зеркало из https://github.com/mozilla/pjs.git
269 строки
12 KiB
JavaScript
269 строки
12 KiB
JavaScript
//
|
|
// The contents of this file are subject to the Mozilla Public
|
|
// License Version 1.1 (the "License"); you may not use this file
|
|
// except in compliance with the License. You may obtain a copy of
|
|
// the License at http://www.mozilla.org/MPL/
|
|
//
|
|
// Software distributed under the License is distributed on an "AS
|
|
// IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
|
|
// implied. See the License for the specific language governing
|
|
// rights and limitations under the License.
|
|
//
|
|
// The Original Code is the Netscape security libraries.
|
|
//
|
|
// The Initial Developer of the Original Code is Netscape
|
|
// Communications Corporation. Portions created by Netscape are
|
|
// Copyright (C) 1994-2000 Netscape Communications Corporation. All
|
|
// Rights Reserved.
|
|
//
|
|
// Contributor(s):
|
|
//
|
|
// Alternatively, the contents of this file may be used under the
|
|
// terms of the GNU General Public License Version 2 or later (the
|
|
// "GPL"), in which case the provisions of the GPL are applicable
|
|
// instead of those above. If you wish to allow use of your
|
|
// version of this file only under the terms of the GPL and not to
|
|
// allow others to use your version of this file under the MPL,
|
|
// indicate your decision by deleting the provisions above and
|
|
// replace them with the notice and other provisions required by
|
|
// the GPL. If you do not delete the provisions above, a recipient
|
|
// may use your version of this file under either the MPL or the
|
|
// GPL.
|
|
//
|
|
////////////////////////////////////////////////////////////////////////////////////////
|
|
// Crypto Mechanism Flags
|
|
PKCS11_MECH_RSA_FLAG = 0x1<<0;
|
|
PKCS11_MECH_DSA_FLAG = 0x1<<1;
|
|
PKCS11_MECH_RC2_FLAG = 0x1<<2;
|
|
PKCS11_MECH_RC4_FLAG = 0x1<<3;
|
|
PKCS11_MECH_DES_FLAG = 0x1<<4;
|
|
PKCS11_MECH_DH_FLAG = 0x1<<5; //Diffie-Hellman
|
|
PKCS11_MECH_SKIPJACK_FLAG = 0x1<<6; //SKIPJACK algorithm as in Fortezza cards
|
|
PKCS11_MECH_RC5_FLAG = 0x1<<7;
|
|
PKCS11_MECH_SHA1_FLAG = 0x1<<8;
|
|
PKCS11_MECH_MD5_FLAG = 0x1<<9;
|
|
PKCS11_MECH_MD2_FLAG = 0x1<<10;
|
|
PKCS11_MECH_RANDOM_FLAG = 0x1<<27; //Random number generator
|
|
PKCS11_PUB_READABLE_CERT_FLAG = 0x1<<28; //Stored certs can be read off the token w/o logging in
|
|
PKCS11_DISABLE_FLAG = 0x1<<30; //tell Navigator to disable this slot by default
|
|
|
|
// Important:
|
|
// 0x1<<11, 0x1<<12, ... , 0x1<<26, 0x1<<29, and 0x1<<31 are reserved
|
|
// for internal use in Navigator.
|
|
// Therefore, these bits should always be set to 0; otherwise,
|
|
// Navigator might exhibit unpredictable behavior.
|
|
|
|
// These flags indicate which mechanisms should be turned on by
|
|
var pkcs11MechanismFlags = PKCS11_MECH_RANDOM_FLAG;
|
|
|
|
////////////////////////////////////////////////////////////////////////////////////////
|
|
// Ciphers that support SSL or S/MIME
|
|
PKCS11_CIPHER_FORTEZZA_FLAG = 0x1<<0;
|
|
|
|
// Important:
|
|
// 0x1<<1, 0x1<<2, ... , 0x1<<31 are reserved
|
|
// for internal use in Navigator.
|
|
// Therefore, these bits should ALWAYS be set to 0; otherwise,
|
|
// Navigator might exhibit unpredictable behavior.
