ID 1
@ -413,39 +413,39 @@ struct PK11SSLMACInfoStr {
#define FIPS_SLOT_ID 3 #define FIPS_SLOT_ID 3
/* slot helper macros */ /* slot helper macros */
#define pk11_SlotFromSession(sp) ((sp)->slot) #define sftk_SlotFromSession(sp) ((sp)->slot)
#define pk11_isToken(id) (((id) & PK11_TOKEN_MASK) == PK11_TOKEN_MAGIC) #define sftk_isToken(id) (((id) & SFTK_TOKEN_MASK) == SFTK_TOKEN_MAGIC)
/* the session hash multiplier (see bug 201081) */ /* the session hash multiplier (see bug 201081) */
#define SHMULTIPLIER 1791398085 #define SHMULTIPLIER 1791398085
/* queueing helper macros */ /* queueing helper macros */
#define pk11_hash(value,size) \ #define sftk_hash(value,size) \
((PRUint32)((value) * SHMULTIPLIER) & (size-1)) ((PRUint32)((value) * SHMULTIPLIER) & (size-1))
#define pk11queue_add(element,id,head,hash_size) \ #define sftkqueue_add(element,id,head,hash_size) \
{ int tmp = pk11_hash(id,hash_size); \ { int tmp = sftk_hash(id,hash_size); \
(element)->next = (head)[tmp]; \ (element)->next = (head)[tmp]; \
(element)->prev = NULL; \ (element)->prev = NULL; \
if ((head)[tmp]) (head)[tmp]->prev = (element); \ if ((head)[tmp]) (head)[tmp]->prev = (element); \
(head)[tmp] = (element); } (head)[tmp] = (element); }
#define pk11queue_find(element,id,head,hash_size) \ #define sftkqueue_find(element,id,head,hash_size) \
for( (element) = (head)[pk11_hash(id,hash_size)]; (element) != NULL; \ for( (element) = (head)[sftk_hash(id,hash_size)]; (element) != NULL; \
(element) = (element)->next) { \ (element) = (element)->next) { \
if ((element)->handle == (id)) { break; } } if ((element)->handle == (id)) { break; } }
#define pk11queue_is_queued(element,id,head,hash_size) \ #define sftkqueue_is_queued(element,id,head,hash_size) \
( ((element)->next) || ((element)->prev) || \ ( ((element)->next) || ((element)->prev) || \
((head)[pk11_hash(id,hash_size)] == (element)) ) ((head)[sftk_hash(id,hash_size)] == (element)) )
#define pk11queue_delete(element,id,head,hash_size) \ #define sftkqueue_delete(element,id,head,hash_size) \
if ((element)->next) (element)->next->prev = (element)->prev; \ if ((element)->next) (element)->next->prev = (element)->prev; \
if ((element)->prev) (element)->prev->next = (element)->next; \ if ((element)->prev) (element)->prev->next = (element)->next; \
else (head)[pk11_hash(id,hash_size)] = ((element)->next); \ else (head)[sftk_hash(id,hash_size)] = ((element)->next); \
(element)->next = NULL; \ (element)->next = NULL; \
(element)->prev = NULL; \ (element)->prev = NULL; \
#define pk11queue_init_element(element) \ #define sftkqueue_init_element(element) \
(element)->prev = NULL; (element)->prev = NULL;
#define pk11queue_add2(element, id, index, head) \ #define sftkqueue_add2(element, id, index, head) \
{ \ { \
(element)->next = (head)[index]; \ (element)->next = (head)[index]; \
if ((head)[index]) \ if ((head)[index]) \
@ -453,19 +453,19 @@ struct PK11SSLMACInfoStr {
(head)[index] = (element); \ (head)[index] = (element); \
} }
#define pk11queue_find2(element, id, index, head) \ #define sftkqueue_find2(element, id, index, head) \
for ( (element) = (head)[index]; \ for ( (element) = (head)[index]; \
(element) != NULL; \ (element) != NULL; \
(element) = (element)->next) { \ (element) = (element)->next) { \
if ((element)->handle == (id)) { break; } \ if ((element)->handle == (id)) { break; } \
} }
#define pk11queue_delete2(element, id, index, head) \ #define sftkqueue_delete2(element, id, index, head) \
if ((element)->next) (element)->next->prev = (element)->prev; \ if ((element)->next) (element)->next->prev = (element)->prev; \
if ((element)->prev) (element)->prev->next = (element)->next; \ if ((element)->prev) (element)->prev->next = (element)->next; \
else (head)[index] = ((element)->next); else (head)[index] = ((element)->next);
#define pk11queue_clear_deleted_element(element) \ #define sftkqueue_clear_deleted_element(element) \
(element)->next = NULL; \ (element)->next = NULL; \
(element)->prev = NULL; \ (element)->prev = NULL; \
@ -473,20 +473,20 @@ struct PK11SSLMACInfoStr {
/* sessionID (handle) is used to determine session lock bucket */ /* sessionID (handle) is used to determine session lock bucket */
#ifdef NOSPREAD #ifdef NOSPREAD
/* NOSPREAD: (ID>>L2LPB) & (perbucket-1) */ /* NOSPREAD: (ID>>L2LPB) & (perbucket-1) */
#define PK11_SESSION_LOCK(slot,handle) \ #define SFTK_SESSION_LOCK(slot,handle) \
((slot)->sessionLock[((handle) >> LOG2_BUCKETS_PER_SESSION_LOCK) \ ((slot)->sessionLock[((handle) >> LOG2_BUCKETS_PER_SESSION_LOCK) \
& (slot)->sessionLockMask]) & (slot)->sessionLockMask])
#else #else
/* SPREAD: ID & (perbucket-1) */ /* SPREAD: ID & (perbucket-1) */
#define PK11_SESSION_LOCK(slot,handle) \ #define SFTK_SESSION_LOCK(slot,handle) \
((slot)->sessionLock[(handle) & (slot)->sessionLockMask]) ((slot)->sessionLock[(handle) & (slot)->sessionLockMask])
#endif #endif
/* expand an attribute & secitem structures out */ /* expand an attribute & secitem structures out */
#define pk11_attr_expand(ap) (ap)->type,(ap)->pValue,(ap)->ulValueLen #define sftk_attr_expand(ap) (ap)->type,(ap)->pValue,(ap)->ulValueLen
#define pk11_item_expand(ip) (ip)->data,(ip)->len #define sftk_item_expand(ip) (ip)->data,(ip)->len
typedef struct pk11_token_parametersStr { typedef struct sftk_token_parametersStr {
CK_SLOT_ID slotID; CK_SLOT_ID slotID;
char *configdir; char *configdir;
char *certPrefix; char *certPrefix;
@ -500,9 +500,9 @@ typedef struct pk11_token_parametersStr {
PRBool forceOpen; PRBool forceOpen;
PRBool pwRequired; PRBool pwRequired;
PRBool optimizeSpace; PRBool optimizeSpace;
} pk11_token_parameters; } sftk_token_parameters;
typedef struct pk11_parametersStr { typedef struct sftk_parametersStr {
char *configdir; char *configdir;
char *secmodName; char *secmodName;
char *man; char *man;
@ -513,9 +513,9 @@ typedef struct pk11_parametersStr {
PRBool forceOpen; PRBool forceOpen;
PRBool pwRequired; PRBool pwRequired;
PRBool optimizeSpace; PRBool optimizeSpace;
pk11_token_parameters *tokens; sftk_token_parameters *tokens;
int token_count; int token_count;
} pk11_parameters; } sftk_parameters;
/* machine dependent path stuff used by dbinit.c and pk11db.c */ /* machine dependent path stuff used by dbinit.c and pk11db.c */
@ -538,88 +538,88 @@ extern CK_RV nsc_CommonInitialize(CK_VOID_PTR pReserved, PRBool isFIPS);
extern CK_RV nsc_CommonFinalize(CK_VOID_PTR pReserved, PRBool isFIPS); extern CK_RV nsc_CommonFinalize(CK_VOID_PTR pReserved, PRBool isFIPS);
extern CK_RV nsc_CommonGetSlotList(CK_BBOOL tokPresent, extern CK_RV nsc_CommonGetSlotList(CK_BBOOL tokPresent,
CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount, int moduleIndex); CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount, int moduleIndex);
/* shared functions between PKCS11.c and PK11FIPS.c */ /* shared functions between PKCS11.c and SFTKFIPS.c */
extern CK_RV PK11_SlotInit(char *configdir,pk11_token_parameters *params, extern CK_RV SFTK_SlotInit(char *configdir,sftk_token_parameters *params,
int moduleIndex); int moduleIndex);
/* internal utility functions used by pkcs11.c */ /* internal utility functions used by pkcs11.c */
extern PK11Attribute *pk11_FindAttribute(PK11Object *object, extern SFTKAttribute *sftk_FindAttribute(SFTKObject *object,
CK_ATTRIBUTE_TYPE type); CK_ATTRIBUTE_TYPE type);
extern void pk11_FreeAttribute(PK11Attribute *attribute); extern void sftk_FreeAttribute(SFTKAttribute *attribute);
extern CK_RV pk11_AddAttributeType(PK11Object *object, CK_ATTRIBUTE_TYPE type, extern CK_RV sftk_AddAttributeType(SFTKObject *object, CK_ATTRIBUTE_TYPE type,
void *valPtr, void *valPtr,
CK_ULONG length); CK_ULONG length);
extern CK_RV pk11_Attribute2SecItem(PLArenaPool *arena, SECItem *item, extern CK_RV sftk_Attribute2SecItem(PLArenaPool *arena, SECItem *item,
PK11Object *object, CK_ATTRIBUTE_TYPE type); SFTKObject *object, CK_ATTRIBUTE_TYPE type);
extern unsigned int pk11_GetLengthInBits(unsigned char *buf, extern unsigned int sftk_GetLengthInBits(unsigned char *buf,
unsigned int bufLen); unsigned int bufLen);
extern CK_RV pk11_ConstrainAttribute(PK11Object *object, extern CK_RV sftk_ConstrainAttribute(SFTKObject *object,
CK_ATTRIBUTE_TYPE type, int minLength, int maxLength, int minMultiple); CK_ATTRIBUTE_TYPE type, int minLength, int maxLength, int minMultiple);
extern PRBool pk11_hasAttribute(PK11Object *object, CK_ATTRIBUTE_TYPE type); extern PRBool sftk_hasAttribute(SFTKObject *object, CK_ATTRIBUTE_TYPE type);
extern PRBool pk11_isTrue(PK11Object *object, CK_ATTRIBUTE_TYPE type); extern PRBool sftk_isTrue(SFTKObject *object, CK_ATTRIBUTE_TYPE type);
extern void pk11_DeleteAttributeType(PK11Object *object, extern void sftk_DeleteAttributeType(SFTKObject *object,
CK_ATTRIBUTE_TYPE type); CK_ATTRIBUTE_TYPE type);
extern CK_RV pk11_Attribute2SecItem(PLArenaPool *arena, SECItem *item, extern CK_RV sftk_Attribute2SecItem(PLArenaPool *arena, SECItem *item,
PK11Object *object, CK_ATTRIBUTE_TYPE type); SFTKObject *object, CK_ATTRIBUTE_TYPE type);
extern CK_RV pk11_Attribute2SSecItem(PLArenaPool *arena, SECItem *item, extern CK_RV sftk_Attribute2SSecItem(PLArenaPool *arena, SECItem *item,
PK11Object *object, SFTKObject *object,
CK_ATTRIBUTE_TYPE type); CK_ATTRIBUTE_TYPE type);
extern PK11ModifyType pk11_modifyType(CK_ATTRIBUTE_TYPE type, extern SFTKModifyType sftk_modifyType(CK_ATTRIBUTE_TYPE type,
CK_OBJECT_CLASS inClass); CK_OBJECT_CLASS inClass);
extern PRBool pk11_isSensitive(CK_ATTRIBUTE_TYPE type, CK_OBJECT_CLASS inClass); extern PRBool sftk_isSensitive(CK_ATTRIBUTE_TYPE type, CK_OBJECT_CLASS inClass);
extern char *pk11_getString(PK11Object *object, CK_ATTRIBUTE_TYPE type); extern char *sftk_getString(SFTKObject *object, CK_ATTRIBUTE_TYPE type);
extern void pk11_nullAttribute(PK11Object *object,CK_ATTRIBUTE_TYPE type); extern void sftk_nullAttribute(SFTKObject *object,CK_ATTRIBUTE_TYPE type);
extern CK_RV pk11_GetULongAttribute(PK11Object *object, CK_ATTRIBUTE_TYPE type, extern CK_RV sftk_GetULongAttribute(SFTKObject *object, CK_ATTRIBUTE_TYPE type,
CK_ULONG *longData); CK_ULONG *longData);
extern CK_RV pk11_forceAttribute(PK11Object *object, CK_ATTRIBUTE_TYPE type, extern CK_RV sftk_forceAttribute(SFTKObject *object, CK_ATTRIBUTE_TYPE type,
void *value, unsigned int len); void *value, unsigned int len);
extern CK_RV pk11_defaultAttribute(PK11Object *object, CK_ATTRIBUTE_TYPE type, extern CK_RV sftk_defaultAttribute(SFTKObject *object, CK_ATTRIBUTE_TYPE type,
void *value, unsigned int len); void *value, unsigned int len);
extern unsigned int pk11_MapTrust(CK_TRUST trust, PRBool clientAuth); extern unsigned int sftk_MapTrust(CK_TRUST trust, PRBool clientAuth);
extern PK11Object *pk11_NewObject(PK11Slot *slot); extern SFTKObject *sftk_NewObject(SFTKSlot *slot);
extern CK_RV pk11_CopyObject(PK11Object *destObject, PK11Object *srcObject); extern CK_RV sftk_CopyObject(SFTKObject *destObject, SFTKObject *srcObject);
extern PK11FreeStatus pk11_FreeObject(PK11Object *object); extern SFTKFreeStatus sftk_FreeObject(SFTKObject *object);
extern CK_RV pk11_DeleteObject(PK11Session *session, PK11Object *object); extern CK_RV sftk_DeleteObject(SFTKSession *session, SFTKObject *object);
extern void pk11_ReferenceObject(PK11Object *object); extern void sftk_ReferenceObject(SFTKObject *object);
extern PK11Object *pk11_ObjectFromHandle(CK_OBJECT_HANDLE handle, extern SFTKObject *sftk_ObjectFromHandle(CK_OBJECT_HANDLE handle,
PK11Session *session); SFTKSession *session);
extern void pk11_AddSlotObject(PK11Slot *slot, PK11Object *object); extern void sftk_AddSlotObject(SFTKSlot *slot, SFTKObject *object);
extern void pk11_AddObject(PK11Session *session, PK11Object *object); extern void sftk_AddObject(SFTKSession *session, SFTKObject *object);
extern CK_RV pk11_searchObjectList(PK11SearchResults *search, extern CK_RV sftk_searchObjectList(SFTKSearchResults *search,
PK11Object **head, unsigned int size, SFTKObject **head, unsigned int size,
PZLock *lock, CK_ATTRIBUTE_PTR inTemplate, PZLock *lock, CK_ATTRIBUTE_PTR inTemplate,
int count, PRBool isLoggedIn); int count, PRBool isLoggedIn);
extern PK11ObjectListElement *pk11_FreeObjectListElement( extern SFTKObjectListElement *sftk_FreeObjectListElement(
PK11ObjectListElement *objectList); SFTKObjectListElement *objectList);
extern void pk11_FreeObjectList(PK11ObjectListElement *objectList); extern void sftk_FreeObjectList(SFTKObjectListElement *objectList);
extern void pk11_FreeSearch(PK11SearchResults *search); extern void sftk_FreeSearch(SFTKSearchResults *search);
extern CK_RV pk11_handleObject(PK11Object *object, PK11Session *session); extern CK_RV sftk_handleObject(SFTKObject *object, SFTKSession *session);
extern PK11Slot *pk11_SlotFromID(CK_SLOT_ID slotID); extern SFTKSlot *sftk_SlotFromID(CK_SLOT_ID slotID);
extern PK11Slot *pk11_SlotFromSessionHandle(CK_SESSION_HANDLE handle); extern SFTKSlot *sftk_SlotFromSessionHandle(CK_SESSION_HANDLE handle);
extern PK11Session *pk11_SessionFromHandle(CK_SESSION_HANDLE handle); extern SFTKSession *sftk_SessionFromHandle(CK_SESSION_HANDLE handle);
extern void pk11_FreeSession(PK11Session *session); extern void sftk_FreeSession(SFTKSession *session);
extern PK11Session *pk11_NewSession(CK_SLOT_ID slotID, CK_NOTIFY notify, extern SFTKSession *sftk_NewSession(CK_SLOT_ID slotID, CK_NOTIFY notify,
CK_VOID_PTR pApplication, CK_FLAGS flags); CK_VOID_PTR pApplication, CK_FLAGS flags);
extern void pk11_update_state(PK11Slot *slot,PK11Session *session); extern void sftk_update_state(SFTKSlot *slot,SFTKSession *session);
extern void pk11_update_all_states(PK11Slot *slot); extern void sftk_update_all_states(SFTKSlot *slot);
extern void pk11_FreeContext(PK11SessionContext *context); extern void sftk_FreeContext(SFTKSessionContext *context);
extern void pk11_InitFreeLists(void); extern void sftk_InitFreeLists(void);
extern void pk11_CleanupFreeLists(void); extern void sftk_CleanupFreeLists(void);
extern NSSLOWKEYPublicKey *pk11_GetPubKey(PK11Object *object, extern NSSLOWKEYPublicKey *sftk_GetPubKey(SFTKObject *object,
CK_KEY_TYPE key_type, CK_RV *crvp); CK_KEY_TYPE key_type, CK_RV *crvp);
extern NSSLOWKEYPrivateKey *pk11_GetPrivKey(PK11Object *object, extern NSSLOWKEYPrivateKey *sftk_GetPrivKey(SFTKObject *object,
CK_KEY_TYPE key_type, CK_RV *crvp); CK_KEY_TYPE key_type, CK_RV *crvp);
extern void pk11_FormatDESKey(unsigned char *key, int length); extern void sftk_FormatDESKey(unsigned char *key, int length);
extern PRBool pk11_CheckDESKey(unsigned char *key); extern PRBool sftk_CheckDESKey(unsigned char *key);
extern PRBool pk11_IsWeakKey(unsigned char *key,CK_KEY_TYPE key_type); extern PRBool sftk_IsWeakKey(unsigned char *key,CK_KEY_TYPE key_type);
extern CK_RV secmod_parseParameters(char *param, pk11_parameters *parsed, extern CK_RV secmod_parseParameters(char *param, sftk_parameters *parsed,
PRBool isFIPS); PRBool isFIPS);
extern void secmod_freeParams(pk11_parameters *params); extern void secmod_freeParams(sftk_parameters *params);
extern char *secmod_getSecmodName(char *params, char **domain, extern char *secmod_getSecmodName(char *params, char **domain,
char **filename, PRBool *rw); char **filename, PRBool *rw);
extern char ** secmod_ReadPermDB(const char *domain, const char *filename, extern char ** secmod_ReadPermDB(const char *domain, const char *filename,
@ -631,7 +631,7 @@ extern SECStatus secmod_AddPermDB(const char *domain, const char *filename,
extern SECStatus secmod_ReleasePermDBData(const char *domain, extern SECStatus secmod_ReleasePermDBData(const char *domain,
const char *filename, const char *dbname, char **specList, PRBool rw); const char *filename, const char *dbname, char **specList, PRBool rw);
/* mechanism allows this operation */ /* mechanism allows this operation */
extern CK_RV pk11_MechAllowsOperation(CK_MECHANISM_TYPE type, CK_ATTRIBUTE_TYPE op); extern CK_RV sftk_MechAllowsOperation(CK_MECHANISM_TYPE type, CK_ATTRIBUTE_TYPE op);
/* /*
* OK there are now lots of options here, lets go through them all: * OK there are now lots of options here, lets go through them all:
* *
@ -649,47 +649,47 @@ extern CK_RV pk11_MechAllowsOperation(CK_MECHANISM_TYPE type, CK_ATTRIBUTE_TYPE
* forceOpen - Continue to force initializations even if the databases cannot * forceOpen - Continue to force initializations even if the databases cannot
* be opened. * be opened.
*/ */
CK_RV pk11_DBInit(const char *configdir, const char *certPrefix, CK_RV sftk_DBInit(const char *configdir, const char *certPrefix,
const char *keyPrefix, PRBool readOnly, PRBool noCertDB, const char *keyPrefix, PRBool readOnly, PRBool noCertDB,
PRBool noKeyDB, PRBool forceOpen, PRBool noKeyDB, PRBool forceOpen,
NSSLOWCERTCertDBHandle **certDB, NSSLOWKEYDBHandle **keyDB); NSSLOWCERTCertDBHandle **certDB, NSSLOWKEYDBHandle **keyDB);
void pk11_DBShutdown(NSSLOWCERTCertDBHandle *certHandle, void sftk_DBShutdown(NSSLOWCERTCertDBHandle *certHandle,
NSSLOWKEYDBHandle *keyHandle); NSSLOWKEYDBHandle *keyHandle);
const char *pk11_EvaluateConfigDir(const char *configdir, char **domain); const char *sftk_EvaluateConfigDir(const char *configdir, char **domain);
/* /*
* narrow objects * narrow objects
*/ */
PK11SessionObject * pk11_narrowToSessionObject(PK11Object *); SFTKSessionObject * sftk_narrowToSessionObject(SFTKObject *);
PK11TokenObject * pk11_narrowToTokenObject(PK11Object *); SFTKTokenObject * sftk_narrowToTokenObject(SFTKObject *);
/* /*
* token object utilities * token object utilities
*/ */
void pk11_addHandle(PK11SearchResults *search, CK_OBJECT_HANDLE handle); void sftk_addHandle(SFTKSearchResults *search, CK_OBJECT_HANDLE handle);
PRBool pk11_poisonHandle(PK11Slot *slot, SECItem *dbkey, PRBool sftk_poisonHandle(SFTKSlot *slot, SECItem *dbkey,
CK_OBJECT_HANDLE handle); CK_OBJECT_HANDLE handle);
PRBool pk11_tokenMatch(PK11Slot *slot, SECItem *dbKey, CK_OBJECT_HANDLE class, PRBool sftk_tokenMatch(SFTKSlot *slot, SECItem *dbKey, CK_OBJECT_HANDLE class,
CK_ATTRIBUTE_PTR theTemplate,int count); CK_ATTRIBUTE_PTR theTemplate,int count);
CK_OBJECT_HANDLE pk11_mkHandle(PK11Slot *slot, CK_OBJECT_HANDLE sftk_mkHandle(SFTKSlot *slot,
SECItem *dbKey, CK_OBJECT_HANDLE class); SECItem *dbKey, CK_OBJECT_HANDLE class);
PK11Object * pk11_NewTokenObject(PK11Slot *slot, SECItem *dbKey, SFTKObject * sftk_NewTokenObject(SFTKSlot *slot, SECItem *dbKey,
CK_OBJECT_HANDLE handle); CK_OBJECT_HANDLE handle);
PK11TokenObject *pk11_convertSessionToToken(PK11Object *so); SFTKTokenObject *sftk_convertSessionToToken(SFTKObject *so);
/**************************************** /****************************************
* implement TLS Pseudo Random Function (PRF) * implement TLS Pseudo Random Function (PRF)
*/ */
extern SECStatus extern SECStatus
pk11_PRF(const SECItem *secret, const char *label, SECItem *seed, sftk_PRF(const SECItem *secret, const char *label, SECItem *seed,
SECItem *result, PRBool isFIPS); SECItem *result, PRBool isFIPS);
extern CK_RV extern CK_RV
pk11_TLSPRFInit(PK11SessionContext *context, sftk_TLSPRFInit(SFTKSessionContext *context,
PK11Object * key, SFTKObject * key,
CK_KEY_TYPE key_type); CK_KEY_TYPE key_type);
SEC_END_PROTOS SEC_END_PROTOS

1114
security/nss/lib/softoken/pkcs11u.c
Просмотреть файл

Разница между файлами не показана из-за своего большого размера Загрузить разницу

8
security/nss/lib/softoken/softoken.h
Просмотреть файл

@ -36,7 +36,7 @@
* the terms of any one of the MPL, the GPL or the LGPL. * the terms of any one of the MPL, the GPL or the LGPL.
* *
* ***** END LICENSE BLOCK ***** */ * ***** END LICENSE BLOCK ***** */
/* $Id: softoken.h,v 1.6 2004/04/27 23:04:38 gerv%gerv.net Exp $ */ /* $Id: softoken.h,v 1.7 2005/03/29 18:21:18 nelsonb%netscape.com Exp $ */
#ifndef _SOFTOKEN_H_ #ifndef _SOFTOKEN_H_
#define _SOFTOKEN_H_ #define _SOFTOKEN_H_
@ -46,7 +46,7 @@
#include "softoknt.h" #include "softoknt.h"
#include "secoidt.h" #include "secoidt.h"
#include "pkcs11t.h" /* CK_RV Required for pk11_fipsPowerUpSelfTest(). */ #include "pkcs11t.h" /* CK_RV Required for sftk_fipsPowerUpSelfTest(). */
SEC_BEGIN_PROTOS SEC_BEGIN_PROTOS
@ -152,12 +152,12 @@ extern unsigned char * DES_PadBuffer(PRArenaPool *arena, unsigned char *inbuf,
** Power-Up selftests required for FIPS and invoked only ** Power-Up selftests required for FIPS and invoked only
** under PKCS #11 FIPS mode. ** under PKCS #11 FIPS mode.
*/ */
extern CK_RV pk11_fipsPowerUpSelfTest( void ); extern CK_RV sftk_fipsPowerUpSelfTest( void );
/* /*
** make known fixed PKCS #11 key types to their sizes in bytes ** make known fixed PKCS #11 key types to their sizes in bytes
*/ */
unsigned long pk11_MapKeySize(CK_KEY_TYPE keyType); unsigned long sftk_MapKeySize(CK_KEY_TYPE keyType);
SEC_END_PROTOS SEC_END_PROTOS

54
security/nss/lib/softoken/tlsprf.c
Просмотреть файл

@ -35,19 +35,19 @@
* the terms of any one of the MPL, the GPL or the LGPL. * the terms of any one of the MPL, the GPL or the LGPL.
* *
* ***** END LICENSE BLOCK ***** */ * ***** END LICENSE BLOCK ***** */
/* $Id: tlsprf.c,v 1.4 2004/04/27 23:04:38 gerv%gerv.net Exp $ */ /* $Id: tlsprf.c,v 1.5 2005/03/29 18:21:18 nelsonb%netscape.com Exp $ */
#include "pkcs11i.h" #include "pkcs11i.h"
#include "sechash.h" #include "sechash.h"
#include "alghmac.h" #include "alghmac.h"
#define PK11_OFFSETOF(str, memb) ((PRPtrdiff)(&(((str *)0)->memb))) #define SFTK_OFFSETOF(str, memb) ((PRPtrdiff)(&(((str *)0)->memb)))
#define PHASH_STATE_MAX_LEN 20 #define PHASH_STATE_MAX_LEN 20
/* TLS P_hash function */ /* TLS P_hash function */
static SECStatus static SECStatus
pk11_P_hash(HASH_HashType hashType, const SECItem *secret, const char *label, sftk_P_hash(HASH_HashType hashType, const SECItem *secret, const char *label,
SECItem *seed, SECItem *result, PRBool isFIPS) SECItem *seed, SECItem *result, PRBool isFIPS)
{ {
unsigned char state[PHASH_STATE_MAX_LEN]; unsigned char state[PHASH_STATE_MAX_LEN];
@ -119,7 +119,7 @@ loser:
} }
SECStatus SECStatus
pk11_PRF(const SECItem *secret, const char *label, SECItem *seed, sftk_PRF(const SECItem *secret, const char *label, SECItem *seed,
SECItem *result, PRBool isFIPS) SECItem *result, PRBool isFIPS)
{ {
SECStatus rv = SECFailure, status; SECStatus rv = SECFailure, status;
@ -145,11 +145,11 @@ pk11_PRF(const SECItem *secret, const char *label, SECItem *seed,
goto loser; goto loser;
tmp.len = result->len; tmp.len = result->len;
status = pk11_P_hash(HASH_AlgMD5, &S1, label, seed, result, isFIPS); status = sftk_P_hash(HASH_AlgMD5, &S1, label, seed, result, isFIPS);
if (status != SECSuccess) if (status != SECSuccess)
goto loser; goto loser;
status = pk11_P_hash(HASH_AlgSHA1, &S2, label, seed, &tmp, isFIPS); status = sftk_P_hash(HASH_AlgSHA1, &S2, label, seed, &tmp, isFIPS);
if (status != SECSuccess) if (status != SECSuccess)
goto loser; goto loser;
@ -164,7 +164,7 @@ loser:
return rv; return rv;
} }
static void pk11_TLSPRFNull(void *data, PRBool freeit) static void sftk_TLSPRFNull(void *data, PRBool freeit)
{ {
return; return;
} }
@ -181,7 +181,7 @@ typedef struct {
} TLSPRFContext; } TLSPRFContext;
static void static void
pk11_TLSPRFHashUpdate(TLSPRFContext *cx, const unsigned char *data, sftk_TLSPRFHashUpdate(TLSPRFContext *cx, const unsigned char *data,
unsigned int data_len) unsigned int data_len)
{ {
PRUint32 bytesUsed = cx->cxKeyLen + cx->cxDataLen; PRUint32 bytesUsed = cx->cxKeyLen + cx->cxDataLen;
@ -211,7 +211,7 @@ pk11_TLSPRFHashUpdate(TLSPRFContext *cx, const unsigned char *data,
} }
static void static void
pk11_TLSPRFEnd(TLSPRFContext *ctx, unsigned char *hashout, sftk_TLSPRFEnd(TLSPRFContext *ctx, unsigned char *hashout,
unsigned int *pDigestLen, unsigned int maxDigestLen) unsigned int *pDigestLen, unsigned int maxDigestLen)
{ {
*pDigestLen = 0; /* tells Verify that no data has been input yet. */ *pDigestLen = 0; /* tells Verify that no data has been input yet. */
@ -219,7 +219,7 @@ pk11_TLSPRFEnd(TLSPRFContext *ctx, unsigned char *hashout,
/* Compute the PRF values from the data previously input. */ /* Compute the PRF values from the data previously input. */
static SECStatus static SECStatus
pk11_TLSPRFUpdate(TLSPRFContext *cx, sftk_TLSPRFUpdate(TLSPRFContext *cx,
unsigned char *sig, /* output goes here. */ unsigned char *sig, /* output goes here. */
unsigned int * sigLen, /* how much output. */ unsigned int * sigLen, /* how much output. */
unsigned int maxLen, /* output buffer size */ unsigned int maxLen, /* output buffer size */
@ -243,7 +243,7 @@ pk11_TLSPRFUpdate(TLSPRFContext *cx,
sigItem.data = sig; sigItem.data = sig;
sigItem.len = maxLen; sigItem.len = maxLen;
rv = pk11_PRF(&secretItem, NULL, &seedItem, &sigItem, cx->cxIsFIPS); rv = sftk_PRF(&secretItem, NULL, &seedItem, &sigItem, cx->cxIsFIPS);
if (rv == SECSuccess && sigLen != NULL) if (rv == SECSuccess && sigLen != NULL)
*sigLen = sigItem.len; *sigLen = sigItem.len;
return rv; return rv;
@ -251,7 +251,7 @@ pk11_TLSPRFUpdate(TLSPRFContext *cx,
} }
static SECStatus static SECStatus
pk11_TLSPRFVerify(TLSPRFContext *cx, sftk_TLSPRFVerify(TLSPRFContext *cx,
unsigned char *sig, /* input, for comparison. */ unsigned char *sig, /* input, for comparison. */
unsigned int sigLen, /* length of sig. */ unsigned int sigLen, /* length of sig. */
unsigned char *hash, /* data to be verified. */ unsigned char *hash, /* data to be verified. */
@ -267,9 +267,9 @@ pk11_TLSPRFVerify(TLSPRFContext *cx,
/* hashLen is non-zero when the user does a one-step verify. /* hashLen is non-zero when the user does a one-step verify.
** In this case, none of the data has been input yet. ** In this case, none of the data has been input yet.
*/ */
pk11_TLSPRFHashUpdate(cx, hash, hashLen); sftk_TLSPRFHashUpdate(cx, hash, hashLen);
} }
rv = pk11_TLSPRFUpdate(cx, tmp, &tmpLen, sigLen, NULL, 0); rv = sftk_TLSPRFUpdate(cx, tmp, &tmpLen, sigLen, NULL, 0);
if (rv == SECSuccess) { if (rv == SECSuccess) {
rv = (SECStatus)(1 - !PORT_Memcmp(tmp, sig, sigLen)); rv = (SECStatus)(1 - !PORT_Memcmp(tmp, sig, sigLen));
} }
@ -278,7 +278,7 @@ pk11_TLSPRFVerify(TLSPRFContext *cx,
} }
static void static void
pk11_TLSPRFHashDestroy(TLSPRFContext *cx, PRBool freeit) sftk_TLSPRFHashDestroy(TLSPRFContext *cx, PRBool freeit)
{ {
if (freeit) { if (freeit) {
if (cx->cxBufPtr != cx->cxBuf) if (cx->cxBufPtr != cx->cxBuf)
@ -288,11 +288,11 @@ pk11_TLSPRFHashDestroy(TLSPRFContext *cx, PRBool freeit)
} }
CK_RV CK_RV
pk11_TLSPRFInit(PK11SessionContext *context, sftk_TLSPRFInit(SFTKSessionContext *context,
PK11Object * key, SFTKObject * key,
CK_KEY_TYPE key_type) CK_KEY_TYPE key_type)
{ {
PK11Attribute * keyVal; SFTKAttribute * keyVal;
TLSPRFContext * prf_cx; TLSPRFContext * prf_cx;
CK_RV crv = CKR_HOST_MEMORY; CK_RV crv = CKR_HOST_MEMORY;
PRUint32 keySize; PRUint32 keySize;
@ -303,7 +303,7 @@ pk11_TLSPRFInit(PK11SessionContext *context,
context->multi = PR_TRUE; context->multi = PR_TRUE;
keyVal = pk11_FindAttribute(key, CKA_VALUE); keyVal = sftk_FindAttribute(key, CKA_VALUE);
keySize = (!keyVal) ? 0 : keyVal->attrib.ulValueLen; keySize = (!keyVal) ? 0 : keyVal->attrib.ulValueLen;
blockSize = keySize + sizeof(TLSPRFContext); blockSize = keySize + sizeof(TLSPRFContext);
prf_cx = (TLSPRFContext *)PORT_Alloc(blockSize); prf_cx = (TLSPRFContext *)PORT_Alloc(blockSize);
@ -312,7 +312,7 @@ pk11_TLSPRFInit(PK11SessionContext *context,
prf_cx->cxSize = blockSize; prf_cx->cxSize = blockSize;
prf_cx->cxKeyLen = keySize; prf_cx->cxKeyLen = keySize;
prf_cx->cxDataLen = 0; prf_cx->cxDataLen = 0;
prf_cx->cxBufSize = blockSize - PK11_OFFSETOF(TLSPRFContext, cxBuf); prf_cx->cxBufSize = blockSize - SFTK_OFFSETOF(TLSPRFContext, cxBuf);
prf_cx->cxRv = SECSuccess; prf_cx->cxRv = SECSuccess;
prf_cx->cxIsFIPS = (key->slot->slotID == FIPS_SLOT_ID); prf_cx->cxIsFIPS = (key->slot->slotID == FIPS_SLOT_ID);
prf_cx->cxBufPtr = prf_cx->cxBuf; prf_cx->cxBufPtr = prf_cx->cxBuf;
@ -321,17 +321,17 @@ pk11_TLSPRFInit(PK11SessionContext *context,
context->hashInfo = (void *) prf_cx; context->hashInfo = (void *) prf_cx;
context->cipherInfo = (void *) prf_cx; context->cipherInfo = (void *) prf_cx;
context->hashUpdate = (PK11Hash) pk11_TLSPRFHashUpdate; context->hashUpdate = (SFTKHash) sftk_TLSPRFHashUpdate;
context->end = (PK11End) pk11_TLSPRFEnd; context->end = (SFTKEnd) sftk_TLSPRFEnd;
context->update = (PK11Cipher) pk11_TLSPRFUpdate; context->update = (SFTKCipher) sftk_TLSPRFUpdate;
context->verify = (PK11Verify) pk11_TLSPRFVerify; context->verify = (SFTKVerify) sftk_TLSPRFVerify;
context->destroy = (PK11Destroy) pk11_TLSPRFNull; context->destroy = (SFTKDestroy) sftk_TLSPRFNull;
context->hashdestroy = (PK11Destroy) pk11_TLSPRFHashDestroy; context->hashdestroy = (SFTKDestroy) sftk_TLSPRFHashDestroy;
crv = CKR_OK; crv = CKR_OK;
done: done:
if (keyVal) if (keyVal)
pk11_FreeAttribute(keyVal); sftk_FreeAttribute(keyVal);
return crv; return crv;
} }