michael@0: /* This Source Code Form is subject to the terms of the Mozilla Public
michael@0:  * License, v. 2.0. If a copy of the MPL was not distributed with this
michael@0:  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
michael@0: 
michael@0: #include <plarena.h>
michael@0: #include <prerror.h>
michael@0: #include <prio.h>
michael@0: #include <prprf.h>
michael@0: #include <seccomon.h>
michael@0: #include <secmod.h>
michael@0: #include <jar.h>
michael@0: #include <secutil.h>
michael@0: 
michael@0: /* These are installation functions that make calls to the security library.
michael@0:  * We don't want to include security include files in the C++ code too much.
michael@0:  */
michael@0: 
michael@0: static char* PR_fgets(char *buf, int size, PRFileDesc *file);
michael@0: 
michael@0: /***************************************************************************
michael@0:  *
michael@0:  * P k 1 1 I n s t a l l _ A d d N e w M o d u l e
michael@0:  */
michael@0: int
michael@0: Pk11Install_AddNewModule(char* moduleName, char* dllPath,
michael@0:                               unsigned long defaultMechanismFlags,
michael@0:                               unsigned long cipherEnableFlags)
michael@0: {
michael@0: 	return (SECMOD_AddNewModule(moduleName, dllPath,
michael@0: 		SECMOD_PubMechFlagstoInternal(defaultMechanismFlags),
michael@0: 		SECMOD_PubCipherFlagstoInternal(cipherEnableFlags))
michael@0: 													== SECSuccess) ? 0 : -1;
michael@0: }
michael@0: 
michael@0: /*************************************************************************
michael@0:  *
michael@0:  * P k 1 1 I n s t a l l _ U s e r V e r i f y J a r
michael@0:  *
michael@0:  * Gives the user feedback on the signatures of a JAR files, asks them
michael@0:  * whether they actually want to continue.
michael@0:  * Assumes the jar structure has already been created and is valid.
michael@0:  * Returns 0 if the user wants to continue the installation, nonzero
michael@0:  * if the user wishes to abort.
michael@0:  */
michael@0: short
michael@0: Pk11Install_UserVerifyJar(JAR *jar, PRFileDesc *out, PRBool query)
michael@0: {
michael@0: 	JAR_Context *ctx;
michael@0: 	JAR_Cert *fing;
michael@0: 	JAR_Item *item;
michael@0: 	char stdinbuf[80];
michael@0: 	int count=0;
michael@0: 
michael@0: 	CERTCertificate *cert, *prev=NULL;
michael@0: 
michael@0: 	PR_fprintf(out, "\nThis installation JAR file was signed by:\n");
michael@0: 
michael@0: 	ctx = JAR_find(jar, NULL, jarTypeSign);
michael@0: 
michael@0: 	while(JAR_find_next(ctx, &item) >= 0 ) {
michael@0: 		fing = (JAR_Cert*) item->data;
michael@0: 		cert = fing->cert;
michael@0: 		if(cert==prev) {
michael@0: 			continue;
michael@0: 		}
michael@0: 
michael@0: 		count++;
michael@0: 		PR_fprintf(out, "----------------------------------------------\n");
michael@0: 		if(cert) {
michael@0: 			if(cert->nickname) {
michael@0: 				PR_fprintf(out, "**NICKNAME**\n%s\n", cert->nickname);
michael@0: 			}
michael@0: 			if(cert->subjectName) {
michael@0: 				PR_fprintf(out, "**SUBJECT NAME**\n%s\n", cert->subjectName); }
michael@0: 			if(cert->issuerName) {
michael@0: 				PR_fprintf(out, "**ISSUER NAME**\n%s\n", cert->issuerName);
michael@0: 			}
michael@0: 		} else {
michael@0: 			PR_fprintf(out, "No matching certificate could be found.\n");
michael@0: 		}
michael@0: 		PR_fprintf(out, "----------------------------------------------\n\n");
michael@0: 
michael@0: 		prev=cert;
michael@0: 	}
michael@0: 
michael@0: 	JAR_find_end(ctx);
michael@0: 
michael@0: 	if(count==0) {
michael@0: 		PR_fprintf(out, "No signatures found: JAR FILE IS UNSIGNED.\n");
michael@0: 	}
michael@0: 
michael@0: 	if(query) {
michael@0: 		PR_fprintf(out,
michael@0: "Do you wish to continue this installation? (y/n) ");
michael@0: 
michael@0: 		if(PR_fgets(stdinbuf, 80, PR_STDIN) != NULL) {
michael@0: 			char *response;
michael@0: 
michael@0: 			if( (response=strtok(stdinbuf, " \t\n\r")) ) {
michael@0: 				if( !PL_strcasecmp(response, "y") ||
michael@0: 					!PL_strcasecmp(response, "yes") ) {
michael@0: 					return 0;
michael@0: 				}
michael@0: 			}
michael@0: 		}
michael@0: 	}
michael@0: 
michael@0: 	return 1;
michael@0: }
michael@0: 
michael@0: /**************************************************************************
michael@0:  *
michael@0:  * P R _ f g e t s
michael@0:  *
michael@0:  * fgets implemented with NSPR.
michael@0:  */
michael@0: static char*
michael@0: PR_fgets(char *buf, int size, PRFileDesc *file)
michael@0: {
michael@0:     int i;
michael@0:     int status;
michael@0:     char c;
michael@0: 
michael@0:     i=0;
michael@0:     while(i < size-1) {
michael@0:         status = PR_Read(file, (void*) &c, 1);
michael@0:         if(status==-1) {
michael@0:             return NULL;
michael@0:         } else if(status==0) {
michael@0:             break;
michael@0:         }
michael@0:         buf[i++] = c;
michael@0:         if(c=='\n') {
michael@0:             break;
michael@0:         }
michael@0:     }
michael@0:     buf[i]='\0';
michael@0: 
michael@0:     return buf;
michael@0: }
michael@0: 
michael@0: /**************************************************************************
michael@0:  *
michael@0:  * m y S E C U _ E r r o r S t r i n g
michael@0:  *
michael@0:  */
michael@0: const char* mySECU_ErrorString(PRErrorCode errnum)
michael@0: {
michael@0: 	return SECU_Strerror(errnum);
michael@0: }