The Tor Browser / file revision

security/nss/lib/softoken/sftkpars.c@b8a032363ba2

security/nss/lib/softoken/sftkpars.c

Thu, 22 Jan 2015 13:21:57 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Thu, 22 Jan 2015 13:21:57 +0100
branch
TOR_BUG_9701
changeset 15
b8a032363ba2
permissions
-rw-r--r--

Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6

     1 /* This Source Code Form is subject to the terms of the Mozilla Public

     2  * License, v. 2.0. If a copy of the MPL was not distributed with this

     3  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

     4 /* 

     5  *  The following code handles the storage of PKCS 11 modules used by the

     6  * NSS. This file is written to abstract away how the modules are

     7  * stored so we can deside that later.

     8  */

     9 #include "pkcs11i.h"

    10 #include "sdb.h"

    11 #include "prprf.h" 

    12 #include "prenv.h"

    13 #include "utilpars.h"

    14 

    15 #define FREE_CLEAR(p) if (p) { PORT_Free(p); p = NULL; }

    16 

    17 static void

    18 sftk_parseTokenFlags(char *tmp, sftk_token_parameters *parsed) { 

    19     parsed->readOnly = NSSUTIL_ArgHasFlag("flags","readOnly",tmp);

    20     parsed->noCertDB = NSSUTIL_ArgHasFlag("flags","noCertDB",tmp);

    21     parsed->noKeyDB = NSSUTIL_ArgHasFlag("flags","noKeyDB",tmp);

    22     parsed->forceOpen = NSSUTIL_ArgHasFlag("flags","forceOpen",tmp);

    23     parsed->pwRequired = NSSUTIL_ArgHasFlag("flags","passwordRequired",tmp);

    24     parsed->optimizeSpace = NSSUTIL_ArgHasFlag("flags","optimizeSpace",tmp);

    25     return;

    26 }

    27 

    28 static void

    29 sftk_parseFlags(char *tmp, sftk_parameters *parsed) { 

    30     parsed->noModDB = NSSUTIL_ArgHasFlag("flags","noModDB",tmp);

    31     parsed->readOnly = NSSUTIL_ArgHasFlag("flags","readOnly",tmp);

    32     /* keep legacy interface working */

    33     parsed->noCertDB = NSSUTIL_ArgHasFlag("flags","noCertDB",tmp);

    34     parsed->forceOpen = NSSUTIL_ArgHasFlag("flags","forceOpen",tmp);

    35     parsed->pwRequired = NSSUTIL_ArgHasFlag("flags","passwordRequired",tmp);

    36     parsed->optimizeSpace = NSSUTIL_ArgHasFlag("flags","optimizeSpace",tmp);

    37     return;

    38 }

    39 

    40 static CK_RV

    41 sftk_parseTokenParameters(char *param, sftk_token_parameters *parsed) 

    42 {

    43     int next;

    44     char *tmp = NULL;

    45     char *index;

    46     index = NSSUTIL_ArgStrip(param);

    47 

    48     while (*index) {

    49 	NSSUTIL_HANDLE_STRING_ARG(index,parsed->configdir,"configDir=",;)

    50 	NSSUTIL_HANDLE_STRING_ARG(index,parsed->updatedir,"updateDir=",;)

    51 	NSSUTIL_HANDLE_STRING_ARG(index,parsed->updCertPrefix,

    52 						"updateCertPrefix=",;)

    53 	NSSUTIL_HANDLE_STRING_ARG(index,parsed->updKeyPrefix,

    54 						"updateKeyPrefix=",;)

    55 	NSSUTIL_HANDLE_STRING_ARG(index,parsed->updateID,"updateID=",;)

    56 	NSSUTIL_HANDLE_STRING_ARG(index,parsed->certPrefix,"certPrefix=",;)

    57 	NSSUTIL_HANDLE_STRING_ARG(index,parsed->keyPrefix,"keyPrefix=",;)

    58 	NSSUTIL_HANDLE_STRING_ARG(index,parsed->tokdes,"tokenDescription=",;)

    59 	NSSUTIL_HANDLE_STRING_ARG(index,parsed->updtokdes,

    60 						"updateTokenDescription=",;)

    61 	NSSUTIL_HANDLE_STRING_ARG(index,parsed->slotdes,"slotDescription=",;)

    62 	NSSUTIL_HANDLE_STRING_ARG(index,tmp,"minPWLen=", 

    63 	   if(tmp) { parsed->minPW=atoi(tmp); PORT_Free(tmp); tmp = NULL; })

    64 	NSSUTIL_HANDLE_STRING_ARG(index,tmp,"flags=", 

    65 	   if(tmp) { sftk_parseTokenFlags(param,parsed); PORT_Free(tmp); 

    66 		     tmp = NULL; })

    67 	NSSUTIL_HANDLE_FINAL_ARG(index)

    68    }

    69    return CKR_OK;

    70 }

    71 

    72 static void

    73 sftk_parseTokens(char *tokenParams, sftk_parameters *parsed)

    74 {

    75     char *tokenIndex;

    76     sftk_token_parameters *tokens = NULL;

    77     int i=0,count = 0,next;

    78 

    79     if ((tokenParams == NULL) || (*tokenParams == 0))  return;

    80 

    81     /* first count the number of slots */

    82     for (tokenIndex = NSSUTIL_ArgStrip(tokenParams); *tokenIndex;

    83 	 tokenIndex = NSSUTIL_ArgStrip(NSSUTIL_ArgSkipParameter(tokenIndex))) {

    84 	count++;

    85     }

    86 

    87     /* get the data structures */

    88     tokens = (sftk_token_parameters *) 

    89 			PORT_ZAlloc(count*sizeof(sftk_token_parameters));

    90     if (tokens == NULL) return;

    91 

    92     for (tokenIndex = NSSUTIL_ArgStrip(tokenParams), i = 0;

    93 					*tokenIndex && i < count ; i++ ) {

    94 	char *name;

    95 	name = NSSUTIL_ArgGetLabel(tokenIndex,&next);

    96 	tokenIndex += next;

    97 

    98 	tokens[i].slotID = NSSUTIL_ArgDecodeNumber(name);

    99         tokens[i].readOnly = PR_FALSE;

   100 	tokens[i].noCertDB = PR_FALSE;

   101 	tokens[i].noKeyDB = PR_FALSE;

   102 	if (!NSSUTIL_ArgIsBlank(*tokenIndex)) {

   103 	    char *args = NSSUTIL_ArgFetchValue(tokenIndex,&next);

   104 	    tokenIndex += next;

   105 	    if (args) {

   106 		sftk_parseTokenParameters(args,&tokens[i]);

   107 		PORT_Free(args);

   108 	    }

   109 	}

   110 	if (name) PORT_Free(name);

   111 	tokenIndex = NSSUTIL_ArgStrip(tokenIndex);

   112     }

   113     parsed->token_count = i;

   114     parsed->tokens = tokens;

   115     return; 

   116 }

   117 

   118 CK_RV

   119 sftk_parseParameters(char *param, sftk_parameters *parsed, PRBool isFIPS) 

   120 {

   121     int next;

   122     char *tmp = NULL;

   123     char *index;

   124     char *certPrefix = NULL, *keyPrefix = NULL;

   125     char *tokdes = NULL, *ptokdes = NULL, *pupdtokdes = NULL;

   126     char *slotdes = NULL, *pslotdes = NULL;

   127     char *fslotdes = NULL, *ftokdes = NULL;

   128     char *minPW = NULL;

   129     index = NSSUTIL_ArgStrip(param);

   130 

   131     PORT_Memset(parsed, 0, sizeof(sftk_parameters));

   132 

   133     while (*index) {

   134 	NSSUTIL_HANDLE_STRING_ARG(index,parsed->configdir,"configDir=",;)

   135 	NSSUTIL_HANDLE_STRING_ARG(index,parsed->updatedir,"updateDir=",;)

   136 	NSSUTIL_HANDLE_STRING_ARG(index,parsed->updateID,"updateID=",;)

   137 	NSSUTIL_HANDLE_STRING_ARG(index,parsed->secmodName,"secmod=",;)

   138 	NSSUTIL_HANDLE_STRING_ARG(index,parsed->man,"manufacturerID=",;)

   139 	NSSUTIL_HANDLE_STRING_ARG(index,parsed->libdes,"libraryDescription=",;)

   140 	/* constructed values, used so legacy interfaces still work */

   141 	NSSUTIL_HANDLE_STRING_ARG(index,certPrefix,"certPrefix=",;)

   142         NSSUTIL_HANDLE_STRING_ARG(index,keyPrefix,"keyPrefix=",;)

   143         NSSUTIL_HANDLE_STRING_ARG(index,tokdes,"cryptoTokenDescription=",;)

   144         NSSUTIL_HANDLE_STRING_ARG(index,ptokdes,"dbTokenDescription=",;)

   145         NSSUTIL_HANDLE_STRING_ARG(index,slotdes,"cryptoSlotDescription=",;)

   146         NSSUTIL_HANDLE_STRING_ARG(index,pslotdes,"dbSlotDescription=",;)

   147         NSSUTIL_HANDLE_STRING_ARG(index,fslotdes,"FIPSSlotDescription=",;)

   148         NSSUTIL_HANDLE_STRING_ARG(index,ftokdes,"FIPSTokenDescription=",;)

   149 	NSSUTIL_HANDLE_STRING_ARG(index,pupdtokdes, "updateTokenDescription=",;)

   150 	NSSUTIL_HANDLE_STRING_ARG(index,minPW,"minPWLen=",;)

   151 

   152 	NSSUTIL_HANDLE_STRING_ARG(index,tmp,"flags=", 

   153 		if(tmp) { sftk_parseFlags(param,parsed); PORT_Free(tmp); 

