sftkpars.c - mozsearch

mozilla-central/security/nss/lib/softoken/sftkpars.c (file symbol)

Enable keyboard shortcuts

Source code

File a bug in NSS :: Libraries

Revision control

Copy as Markdown

Other Tools

/* This Source Code Form is subject to the terms of the Mozilla Public

 * License, v. 2.0. If a copy of the MPL was not distributed with this

 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

/*

 *  The following code handles the storage of PKCS 11 modules used by the

 * NSS. This file is written to abstract away how the modules are

 * stored so we can deside that later.

*/

#include "pkcs11i.h"

#include "sdb.h"

#include "prprf.h"

#include "prenv.h"

#include "utilpars.h"

#define FREE_CLEAR(p) \

    if (p) {          \

        PORT_Free(p); \

        p = NULL;     \

static void

sftk_parseTokenFlags(char *tmp, sftk_token_parameters *parsed)

    parsed->readOnly = NSSUTIL_ArgHasFlag("flags", "readOnly", tmp);

    parsed->noCertDB = NSSUTIL_ArgHasFlag("flags", "noCertDB", tmp);

    parsed->noKeyDB = NSSUTIL_ArgHasFlag("flags", "noKeyDB", tmp);

    parsed->forceOpen = NSSUTIL_ArgHasFlag("flags", "forceOpen", tmp);

    parsed->pwRequired = NSSUTIL_ArgHasFlag("flags", "passwordRequired", tmp);

    parsed->optimizeSpace = NSSUTIL_ArgHasFlag("flags", "optimizeSpace", tmp);

    return;

static void

sftk_parseFlags(char *tmp, sftk_parameters *parsed)

    parsed->noModDB = NSSUTIL_ArgHasFlag("flags", "noModDB", tmp);

    parsed->readOnly = NSSUTIL_ArgHasFlag("flags", "readOnly", tmp);

    /* keep legacy interface working */

    parsed->noCertDB = NSSUTIL_ArgHasFlag("flags", "noCertDB", tmp);

    parsed->forceOpen = NSSUTIL_ArgHasFlag("flags", "forceOpen", tmp);

    parsed->pwRequired = NSSUTIL_ArgHasFlag("flags", "passwordRequired", tmp);

    parsed->optimizeSpace = NSSUTIL_ArgHasFlag("flags", "optimizeSpace", tmp);

    return;

static CK_RV

sftk_parseTokenParameters(char *param, sftk_token_parameters *parsed)

    int next;

    char *tmp = NULL;

    const char *index;

    index = NSSUTIL_ArgStrip(param);

    while (*index) {

        NSSUTIL_HANDLE_STRING_ARG(index, parsed->configdir, "configDir=", ;)

        NSSUTIL_HANDLE_STRING_ARG(index, parsed->updatedir, "updateDir=", ;)

        NSSUTIL_HANDLE_STRING_ARG(index, parsed->updCertPrefix, "updateCertPrefix=", ;)

        NSSUTIL_HANDLE_STRING_ARG(index, parsed->updKeyPrefix, "updateKeyPrefix=", ;)

        NSSUTIL_HANDLE_STRING_ARG(index, parsed->updateID, "updateID=", ;)

        NSSUTIL_HANDLE_STRING_ARG(index, parsed->certPrefix, "certPrefix=", ;)

        NSSUTIL_HANDLE_STRING_ARG(index, parsed->keyPrefix, "keyPrefix=", ;)

        NSSUTIL_HANDLE_STRING_ARG(index, parsed->tokdes, "tokenDescription=", ;)

        NSSUTIL_HANDLE_STRING_ARG(index, parsed->updtokdes, "updateTokenDescription=", ;)

        NSSUTIL_HANDLE_STRING_ARG(index, parsed->slotdes, "slotDescription=", ;)

        NSSUTIL_HANDLE_STRING_ARG(

            index, tmp, "minPWLen=",

            if (tmp) { parsed->minPW=atoi(tmp); PORT_Free(tmp); tmp = NULL; })

        NSSUTIL_HANDLE_STRING_ARG(

            index, tmp, "flags=",

            if (tmp) { sftk_parseTokenFlags(param,parsed); PORT_Free(tmp); tmp = NULL; })

