andre@0: /* This Source Code Form is subject to the terms of the Mozilla Public andre@0: * License, v. 2.0. If a copy of the MPL was not distributed with this andre@0: * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ andre@0: /* andre@0: * The following code handles the storage of PKCS 11 modules used by the andre@0: * NSS. This file is written to abstract away how the modules are andre@0: * stored so we can deside that later. andre@0: */ andre@0: #include "pkcs11i.h" andre@0: #include "sdb.h" andre@0: #include "prprf.h" andre@0: #include "prenv.h" andre@0: #include "utilpars.h" andre@0: andre@0: #define FREE_CLEAR(p) if (p) { PORT_Free(p); p = NULL; } andre@0: andre@0: static void andre@0: sftk_parseTokenFlags(char *tmp, sftk_token_parameters *parsed) { andre@0: parsed->readOnly = NSSUTIL_ArgHasFlag("flags","readOnly",tmp); andre@0: parsed->noCertDB = NSSUTIL_ArgHasFlag("flags","noCertDB",tmp); andre@0: parsed->noKeyDB = NSSUTIL_ArgHasFlag("flags","noKeyDB",tmp); andre@0: parsed->forceOpen = NSSUTIL_ArgHasFlag("flags","forceOpen",tmp); andre@0: parsed->pwRequired = NSSUTIL_ArgHasFlag("flags","passwordRequired",tmp); andre@0: parsed->optimizeSpace = NSSUTIL_ArgHasFlag("flags","optimizeSpace",tmp); andre@0: return; andre@0: } andre@0: andre@0: static void andre@0: sftk_parseFlags(char *tmp, sftk_parameters *parsed) { andre@0: parsed->noModDB = NSSUTIL_ArgHasFlag("flags","noModDB",tmp); andre@0: parsed->readOnly = NSSUTIL_ArgHasFlag("flags","readOnly",tmp); andre@0: /* keep legacy interface working */ andre@0: parsed->noCertDB = NSSUTIL_ArgHasFlag("flags","noCertDB",tmp); andre@0: parsed->forceOpen = NSSUTIL_ArgHasFlag("flags","forceOpen",tmp); andre@0: parsed->pwRequired = NSSUTIL_ArgHasFlag("flags","passwordRequired",tmp); andre@0: parsed->optimizeSpace = NSSUTIL_ArgHasFlag("flags","optimizeSpace",tmp); andre@0: return; andre@0: } andre@0: andre@0: static CK_RV andre@0: sftk_parseTokenParameters(char *param, sftk_token_parameters *parsed) andre@0: { andre@0: int next; andre@0: char *tmp = NULL; andre@0: char *index; andre@0: index = NSSUTIL_ArgStrip(param); andre@0: andre@0: while (*index) { andre@0: NSSUTIL_HANDLE_STRING_ARG(index,parsed->configdir,"configDir=",;) andre@0: NSSUTIL_HANDLE_STRING_ARG(index,parsed->updatedir,"updateDir=",;) andre@0: NSSUTIL_HANDLE_STRING_ARG(index,parsed->updCertPrefix, andre@0: "updateCertPrefix=",;) andre@0: NSSUTIL_HANDLE_STRING_ARG(index,parsed->updKeyPrefix, andre@0: "updateKeyPrefix=",;) andre@0: NSSUTIL_HANDLE_STRING_ARG(index,parsed->updateID,"updateID=",;) andre@0: NSSUTIL_HANDLE_STRING_ARG(index,parsed->certPrefix,"certPrefix=",;) andre@0: NSSUTIL_HANDLE_STRING_ARG(index,parsed->keyPrefix,"keyPrefix=",;) andre@0: NSSUTIL_HANDLE_STRING_ARG(index,parsed->tokdes,"tokenDescription=",;) andre@0: NSSUTIL_HANDLE_STRING_ARG(index,parsed->updtokdes, andre@0: "updateTokenDescription=",;) andre@0: NSSUTIL_HANDLE_STRING_ARG(index,parsed->slotdes,"slotDescription=",;) andre@0: NSSUTIL_HANDLE_STRING_ARG(index,tmp,"minPWLen=", andre@0: if(tmp) { parsed->minPW=atoi(tmp); PORT_Free(tmp); tmp = NULL; }) andre@0: NSSUTIL_HANDLE_STRING_ARG(index,tmp,"flags=", andre@0: if(tmp) { sftk_parseTokenFlags(param,parsed); PORT_Free(tmp); andre@0: tmp = NULL; }) andre@0: NSSUTIL_HANDLE_FINAL_ARG(index) andre@0: } andre@0: return CKR_OK; andre@0: } andre@0: andre@0: static void andre@0: sftk_parseTokens(char *tokenParams, sftk_parameters *parsed) andre@0: { andre@0: char *tokenIndex; andre@0: sftk_token_parameters *tokens = NULL; andre@0: int i=0,count = 0,next; andre@0: andre@0: if ((tokenParams == NULL) || (*tokenParams == 0)) return; andre@0: andre@0: /* first count the number of slots */ andre@0: for (tokenIndex = NSSUTIL_ArgStrip(tokenParams); *tokenIndex; andre@0: tokenIndex = NSSUTIL_ArgStrip(NSSUTIL_ArgSkipParameter(tokenIndex))) { andre@0: count++; andre@0: } andre@0: andre@0: /* get the data structures */ andre@0: tokens = (sftk_token_parameters *) andre@0: PORT_ZAlloc(count*sizeof(sftk_token_parameters)); andre@0: if (tokens == NULL) return; andre@0: andre@0: for (tokenIndex = NSSUTIL_ArgStrip(tokenParams), i = 0; andre@0: *tokenIndex && i < count ; i++ ) { andre@0: char *name; andre@0: name = NSSUTIL_ArgGetLabel(tokenIndex,&next); andre@0: tokenIndex += next; andre@0: andre@0: tokens[i].slotID = NSSUTIL_ArgDecodeNumber(name); andre@0: tokens[i].readOnly = PR_FALSE; andre@0: tokens[i].noCertDB = PR_FALSE; andre@0: tokens[i].noKeyDB = PR_FALSE; andre@0: if (!NSSUTIL_ArgIsBlank(*tokenIndex)) { andre@0: char *args = NSSUTIL_ArgFetchValue(tokenIndex,&next); andre@0: tokenIndex += next; andre@0: if (args) { andre@0: sftk_parseTokenParameters(args,&tokens[i]); andre@0: PORT_Free(args); andre@0: } andre@0: } andre@0: if (name) PORT_Free(name); andre@0: tokenIndex = NSSUTIL_ArgStrip(tokenIndex); andre@0: } andre@0: parsed->token_count = i; andre@0: parsed->tokens = tokens; andre@0: return; andre@0: } andre@0: andre@0: CK_RV andre@0: sftk_parseParameters(char *param, sftk_parameters *parsed, PRBool isFIPS) andre@0: { andre@0: int next; andre@0: char *tmp = NULL; andre@0: char *index; andre@0: char *certPrefix = NULL, *keyPrefix = NULL; andre@0: char *tokdes = NULL, *ptokdes = NULL, *pupdtokdes = NULL; andre@0: char *slotdes = NULL, *pslotdes = NULL; andre@0: char *fslotdes = NULL, *ftokdes = NULL; andre@0: char *minPW = NULL; andre@0: index = NSSUTIL_ArgStrip(param); andre@0: andre@0: PORT_Memset(parsed, 0, sizeof(sftk_parameters)); andre@0: andre@0: while (*index) { andre@0: NSSUTIL_HANDLE_STRING_ARG(index,parsed->configdir,"configDir=",;) andre@0: NSSUTIL_HANDLE_STRING_ARG(index,parsed->updatedir,"updateDir=",;) andre@0: NSSUTIL_HANDLE_STRING_ARG(index,parsed->updateID,"updateID=",;) andre@0: NSSUTIL_HANDLE_STRING_ARG(index,parsed->secmodName,"secmod=",;) andre@0: NSSUTIL_HANDLE_STRING_ARG(index,parsed->man,"manufacturerID=",;) andre@0: NSSUTIL_HANDLE_STRING_ARG(index,parsed->libdes,"libraryDescription=",;) andre@0: /* constructed values, used so legacy interfaces still work */ andre@0: NSSUTIL_HANDLE_STRING_ARG(index,certPrefix,"certPrefix=",;) andre@0: NSSUTIL_HANDLE_STRING_ARG(index,keyPrefix,"keyPrefix=",;) andre@0: NSSUTIL_HANDLE_STRING_ARG(index,tokdes,"cryptoTokenDescription=",;) andre@0: NSSUTIL_HANDLE_STRING_ARG(index,ptokdes,"dbTokenDescription=",;) andre@0: NSSUTIL_HANDLE_STRING_ARG(index,slotdes,"cryptoSlotDescription=",;) andre@0: NSSUTIL_HANDLE_STRING_ARG(index,pslotdes,"dbSlotDescription=",;) andre@0: NSSUTIL_HANDLE_STRING_ARG(index,fslotdes,"FIPSSlotDescription=",;) andre@0: NSSUTIL_HANDLE_STRING_ARG(index,ftokdes,"FIPSTokenDescription=",;) andre@0: NSSUTIL_HANDLE_STRING_ARG(index,pupdtokdes, "updateTokenDescription=",;) andre@0: NSSUTIL_HANDLE_STRING_ARG(index,minPW,"minPWLen=",;) andre@0: andre@0: NSSUTIL_HANDLE_STRING_ARG(index,tmp,"flags=", andre@0: if(tmp) { sftk_parseFlags(param,parsed); PORT_Free(tmp); andre@0: tmp = NULL; }) andre@0: NSSUTIL_HANDLE_STRING_ARG(index,tmp,"tokens=", andre@0: if(tmp) { sftk_parseTokens(tmp,parsed); PORT_Free(tmp); tmp = NULL; }) andre@0: NSSUTIL_HANDLE_FINAL_ARG(index) andre@0: } andre@0: if (parsed->tokens == NULL) { andre@0: int count = isFIPS ? 1 : 2; andre@0: int index = count-1; andre@0: sftk_token_parameters *tokens = NULL; andre@0: andre@0: tokens = (sftk_token_parameters *) andre@0: PORT_ZAlloc(count*sizeof(sftk_token_parameters)); andre@0: if (tokens == NULL) { andre@0: goto loser; andre@0: } andre@0: parsed->tokens = tokens; andre@0: parsed->token_count = count; andre@0: tokens[index].slotID = isFIPS ? FIPS_SLOT_ID : PRIVATE_KEY_SLOT_ID; andre@0: tokens[index].certPrefix = certPrefix; andre@0: tokens[index].keyPrefix = keyPrefix; andre@0: tokens[index].minPW = minPW ? atoi(minPW) : 0; andre@0: tokens[index].readOnly = parsed->readOnly; andre@0: tokens[index].noCertDB = parsed->noCertDB; andre@0: tokens[index].noKeyDB = parsed->noCertDB; andre@0: tokens[index].forceOpen = parsed->forceOpen; andre@0: tokens[index].pwRequired = parsed->pwRequired; andre@0: tokens[index].optimizeSpace = parsed->optimizeSpace; andre@0: tokens[0].optimizeSpace = parsed->optimizeSpace; andre@0: certPrefix = NULL; andre@0: keyPrefix = NULL; andre@0: if (isFIPS) { andre@0: tokens[index].tokdes = ftokdes; andre@0: tokens[index].updtokdes = pupdtokdes; andre@0: tokens[index].slotdes = fslotdes; andre@0: fslotdes = NULL; andre@0: ftokdes = NULL; andre@0: pupdtokdes = NULL; andre@0: } else { andre@0: tokens[index].tokdes = ptokdes; andre@0: tokens[index].updtokdes = pupdtokdes; andre@0: tokens[index].slotdes = pslotdes; andre@0: tokens[0].slotID = NETSCAPE_SLOT_ID; andre@0: tokens[0].tokdes = tokdes; andre@0: tokens[0].slotdes = slotdes; andre@0: tokens[0].noCertDB = PR_TRUE; andre@0: tokens[0].noKeyDB = PR_TRUE; andre@0: pupdtokdes = NULL; andre@0: ptokdes = NULL; andre@0: pslotdes = NULL; andre@0: tokdes = NULL; andre@0: slotdes = NULL; andre@0: } andre@0: } andre@0: andre@0: loser: andre@0: FREE_CLEAR(certPrefix); andre@0: FREE_CLEAR(keyPrefix); andre@0: FREE_CLEAR(tokdes); andre@0: FREE_CLEAR(ptokdes); andre@0: FREE_CLEAR(pupdtokdes); andre@0: FREE_CLEAR(slotdes); andre@0: FREE_CLEAR(pslotdes); andre@0: FREE_CLEAR(fslotdes); andre@0: FREE_CLEAR(ftokdes); andre@0: FREE_CLEAR(minPW); andre@0: return CKR_OK; andre@0: } andre@0: andre@0: void andre@0: sftk_freeParams(sftk_parameters *params) andre@0: { andre@0: int i; andre@0: andre@0: for (i=0; i < params->token_count; i++) { andre@0: FREE_CLEAR(params->tokens[i].configdir); andre@0: FREE_CLEAR(params->tokens[i].certPrefix); andre@0: FREE_CLEAR(params->tokens[i].keyPrefix); andre@0: FREE_CLEAR(params->tokens[i].tokdes); andre@0: FREE_CLEAR(params->tokens[i].slotdes); andre@0: FREE_CLEAR(params->tokens[i].updatedir); andre@0: FREE_CLEAR(params->tokens[i].updCertPrefix); andre@0: FREE_CLEAR(params->tokens[i].updKeyPrefix); andre@0: FREE_CLEAR(params->tokens[i].updateID); andre@0: FREE_CLEAR(params->tokens[i].updtokdes); andre@0: } andre@0: andre@0: FREE_CLEAR(params->configdir); andre@0: FREE_CLEAR(params->secmodName); andre@0: FREE_CLEAR(params->man); andre@0: FREE_CLEAR(params->libdes); andre@0: FREE_CLEAR(params->tokens); andre@0: FREE_CLEAR(params->updatedir); andre@0: FREE_CLEAR(params->updateID); andre@0: } andre@0: