mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
gecko-dev/security/nss/lib/pk11wrap/pk11pars.c

199 строки
6.1 KiB
C
Исходник Ответственный История

/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 2001 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
/*
* The following handles the loading, unloading and management of
* various PCKS #11 modules
*/
#include <ctype.h>
#include "pkcs11.h"
#include "seccomon.h"
#include "secmod.h"
#include "secmodi.h"
#include "pk11pars.h"
/*
* for 3.4 we continue to use the old SECMODModule structure
*/
static SECMODModule *
pk11_CreateModule(char *library, char *moduleName, char *parameters, char *nss)
{
SECMODModule *mod = SECMOD_NewModule();
char *slotParams,*ciphers;
if (mod == NULL) return NULL;
mod->commonName = PORT_ArenaStrdup(mod->arena,moduleName ? moduleName : "");
if (library) {
mod->dllName = PORT_ArenaStrdup(mod->arena,library);
}
/* new field */
if (parameters) {
mod->libraryParams = PORT_ArenaStrdup(mod->arena,parameters);
}
mod->internal = pk11_argHasFlag("flags","internal",nss);
mod->isFIPS = pk11_argHasFlag("flags","FIPS",nss);
mod->isCritical = pk11_argHasFlag("flags","critical",nss);
slotParams = pk11_argGetParamValue("slotParams",nss);
mod->slotInfo = pk11_argParseSlotInfo(mod->arena,slotParams,
&mod->slotInfoCount);
if (slotParams) PORT_Free(slotParams);
/* new field */
mod->trustOrder = pk11_argReadLong("trustOrder",nss);
/* new field */
mod->cipherOrder = pk11_argReadLong("cipherOrder",nss);
/* new field */
mod->isModuleDB = pk11_argHasFlag("flags","moduleDB",nss);
mod->moduleDBOnly = pk11_argHasFlag("flags","moduleDBOnly",nss);
if (mod->moduleDBOnly) mod->isModuleDB = PR_TRUE;
ciphers = pk11_argGetParamValue("ciphers",nss);
pk11_argSetNewCipherFlags(&mod->ssl[0],ciphers);
if (ciphers) PORT_Free(ciphers);
return mod;
}
char **
pk11_getModuleSpecList(SECMODModule *module)
{
SECMODModuleDBFunc func = (SECMODModuleDBFunc) module->moduleDBFunc;
if (func) {
return (*func)(SECMOD_MODULE_DB_FUNCTION_FIND,
module->libraryParams,NULL);
}
return NULL;
}
pk11_freeModuleSpecList(char **moduleSpecList)
{
char ** index;
for(index = moduleSpecList; *index; index++) {
PORT_Free(index);
}
PORT_Free(moduleSpecList);
}
SECStatus
PK11_LoadPKCS11Module(char *modulespec,SECMODModule *parent)
{
char *library = NULL, *moduleName = NULL, *parameters = NULL, *nss= NULL;
SECStatus status;
SECMODModule *module = NULL;
SECStatus rv;
/* initialize the underlying module structures */
SECMOD_Init();
status = pk11_argParseModuleSpec(modulespec, &library, &moduleName,
&parameters, &nss);
if (status != SECSuccess) {
goto loser;
}
module = pk11_CreateModule(library, moduleName, parameters, nss);
if (library) PORT_Free(library);
if (moduleName) PORT_Free(moduleName);
if (parameters) PORT_Free(parameters);
if (nss) PORT_Free(nss);
/* load it */
rv = SECMOD_LoadModule(module);
if (rv != SECSuccess) {
goto loser;
}
if (module->isModuleDB) {
char ** moduleSpecList;
char **index;
moduleSpecList = pk11_getModuleSpecList(module);
for (index = moduleSpecList; index && *index; index++) {
rv = PK11_LoadPKCS11Module(*index,module);
if (rv != SECSuccess) break;
}
pk11_freeModuleSpecList(moduleSpecList);
}
if (rv != SECSuccess) {
goto loser;
}
if (parent) {
module->parent = SECMOD_ReferenceModule(parent);
}
if (!module->moduleDBOnly) {
SECMOD_AddModuleToList(module);
} else {
SECMOD_AddModuleToDBOnlyList(module);
}
#ifdef notdef
printf("-------------------------------------------------\n");
printf("Module Name: %s\n",module->commonName);
printf("Library Name: %s\n", module->dllName);
printf("Module Parameters: %s\n", module->moduleParams);
printf("Module type: %s\n",module->internal?"internal":"external");
printf("FIPS module: %s\n", module->isFIPS ?"on": "off");
printf("Trust Order: %d\n", module->trustOrder);
printf("Cipher Order: %d\n", module->cipherOrder);
printf("New Ciphers: 0x%08x,0x%08x\n",module->ssl[0], module->ssl[1]);
printf("Can Load PKCS #11 module: %s\n", module->isModuleDB ? "True" : "False");
if (module->slotInfoCount) {
int i;
printf("Slot Infos: %d\n", module->slotInfoCount);
for (i=0; i < module->slotInfoCount; i++) {
printf(" ++++++++++++++++++++++++++++++++++++++++++++\n");
printf(" Slot ID=0x%08x\n",module->slotInfo[i].slotID);
printf(" Slot Flags = 0x%08x\n",module->slotInfo[i].defaultFlags);
printf(" Slot PWarg = %d\n",module->slotInfo[i].askpw);
printf(" Slot timeout = %d\n",module->slotInfo[i].timeout);
}
}
#endif
/* handle any additional work here */
return SECSuccess;
loser:
if (module) {
PRBool critical = module->isCritical || (parent == NULL);
SECMOD_DestroyModule(module);
return critical ? SECFailure: SECSuccess;
}
return SECFailure;
}
Ссылка в новой задаче Показать git blame Копировать постоянную ссылку