        NSSUTIL_HANDLE_FINAL_ARG(index)

    return CKR_OK;

static void

sftk_parseTokens(char *tokenParams, sftk_parameters *parsed)

    const char *tokenIndex;

    sftk_token_parameters *tokens = NULL;

    int i = 0, count = 0, next;

    if ((tokenParams == NULL) || (*tokenParams == 0))

        return;

    /* first count the number of slots */

    for (tokenIndex = NSSUTIL_ArgStrip(tokenParams); *tokenIndex;

         tokenIndex = NSSUTIL_ArgStrip(NSSUTIL_ArgSkipParameter(tokenIndex))) {

        count++;

    /* get the data structures */

    tokens = (sftk_token_parameters *)

        PORT_ZAlloc(count * sizeof(sftk_token_parameters));

    if (tokens == NULL)

        return;

    for (tokenIndex = NSSUTIL_ArgStrip(tokenParams), i = 0;

         *tokenIndex && i < count; i++) {

        char *name;

        name = NSSUTIL_ArgGetLabel(tokenIndex, &next);

        tokenIndex += next;

        tokens[i].slotID = NSSUTIL_ArgDecodeNumber(name);

        tokens[i].readOnly = PR_FALSE;

        tokens[i].noCertDB = PR_FALSE;

        tokens[i].noKeyDB = PR_FALSE;

        if (!NSSUTIL_ArgIsBlank(*tokenIndex)) {

            char *args = NSSUTIL_ArgFetchValue(tokenIndex, &next);

            tokenIndex += next;

            if (args) {

                sftk_parseTokenParameters(args, &tokens[i]);

                PORT_Free(args);

        if (name)

            PORT_Free(name);

        tokenIndex = NSSUTIL_ArgStrip(tokenIndex);

    parsed->token_count = i;

    parsed->tokens = tokens;

    return;

CK_RV

sftk_parseParameters(char *param, sftk_parameters *parsed, PRBool isFIPS)

    int next;

    char *tmp = NULL;

    const char *index;

    char *certPrefix = NULL, *keyPrefix = NULL;

    char *tokdes = NULL, *ptokdes = NULL, *pupdtokdes = NULL;

    char *slotdes = NULL, *pslotdes = NULL;

    char *fslotdes = NULL, *ftokdes = NULL;

    char *minPW = NULL;

    index = NSSUTIL_ArgStrip(param);

    PORT_Memset(parsed, 0, sizeof(sftk_parameters));

    while (*index) {

        NSSUTIL_HANDLE_STRING_ARG(index, parsed->configdir, "configDir=", ;)

        NSSUTIL_HANDLE_STRING_ARG(index, parsed->updatedir, "updateDir=", ;)

        NSSUTIL_HANDLE_STRING_ARG(index, parsed->updateID, "updateID=", ;)

        NSSUTIL_HANDLE_STRING_ARG(index, parsed->secmodName, "secmod=", ;)

        NSSUTIL_HANDLE_STRING_ARG(index, parsed->man, "manufacturerID=", ;)

        NSSUTIL_HANDLE_STRING_ARG(index, parsed->libdes, "libraryDescription=", ;)

        /* constructed values, used so legacy interfaces still work */

        NSSUTIL_HANDLE_STRING_ARG(index, certPrefix, "certPrefix=", ;)

        NSSUTIL_HANDLE_STRING_ARG(index, keyPrefix, "keyPrefix=", ;)

        NSSUTIL_HANDLE_STRING_ARG(index, tokdes, "cryptoTokenDescription=", ;)

        NSSUTIL_HANDLE_STRING_ARG(index, ptokdes, "dbTokenDescription=", ;)

        NSSUTIL_HANDLE_STRING_ARG(index, slotdes, "cryptoSlotDescription=", ;)

        NSSUTIL_HANDLE_STRING_ARG(index, pslotdes, "dbSlotDescription=", ;)

        NSSUTIL_HANDLE_STRING_ARG(index, fslotdes, "FIPSSlotDescription=", ;)

        NSSUTIL_HANDLE_STRING_ARG(index, ftokdes, "FIPSTokenDescription=", ;)

        NSSUTIL_HANDLE_STRING_ARG(index, pupdtokdes, "updateTokenDescription=", ;)

        NSSUTIL_HANDLE_STRING_ARG(index, minPW, "minPWLen=", ;)

        NSSUTIL_HANDLE_STRING_ARG(

            index, tmp, "flags=",

            if (tmp) { sftk_parseFlags(param,parsed); PORT_Free(tmp); tmp = NULL; })

        NSSUTIL_HANDLE_STRING_ARG(

            index, tmp, "tokens=",

            if (tmp) { sftk_parseTokens(tmp,parsed); PORT_Free(tmp); tmp = NULL; })

        NSSUTIL_HANDLE_FINAL_ARG(index)

    if (parsed->tokens == NULL) {

        int count = isFIPS ? 1 : 2;

        int i = count - 1;

        sftk_token_parameters *tokens = NULL;

        tokens = (sftk_token_parameters *)

            PORT_ZAlloc(count * sizeof(sftk_token_parameters));

        if (tokens == NULL) {

            goto loser;

        parsed->tokens = tokens;

        parsed->token_count = count;

        tokens[i].slotID = isFIPS ? FIPS_SLOT_ID : PRIVATE_KEY_SLOT_ID;

        tokens[i].certPrefix = certPrefix;

        tokens[i].keyPrefix = keyPrefix;

        tokens[i].minPW = minPW ? atoi(minPW) : 0;

        tokens[i].readOnly = parsed->readOnly;

        tokens[i].noCertDB = parsed->noCertDB;

        tokens[i].noKeyDB = parsed->noCertDB;

        tokens[i].forceOpen = parsed->forceOpen;

        tokens[i].pwRequired = parsed->pwRequired;

        tokens[i].optimizeSpace = parsed->optimizeSpace;

        tokens[0].optimizeSpace = parsed->optimizeSpace;

        certPrefix = NULL;

        keyPrefix = NULL;

        if (isFIPS) {

            tokens[i].tokdes = ftokdes;

            tokens[i].updtokdes = pupdtokdes;

            tokens[i].slotdes = fslotdes;

            fslotdes = NULL;

            ftokdes = NULL;

            pupdtokdes = NULL;

        } else {

            tokens[i].tokdes = ptokdes;

            tokens[i].updtokdes = pupdtokdes;

            tokens[i].slotdes = pslotdes;

            tokens[0].slotID = NETSCAPE_SLOT_ID;

            tokens[0].tokdes = tokdes;

            tokens[0].slotdes = slotdes;

            tokens[0].noCertDB = PR_TRUE;

            tokens[0].noKeyDB = PR_TRUE;

            pupdtokdes = NULL;

            ptokdes = NULL;

            pslotdes = NULL;

            tokdes = NULL;

            slotdes = NULL;

loser:

    FREE_CLEAR(certPrefix);

    FREE_CLEAR(keyPrefix);

    FREE_CLEAR(tokdes);

    FREE_CLEAR(ptokdes);

    FREE_CLEAR(pupdtokdes);

    FREE_CLEAR(slotdes);

    FREE_CLEAR(pslotdes);

    FREE_CLEAR(fslotdes);

    FREE_CLEAR(ftokdes);

    FREE_CLEAR(minPW);

    return CKR_OK;

void

sftk_freeParams(sftk_parameters *params)

    int i;

    for (i = 0; i < params->token_count; i++) {

        FREE_CLEAR(params->tokens[i].configdir);

        FREE_CLEAR(params->tokens[i].certPrefix);

        FREE_CLEAR(params->tokens[i].keyPrefix);

        FREE_CLEAR(params->tokens[i].tokdes);

        FREE_CLEAR(params->tokens[i].slotdes);

        FREE_CLEAR(params->tokens[i].updatedir);

        FREE_CLEAR(params->tokens[i].updCertPrefix);

        FREE_CLEAR(params->tokens[i].updKeyPrefix);

        FREE_CLEAR(params->tokens[i].updateID);

        FREE_CLEAR(params->tokens[i].updtokdes);

    FREE_CLEAR(params->configdir);

    FREE_CLEAR(params->secmodName);

    FREE_CLEAR(params->man);

    FREE_CLEAR(params->libdes);

    FREE_CLEAR(params->tokens);

    FREE_CLEAR(params->updatedir);

    FREE_CLEAR(params->updateID);

PRBool

sftk_RawArgHasFlag(const char *entry, const char *flag, const void *pReserved)

    CK_C_INITIALIZE_ARGS *init_args = (CK_C_INITIALIZE_ARGS *)pReserved;

    /* if we don't have any params, the flag isn't set */

    if ((!init_args || !init_args->LibraryParameters)) {

        return PR_FALSE;

    return NSSUTIL_ArgHasFlag(entry, flag, (const char *)init_args->LibraryParameters);