|
|
|
|
// These flags indicate which SSL ciphers are supported
|
|
var pkcs11CipherFlags = PKCS11_CIPHER_FORTEZZA_FLAG;
|
|
|
|
////////////////////////////////////////////////////////////////////////////////////////
|
|
// Return values of pkcs11.addmodule() & pkcs11.delmodule()
|
|
// success codes
|
|
JS_OK_ADD_MODULE = 3; // Successfully added a module
|
|
JS_OK_DEL_EXTERNAL_MODULE = 2; // Successfully deleted ext. module
|
|
JS_OK_DEL_INTERNAL_MODULE = 1; // Successfully deleted int. module
|
|
|
|
// failure codes
|
|
JS_ERR_OTHER = -1; // Other errors than the followings
|
|
JS_ERR_USER_CANCEL_ACTION = -2; // User abort an action
|
|
JS_ERR_INCORRECT_NUM_OF_ARGUMENTS= -3; // Calling a method w/ incorrect # of arguments
|
|
JS_ERR_DEL_MODULE = -4; // Error deleting a module
|
|
JS_ERR_ADD_MODULE = -5; // Error adding a module
|
|
JS_ERR_BAD_MODULE_NAME = -6; // The module name is invalid
|
|
JS_ERR_BAD_DLL_NAME = -7; // The DLL name is bad
|
|
JS_ERR_BAD_MECHANISM_FLAGS = -8; // The mechanism flags are invalid
|
|
JS_ERR_BAD_CIPHER_ENABLE_FLAGS = -9; // The SSL, S/MIME cipher flags are invalid
|
|
JS_ERR_ADD_MODULE_DULICATE =-10; // Module with the same name already installed
|
|
|
|
////////////////////////////////////////////////////////////////////////////////////////
|
|
// Find out which library is to be installed depending on the platform
|
|
|
|
// pathname seperator is platform specific
|
|
var sep = "/";
|
|
var vendor = "netscape";
|
|
var moduleName = "not_supported";
|
|
var plat = navigator.platform;
|
|
|
|
var dir = "pkcs11/" + vendor + "/" + plat + "/";
|
|
if (plat == "Win16") {
|
|
dir = "pkcs11/";
|
|
}
|
|
|
|
bAbort = false;
|
|
if (plat == "Win32") {
|
|
moduleName = "fort32.dll";
|
|
sep = "\\";
|
|
} else if (plat == "Win16") {
|
|
moduleName = "FORT16.DLL";
|
|
sep = "\\";
|
|
} else if (plat == "MacPPC") {
|
|
moduleName = "FortPK11Lib";
|
|
sep = ":";
|
|
} else if (plat == "AIX4.1") {
|
|
moduleName = "libfort_shr.a";
|
|
} else if (plat == "SunOS4.1.3_U1") {
|
|
moduleName = "libfort.so.1.0";
|
|
} else if ((plat == "SunOS5.4") || (plat == "SunOS5.5.1")){
|
|
moduleName = "libfort.so";
|
|
} else if ((plat == "HP-UXA.09") || (plat == "HP-UXB.10")){
|
|
moduleName = "libfort.sl";
|
|
} else if (plat == "IRIX6.2"){
|
|
// The module only works on 6.3, but Communicator returns 6.2 even when
|
|
// running 6.3. So in order to prevent the user from thinking
|
|
// the module actually works on 6.2, we will force the name to
|
|
// say 6.3 instead of 6.2. In the even the user tries to install
|
|
// on 6.2, the user will see 6.3 instead. If they don't get it that
|
|
// it's not going to work at this point in time, then the entire install
|
|
// process wil just fail miserably, and that is OK.
|
|
plat = "IRIX6.3";
|
|
moduleName = "libfort.so";
|
|
} else {
|
|
window.alert("Sorry, platform "+plat+" is not supported.");
|
|
bAbort = true;
|
|
}
|
|
|
|
////////////////////////////////////////////////////////////////////////////////////////
|
|
// Installation Begins...
|
|
if (!bAbort) {
|
|
if (confirm("This script will install a security module. \nIt may over-write older files having the same name. \nDo you want to continue?")) {
|
|
// Step 1. Create a version object and a software update object
|
|
vi = new netscape.softupdate.VersionInfo(1, 6, 0, 0);
|
|
su = new netscape.softupdate.SoftwareUpdate(this, "Fortezza Card PKCS#11 Module");
|
|
// "Fortezza ... Module" is the logical name of the bundle
|
|
|
|
////////////////////////////////////////
|
|
// Step 2. Start the install process
|
|
bAbort = false;
|
|
err = su.StartInstall("NSfortezza", // NSfortezza is the component folder (logical)
|
|
vi,
|
|
netscape.softupdate.SoftwareUpdate.FULL_INSTALL);
|
|
|
|
bAbort = (err!=0);
|
|
|
|
if (err == 0) {
|
|
////////////////////////////////////////
|
|
// Step 3. Find out the physical location of the Program dir
|
|
Folder = su.GetFolder("Program");
|
|
|
|
////////////////////////////////////////
|
|
// Step 4. Install the files. Unpack them and list where they go
|
|
|
|
err = su.AddSubcomponent("FortezzaLibrary_"+plat, //component name (logical)
|
|
vi, // version info
|
|
moduleName, // source file in JAR (physical)
|
|
Folder, // target folder (physical)
|
|
dir + moduleName, // target path & filename (physical)
|
|
true); // forces update
|
|
if (err != 0) {
|
|
if (err == -200) {
|
|
errmsg = "Bad Package Name.";
|
|
} else if (err == -201) {
|
|
errmsg = "Unexpected error.";
|
|
} else if (err == -203) {
|
|
errmsg = "Installation script was signed by more than one certificate.";
|
|
} else if (err == -204) {
|
|
errmsg = "Installation script was not signed."
|
|
} else if (err == -205) {
|
|
errmsg = "The file to be installed is not signed."
|
|
} else if (err == -206) {
|
|
errmsg = "The file to be installed is not present, or it was signed with a different certificate than the one used to sign the install script.";
|
|
} else if (err == -207) {
|
|
errmsg = "JAR archive has not been opened."
|
|
} else if (err == -208) {
|
|
errmsg = "Bad arguments to AddSubcomponent( )."
|
|
} else if (err == -209) {
|
|
errmsg = "Illegal relative path( )."
|
|
} else if (err == -210) {
|
|
errmsg = "User cancelled installation."
|
|
} else if (err == -211) {
|
|
errmsg = "A problem occurred with the StartInstall( )."
|
|
} else {
|
|
errmsg = "Unknown error";
|
|
}
|
|
window.alert("Error adding sub-component: "+"("+err+")"+errmsg);
|
|
//window.alert("Aborting, Folder="+Folder+" module="+dir+moduleName);
|
|
bAbort = true;
|
|
}
|
|
}
|
|
|
|
////////////////////////////////////////
|
|
// Step 5. Unless there was a problem, move files to final location
|
|
// and update the Client Version Registry
|
|
if (bAbort) {
|
|
su.AbortInstall();
|
|
} else {
|
|
err = su.FinalizeInstall();
|
|
|
|
if (err != 0) {
|
|
|
|
if (err == -900) {
|
|
errmsg = "Restart the computer, and install again.";
|
|
} else if (err == -201) {
|
|
errmsg = "Unexpected error.";
|
|
} else if (err == -202) {
|
|
errmsg = "Access denied. Make sure you have the permissions to write to the disk.";
|
|
} else if (err == -203) {
|
|
errmsg = "Installation script was signed by more than one certificate.";
|
|
} else if (err == -204) {
|
|
errmsg = "Installation script was not signed."
|
|
} else if (err == -205) {
|
|
errmsg = "The file to be installed is not signed."
|
|
} else if (err == -206) {
|
|
errmsg = "The file to be installed is not present, or it was signed with a different certificate than the one used to sign the install script."
|
|
} else if (err == -207) {
|
|
errmsg = "JAR archive has not been opened."
|
|
} else if (err == -208) {
|
|
errmsg = "Bad arguments to AddSubcomponent( )."
|
|
} else if (err == -209) {
|
|
errmsg = "Illegal relative path( )."
|
|
} else if (err == -210) {
|
|
errmsg = "User cancelled installation."
|
|
} else if (err == -211) {
|
|
errmsg = "A problem occurred with the StartInstall( )."
|
|
} else {
|
|
errmsg = "\nIf you have FORTEZZA module already installed, try deleting it first.";
|
|
}
|
|
window.alert("Error Finalizing Install: "+"("+err+")"+errmsg);
|
|
//window.alert("Aborting, Folder="+Folder+" module="+dir+moduleName);
|
|
|
|
} else {
|
|
|
|
// Platform specific full path
|
|
if (plat=="Win16") {
|
|
fullpath = Folder + "pkcs11" + sep + moduleName;
|
|
} else {
|
|
fullpath = Folder + "pkcs11" + sep + vendor + sep + plat + sep + moduleName;
|
|
}
|
|
|
|
////////////////////////////////////////
|
|
// Step 6: Call pkcs11.addmodule() to register the newly downloaded module
|
|
moduleCommonName = "Netscape FORTEZZA Module " + plat;
|
|
result = pkcs11.addmodule(moduleCommonName,
|
|
fullpath,
|
|
pkcs11MechanismFlags,
|
|
pkcs11CipherFlags);
|
|
if (result == -10) {
|
|
window.alert("New module was copied to destination, \nbut setup failed because a module "
|
|
+"with the same name has been installed. \nTry deleting the module "
|
|
+ moduleCommonName +" first.")
|
|
} else if (result < 0) {
|
|
window.alert("New module was copied to destination, but setup failed. Error code: " + result);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|