   154 			  tmp = NULL; })

   155 	NSSUTIL_HANDLE_STRING_ARG(index,tmp,"tokens=", 

   156 		if(tmp) { sftk_parseTokens(tmp,parsed); PORT_Free(tmp); 				  tmp = NULL; })

   157 	NSSUTIL_HANDLE_FINAL_ARG(index)

   158     }

   159     if (parsed->tokens == NULL) {

   160 	int  count = isFIPS ? 1 : 2;

   161 	int  index = count-1;

   162 	sftk_token_parameters *tokens = NULL;

   163 

   164 	tokens = (sftk_token_parameters *) 

   165 			PORT_ZAlloc(count*sizeof(sftk_token_parameters));

   166 	if (tokens == NULL) {

   167 	    goto loser;

   168 	}

   169 	parsed->tokens = tokens;

   170     	parsed->token_count = count;

   171 	tokens[index].slotID = isFIPS ? FIPS_SLOT_ID : PRIVATE_KEY_SLOT_ID;

   172 	tokens[index].certPrefix = certPrefix;

   173 	tokens[index].keyPrefix = keyPrefix;

   174 	tokens[index].minPW = minPW ? atoi(minPW) : 0;

   175 	tokens[index].readOnly = parsed->readOnly;

   176 	tokens[index].noCertDB = parsed->noCertDB;

   177 	tokens[index].noKeyDB = parsed->noCertDB;

   178 	tokens[index].forceOpen = parsed->forceOpen;

   179 	tokens[index].pwRequired = parsed->pwRequired;

   180 	tokens[index].optimizeSpace = parsed->optimizeSpace;

   181 	tokens[0].optimizeSpace = parsed->optimizeSpace;

   182 	certPrefix = NULL;

   183 	keyPrefix = NULL;

   184 	if (isFIPS) {

   185 	    tokens[index].tokdes = ftokdes;

   186 	    tokens[index].updtokdes = pupdtokdes;

   187 	    tokens[index].slotdes = fslotdes;

   188 	    fslotdes = NULL;

   189 	    ftokdes = NULL;

   190 	    pupdtokdes = NULL;

   191 	} else {

   192 	    tokens[index].tokdes = ptokdes;

   193 	    tokens[index].updtokdes = pupdtokdes;

   194 	    tokens[index].slotdes = pslotdes;

   195 	    tokens[0].slotID = NETSCAPE_SLOT_ID;

   196 	    tokens[0].tokdes = tokdes;

   197 	    tokens[0].slotdes = slotdes;

   198 	    tokens[0].noCertDB = PR_TRUE;

   199 	    tokens[0].noKeyDB = PR_TRUE;

   200 	    pupdtokdes = NULL;

   201 	    ptokdes = NULL;

   202 	    pslotdes = NULL;

   203 	    tokdes = NULL;

   204 	    slotdes = NULL;

   205 	}

   206     }

   207 

   208 loser:

   209     FREE_CLEAR(certPrefix);

   210     FREE_CLEAR(keyPrefix);

   211     FREE_CLEAR(tokdes);

   212     FREE_CLEAR(ptokdes);

   213     FREE_CLEAR(pupdtokdes);

   214     FREE_CLEAR(slotdes);

   215     FREE_CLEAR(pslotdes);

   216     FREE_CLEAR(fslotdes);

   217     FREE_CLEAR(ftokdes);

   218     FREE_CLEAR(minPW);

   219     return CKR_OK;

   220 }

   221 

   222 void

   223 sftk_freeParams(sftk_parameters *params)

   224 {

   225     int i;

   226 

   227     for (i=0; i < params->token_count; i++) {

   228 	FREE_CLEAR(params->tokens[i].configdir);

   229 	FREE_CLEAR(params->tokens[i].certPrefix);

   230 	FREE_CLEAR(params->tokens[i].keyPrefix);

   231 	FREE_CLEAR(params->tokens[i].tokdes);

   232 	FREE_CLEAR(params->tokens[i].slotdes);

   233 	FREE_CLEAR(params->tokens[i].updatedir);

   234 	FREE_CLEAR(params->tokens[i].updCertPrefix);

   235 	FREE_CLEAR(params->tokens[i].updKeyPrefix);

   236 	FREE_CLEAR(params->tokens[i].updateID);

   237 	FREE_CLEAR(params->tokens[i].updtokdes);

   238     }

   239 

   240     FREE_CLEAR(params->configdir);

   241     FREE_CLEAR(params->secmodName);

   242     FREE_CLEAR(params->man);

   243     FREE_CLEAR(params->libdes); 

   244     FREE_CLEAR(params->tokens);

   245     FREE_CLEAR(params->updatedir);

   246     FREE_CLEAR(params->updateID);

   247 }

   248

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial