summaryrefslogtreecommitdiff
path: root/security/nss/lib/softoken/pk11pars.h
diff options
context:
space:
mode:
authorcvs2hg <devnull@localhost>2003-12-06 06:34:21 +0000
committercvs2hg <devnull@localhost>2003-12-06 06:34:21 +0000
commit3169f792190208925d8182e248006bb770ffd357 (patch)
treee6f47099b0641d8c26b9a8cbb37ea290376ac41d /security/nss/lib/softoken/pk11pars.h
parent4a8a6c26b6278cb6359fabd743efc45e94bfc878 (diff)
downloadnss-hg-3169f792190208925d8182e248006bb770ffd357.tar.gz
fixup commit for tag 'JSS_3_5_1_RTM'JSS_3_5_1_RTM
Diffstat (limited to 'security/nss/lib/softoken/pk11pars.h')
-rw-r--r--security/nss/lib/softoken/pk11pars.h852
1 files changed, 0 insertions, 852 deletions
diff --git a/security/nss/lib/softoken/pk11pars.h b/security/nss/lib/softoken/pk11pars.h
deleted file mode 100644
index 5fc939f80..000000000
--- a/security/nss/lib/softoken/pk11pars.h
+++ /dev/null
@@ -1,852 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2001 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * The following handles the loading, unloading and management of
- * various PCKS #11 modules
- */
-
-
-/*
- * this header file contains routines for parsing PKCS #11 module spec
- * strings. It contains 'C' code and should only be included in one module.
- * Currently it is included in both softoken and the wrapper.
- */
-#include <ctype.h>
-#include "pkcs11.h"
-#include "seccomon.h"
-#include "prprf.h"
-#include "secmodt.h"
-#include "pk11init.h"
-
-#define PK11_ARG_LIBRARY_PARAMETER "library="
-#define PK11_ARG_NAME_PARAMETER "name="
-#define PK11_ARG_MODULE_PARAMETER "parameters="
-#define PK11_ARG_NSS_PARAMETER "NSS="
-#define PK11_ARG_FORTEZZA_FLAG "FORTEZZA"
-#define PK11_ARG_ESCAPE '\\'
-
-struct pk11argSlotFlagTable {
- char *name;
- int len;
- unsigned long value;
-};
-
-#define PK11_DEFAULT_CIPHER_ORDER 0
-#define PK11_DEFAULT_TRUST_ORDER 50
-
-
-#define PK11_ARG_ENTRY(arg,flag) \
-{ #arg , sizeof(#arg)-1, flag }
-static struct pk11argSlotFlagTable pk11_argSlotFlagTable[] = {
- PK11_ARG_ENTRY(RSA,SECMOD_RSA_FLAG),
- PK11_ARG_ENTRY(DSA,SECMOD_RSA_FLAG),
- PK11_ARG_ENTRY(RC2,SECMOD_RC4_FLAG),
- PK11_ARG_ENTRY(RC4,SECMOD_RC2_FLAG),
- PK11_ARG_ENTRY(DES,SECMOD_DES_FLAG),
- PK11_ARG_ENTRY(DH,SECMOD_DH_FLAG),
- PK11_ARG_ENTRY(FORTEZZA,SECMOD_FORTEZZA_FLAG),
- PK11_ARG_ENTRY(RC5,SECMOD_RC5_FLAG),
- PK11_ARG_ENTRY(SHA1,SECMOD_SHA1_FLAG),
- PK11_ARG_ENTRY(MD5,SECMOD_MD5_FLAG),
- PK11_ARG_ENTRY(MD2,SECMOD_MD2_FLAG),
- PK11_ARG_ENTRY(SSL,SECMOD_SSL_FLAG),
- PK11_ARG_ENTRY(TLS,SECMOD_TLS_FLAG),
- PK11_ARG_ENTRY(AES,SECMOD_AES_FLAG),
- PK11_ARG_ENTRY(PublicCerts,SECMOD_FRIENDLY_FLAG),
- PK11_ARG_ENTRY(RANDOM,SECMOD_RANDOM_FLAG),
-};
-
-#define PK11_HANDLE_STRING_ARG(param,target,value,command) \
- if (PORT_Strncasecmp(param,value,sizeof(value)-1) == 0) { \
- param += sizeof(value)-1; \
- target = pk11_argFetchValue(param,&next); \
- param += next; \
- command ;\
- } else
-
-#define PK11_HANDLE_FINAL_ARG(param) \
- { param = pk11_argSkipParameter(param); } param = pk11_argStrip(param);
-
-
-static int pk11_argSlotFlagTableSize =
- sizeof(pk11_argSlotFlagTable)/sizeof(pk11_argSlotFlagTable[0]);
-
-
-static PRBool pk11_argGetPair(char c) {
- switch (c) {
- case '\'': return c;
- case '\"': return c;
- case '<': return '>';
- case '{': return '}';
- case '[': return ']';
- case '(': return ')';
- default: break;
- }
- return ' ';
-}
-
-static PRBool pk11_argIsBlank(char c) {
- return isspace(c);
-}
-
-static PRBool pk11_argIsEscape(char c) {
- return c == '\\';
-}
-
-static PRBool pk11_argIsQuote(char c) {
- switch (c) {
- case '\'':
- case '\"':
- case '<':
- case '{': /* } end curly to keep vi bracket matching working */
- case '(': /* ) */
- case '[': /* ] */ return PR_TRUE;
- default: break;
- }
- return PR_FALSE;
-}
-
-static PRBool pk11_argHasChar(char *v, char c)
-{
- for ( ;*v; v++) {
- if (*v == c) return PR_TRUE;
- }
- return PR_FALSE;
-}
-
-static PRBool pk11_argHasBlanks(char *v)
-{
- for ( ;*v; v++) {
- if (pk11_argIsBlank(*v)) return PR_TRUE;
- }
- return PR_FALSE;
-}
-
-static char *pk11_argStrip(char *c) {
- while (*c && pk11_argIsBlank(*c)) c++;
- return c;
-}
-
-static char *
-pk11_argFindEnd(char *string) {
- char endChar = ' ';
- PRBool lastEscape = PR_FALSE;
-
- if (pk11_argIsQuote(*string)) {
- endChar = pk11_argGetPair(*string);
- string++;
- }
-
- for (;*string; string++) {
- if (lastEscape) {
- lastEscape = PR_FALSE;
- continue;
- }
- if (pk11_argIsEscape(*string) && !lastEscape) {
- lastEscape = PR_TRUE;
- continue;
- }
- if ((endChar == ' ') && pk11_argIsBlank(*string)) break;
- if (*string == endChar) {
- break;
- }
- }
-
- return string;
-}
-
-static char *
-pk11_argFetchValue(char *string, int *pcount)
-{
- char *end = pk11_argFindEnd(string);
- char *retString, *copyString;
- PRBool lastEscape = PR_FALSE;
-
- *pcount = (end - string)+1;
-
- if (*pcount == 0) return NULL;
-
- copyString = retString = (char *)PORT_Alloc(*pcount);
- if (retString == NULL) return NULL;
-
- if (pk11_argIsQuote(*string)) string++;
- for (; string < end; string++) {
- if (pk11_argIsEscape(*string) && !lastEscape) {
- lastEscape = PR_TRUE;
- continue;
- }
- lastEscape = PR_FALSE;
- *copyString++ = *string;
- }
- *copyString = 0;
- return retString;
-}
-
-static char *
-pk11_argSkipParameter(char *string)
-{
- char *end;
- /* look for the end of the <name>= */
- for (;*string; string++) {
- if (*string == '=') { string++; break; }
- if (pk11_argIsBlank(*string)) return(string);
- }
-
- end = pk11_argFindEnd(string);
- if (*end) end++;
- return end;
-}
-
-
-static SECStatus
-pk11_argParseModuleSpec(char *modulespec, char **lib, char **mod,
- char **parameters, char **nss)
-{
- int next;
- modulespec = pk11_argStrip(modulespec);
-
- *lib = *mod = *parameters = *nss = 0;
-
- while (*modulespec) {
- PK11_HANDLE_STRING_ARG(modulespec,*lib,PK11_ARG_LIBRARY_PARAMETER,;)
- PK11_HANDLE_STRING_ARG(modulespec,*mod,PK11_ARG_NAME_PARAMETER,;)
- PK11_HANDLE_STRING_ARG(modulespec,*parameters,
- PK11_ARG_MODULE_PARAMETER,;)
- PK11_HANDLE_STRING_ARG(modulespec,*nss,PK11_ARG_NSS_PARAMETER,;)
- PK11_HANDLE_FINAL_ARG(modulespec)
- }
- return SECSuccess;
-}
-
-
-static char *
-pk11_argGetParamValue(char *paramName,char *parameters)
-{
- char searchValue[256];
- int paramLen = strlen(paramName);
- char *returnValue = NULL;
- int next;
-
- if ((parameters == NULL) || (*parameters == 0)) return NULL;
-
- PORT_Assert(paramLen+2 < sizeof(searchValue));
-
- PORT_Strcpy(searchValue,paramName);
- PORT_Strcat(searchValue,"=");
- while (*parameters) {
- if (PORT_Strncasecmp(parameters,searchValue,paramLen+1) == 0) {
- parameters += paramLen+1;
- returnValue = pk11_argFetchValue(parameters,&next);
- break;
- } else {
- parameters = pk11_argSkipParameter(parameters);
- }
- parameters = pk11_argStrip(parameters);
- }
- return returnValue;
-}
-
-
-static char *
-pk11_argNextFlag(char *flags)
-{
- for (; *flags ; flags++) {
- if (*flags == ',') {
- flags++;
- break;
- }
- }
- return flags;
-}
-
-static PRBool
-pk11_argHasFlag(char *label, char *flag, char *parameters)
-{
- char *flags,*index;
- int len = strlen(flag);
- PRBool found = PR_FALSE;
-
- flags = pk11_argGetParamValue(label,parameters);
- if (flags == NULL) return PR_FALSE;
-
- for (index=flags; *index; index=pk11_argNextFlag(index)) {
- if (PORT_Strncasecmp(index,flag,len) == 0) {
- found=PR_TRUE;
- break;
- }
- }
- PORT_Free(flags);
- return found;
-}
-
-static void
-pk11_argSetNewCipherFlags(unsigned long *newCiphers,char *cipherList)
-{
- newCiphers[0] = newCiphers[1] = 0;
- if ((cipherList == NULL) || (*cipherList == 0)) return;
-
- for (;*cipherList; cipherList=pk11_argNextFlag(cipherList)) {
- if (PORT_Strncasecmp(cipherList,PK11_ARG_FORTEZZA_FLAG,
- sizeof(PK11_ARG_FORTEZZA_FLAG)-1) == 0) {
- newCiphers[0] |= SECMOD_FORTEZZA_FLAG;
- }
-
- /* add additional flags here as necessary */
- /* direct bit mapping escape */
- if (*cipherList == 0) {
- if (cipherList[1] == 'l') {
- newCiphers[1] |= atoi(&cipherList[2]);
- } else {
- newCiphers[0] |= atoi(&cipherList[2]);
- }
- }
- }
-}
-
-
-/*
- * decode a number. handle octal (leading '0'), hex (leading '0x') or decimal
- */
-static long
-pk11_argDecodeNumber(char *num)
-{
- int radix = 10;
- unsigned long value = 0;
- long retValue = 0;
- int sign = 1;
- int digit;
-
- if (num == NULL) return retValue;
-
- num = pk11_argStrip(num);
-
- if (*num == '-') {
- sign = -1;
- num++;
- }
-
- if (*num == '0') {
- radix = 8;
- num++;
- if ((*num == 'x') || (*num == 'X')) {
- radix = 16;
- num++;
- }
- }
-
-
- for ( ;*num; num++ ) {
- if (isdigit(*num)) {
- digit = *num - '0';
- } else if ((*num >= 'a') && (*num <= 'f')) {
- digit = *num - 'a' + 10;
- } else if ((*num >= 'A') && (*num <= 'F')) {
- digit = *num - 'A' + 10;
- } else {
- break;
- }
- if (digit >= radix) break;
- value = value*radix + digit;
- }
-
- retValue = ((int) value) * sign;
- return retValue;
-}
-
-static long
-pk11_argReadLong(char *label,char *params, long defValue, PRBool *isdefault)
-{
- char *value;
- long retValue;
- if (isdefault) *isdefault = PR_FALSE;
-
- value = pk11_argGetParamValue(label,params);
- if (value == NULL) {
- if (isdefault) *isdefault = PR_TRUE;
- return defValue;
- }
- retValue = pk11_argDecodeNumber(value);
- if (value) PORT_Free(value);
-
- return retValue;
-}
-
-
-static unsigned long
-pk11_argSlotFlags(char *label,char *params)
-{
- char *flags,*index;
- unsigned long retValue = 0;
- int i;
- PRBool all = PR_FALSE;
-
- flags = pk11_argGetParamValue(label,params);
- if (flags == NULL) return 0;
-
- if (PORT_Strcasecmp(flags,"all") == 0) all = PR_TRUE;
-
- for (index=flags; *index; index=pk11_argNextFlag(index)) {
- for (i=0; i < pk11_argSlotFlagTableSize; i++) {
- if (all || (PORT_Strncasecmp(index, pk11_argSlotFlagTable[i].name,
- pk11_argSlotFlagTable[i].len) == 0)) {
- retValue |= pk11_argSlotFlagTable[i].value;
- }
- }
- }
- PORT_Free(flags);
- return retValue;
-}
-
-
-static void
-pk11_argDecodeSingleSlotInfo(char *name,char *params,PK11PreSlotInfo *slotInfo)
-{
- char *askpw;
-
- slotInfo->slotID=pk11_argDecodeNumber(name);
- slotInfo->defaultFlags=pk11_argSlotFlags("slotFlags",params);
- slotInfo->timeout=pk11_argReadLong("timeout",params, 0, NULL);
-
- askpw = pk11_argGetParamValue("askpw",params);
- slotInfo->askpw = 0;
-
- if (askpw) {
- if (PORT_Strcasecmp(askpw,"every") == 0) {
- slotInfo->askpw = -1;
- } else if (PORT_Strcasecmp(askpw,"timeout") == 0) {
- slotInfo->askpw = 1;
- }
- PORT_Free(askpw);
- slotInfo->defaultFlags |= PK11_OWN_PW_DEFAULTS;
- }
- slotInfo->hasRootCerts = pk11_argHasFlag("rootFlags","hasRootCerts",params);
- slotInfo->hasRootTrust = pk11_argHasFlag("rootFlags","hasRootTrust",params);
-}
-
-static char *
-pk11_argGetName(char *inString, int *next)
-{
- char *name=NULL;
- char *string;
- int len;
-
- /* look for the end of the <name>= */
- for (string = inString;*string; string++) {
- if (*string == '=') { break; }
- if (pk11_argIsBlank(*string)) break;
- }
-
- len = string - inString;
-
- *next = len;
- if (*string == '=') (*next) += 1;
- if (len > 0) {
- name = PORT_Alloc(len+1);
- PORT_Strncpy(name,inString,len);
- name[len] = 0;
- }
- return name;
-}
-
-static PK11PreSlotInfo *
-pk11_argParseSlotInfo(PRArenaPool *arena, char *slotParams, int *retCount)
-{
- char *slotIndex;
- PK11PreSlotInfo *slotInfo = NULL;
- int i=0,count = 0,next;
-
- *retCount = 0;
- if ((slotParams == NULL) || (*slotParams == 0)) return NULL;
-
- /* first count the number of slots */
- for (slotIndex = pk11_argStrip(slotParams); *slotIndex;
- slotIndex = pk11_argStrip(pk11_argSkipParameter(slotIndex))) {
- count++;
- }
-
- /* get the data structures */
- if (arena) {
- slotInfo = (PK11PreSlotInfo *)
- PORT_ArenaAlloc(arena,count*sizeof(PK11PreSlotInfo));
- PORT_Memset(slotInfo,0,count*sizeof(PK11PreSlotInfo));
- } else {
- slotInfo = (PK11PreSlotInfo *)
- PORT_ZAlloc(count*sizeof(PK11PreSlotInfo));
- }
- if (slotInfo == NULL) return NULL;
-
- for (slotIndex = pk11_argStrip(slotParams), i = 0;
- *slotIndex && i < count ; ) {
- char *name;
- name = pk11_argGetName(slotIndex,&next);
- slotIndex += next;
-
- if (!pk11_argIsBlank(*slotIndex)) {
- char *args = pk11_argFetchValue(slotIndex,&next);
- slotIndex += next;
- if (args) {
- pk11_argDecodeSingleSlotInfo(name,args,&slotInfo[i]);
- i++;
- PORT_Free(args);
- }
- }
- if (name) PORT_Free(name);
- slotIndex = pk11_argStrip(slotIndex);
- }
- *retCount = i;
- return slotInfo;
-}
-
-static char *pk11_nullString = "";
-
-static char *
-pk11_formatValue(PRArenaPool *arena, char *value, char quote)
-{
- char *vp,*vp2,*retval;
- int size = 0, escapes = 0;
-
- for (vp=value; *vp ;vp++) {
- if ((*vp == quote) || (*vp == PK11_ARG_ESCAPE)) escapes++;
- size++;
- }
- if (arena) {
- retval = PORT_ArenaZAlloc(arena,size+escapes+1);
- } else {
- retval = PORT_ZAlloc(size+escapes+1);
- }
- if (retval == NULL) return NULL;
- vp2 = retval;
- for (vp=value; *vp; vp++) {
- if ((*vp == quote) || (*vp == PK11_ARG_ESCAPE))
- *vp2++ = PK11_ARG_ESCAPE;
- *vp2++ = *vp;
- }
- return retval;
-}
-
-static char *pk11_formatPair(char *name,char *value, char quote)
-{
- char openQuote = quote;
- char closeQuote = pk11_argGetPair(quote);
- char *newValue = NULL;
- char *returnValue;
- PRBool need_quote = PR_FALSE;
-
- if (!value || (*value == 0)) return pk11_nullString;
-
- if (pk11_argHasBlanks(value) || pk11_argIsQuote(value[0]))
- need_quote=PR_TRUE;
-
- if ((need_quote && pk11_argHasChar(value,closeQuote))
- || pk11_argHasChar(value,PK11_ARG_ESCAPE)) {
- value = newValue = pk11_formatValue(NULL, value,quote);
- if (newValue == NULL) return pk11_nullString;
- }
- if (need_quote) {
- returnValue = PR_smprintf("%s=%c%s%c",name,openQuote,value,closeQuote);
- } else {
- returnValue = PR_smprintf("%s=%s",name,value);
- }
- if (returnValue == NULL) returnValue = pk11_nullString;
-
- if (newValue) PORT_Free(newValue);
-
- return returnValue;
-}
-
-static char *pk11_formatIntPair(char *name,unsigned long value, unsigned long def)
-{
- char *returnValue;
-
- if (value == def) return pk11_nullString;
-
- returnValue = PR_smprintf("%s=%d",name,value);
-
- return returnValue;
-}
-
-static void
-pk11_freePair(char *pair)
-{
- if (pair && pair != pk11_nullString) {
- PR_smprintf_free(pair);
- }
-}
-
-#define MAX_FLAG_SIZE sizeof("internal")+sizeof("FIPS")+sizeof("moduleDB")+\
- sizeof("moduleDBOnly")+sizeof("critical")
-static char *
-pk11_mkNSSFlags(PRBool internal, PRBool isFIPS,
- PRBool isModuleDB, PRBool isModuleDBOnly, PRBool isCritical)
-{
- char *flags = (char *)PORT_ZAlloc(MAX_FLAG_SIZE);
- PRBool first = PR_TRUE;
-
- PORT_Memset(flags,0,MAX_FLAG_SIZE);
- if (internal) {
- PORT_Strcat(flags,"internal");
- first = PR_FALSE;
- }
- if (isFIPS) {
- if (!first) PORT_Strcat(flags,",");
- PORT_Strcat(flags,"FIPS");
- first = PR_FALSE;
- }
- if (isModuleDB) {
- if (!first) PORT_Strcat(flags,",");
- PORT_Strcat(flags,"moduleDB");
- first = PR_FALSE;
- }
- if (isModuleDBOnly) {
- if (!first) PORT_Strcat(flags,",");
- PORT_Strcat(flags,"moduleDBOnly");
- first = PR_FALSE;
- }
- if (isCritical) {
- if (!first) PORT_Strcat(flags,",");
- PORT_Strcat(flags,"critical");
- first = PR_FALSE;
- }
- return flags;
-}
-
-static char *
-pk11_mkCipherFlags(unsigned long ssl0, unsigned long ssl1)
-{
- char *cipher = NULL;
- int i;
-
- for (i=0; i < sizeof(ssl0)*8; i++) {
- if (ssl0 & (1<<i)) {
- char *string;
- if ((1<<i) == SECMOD_FORTEZZA_FLAG) {
- string = PR_smprintf("%s","FORTEZZA");
- } else {
- string = PR_smprintf("0h0x%08x",1<<i);
- }
- if (cipher) {
- char *tmp;
- tmp = PR_smprintf("%s,%s",cipher,string);
- PR_smprintf_free(cipher);
- PR_smprintf_free(string);
- tmp = cipher;
- } else {
- cipher = string;
- }
- }
- }
- for (i=0; i < sizeof(ssl0)*8; i++) {
- if (ssl1 & (1<<i)) {
- if (cipher) {
- char *tmp;
- tmp = PR_smprintf("%s,0l0x%08",cipher,1<<i);
- PR_smprintf_free(cipher);
- tmp = cipher;
- } else {
- cipher = PR_smprintf("0l0x%08x",1<<i);
- }
- }
- }
-
- return cipher;
-}
-
-static char *
-pk11_mkSlotFlags(unsigned long defaultFlags)
-{
- char *flags=NULL;
- int i,j;
-
- for (i=0; i < sizeof(defaultFlags)*8; i++) {
- if (defaultFlags & (1<<i)) {
- char *string = NULL;
-
- for (j=0; j < pk11_argSlotFlagTableSize; j++) {
- if (pk11_argSlotFlagTable[j].value == (((unsigned long)1)<<i)) {
- string = pk11_argSlotFlagTable[j].name;
- break;
- }
- }
- if (string) {
- if (flags) {
- char *tmp;
- tmp = PR_smprintf("%s,%s",flags,string);
- PR_smprintf_free(flags);
- flags = tmp;
- } else {
- flags = PR_smprintf("%s",string);
- }
- }
- }
- }
-
- return flags;
-}
-
-#define PK11_MAX_ROOT_FLAG_SIZE sizeof("hasRootCerts")+sizeof("hasRootTrust")
-
-static char *
-pk11_mkRootFlags(PRBool hasRootCerts, PRBool hasRootTrust)
-{
- char *flags= (char *)PORT_ZAlloc(PK11_MAX_ROOT_FLAG_SIZE);
- PRBool first = PR_TRUE;
-
- PORT_Memset(flags,0,PK11_MAX_ROOT_FLAG_SIZE);
- if (hasRootCerts) {
- PORT_Strcat(flags,"hasRootCerts");
- first = PR_FALSE;
- }
- if (hasRootTrust) {
- if (!first) PORT_Strcat(flags,",");
- PORT_Strcat(flags,"hasRootTrust");
- first = PR_FALSE;
- }
- return flags;
-}
-
-static char *
-pk11_mkSlotString(unsigned long slotID, unsigned long defaultFlags,
- unsigned long timeout, unsigned char askpw_in,
- PRBool hasRootCerts, PRBool hasRootTrust) {
- char *askpw,*flags,*rootFlags,*slotString;
- char *flagPair,*rootFlagsPair;
-
- switch (askpw_in) {
- case 0xff:
- askpw = "every";
- break;
- case 1:
- askpw = "timeout";
- break;
- default:
- askpw = "any";
- break;
- }
- flags = pk11_mkSlotFlags(defaultFlags);
- rootFlags = pk11_mkRootFlags(hasRootCerts,hasRootTrust);
- flagPair=pk11_formatPair("slotFlags",flags,'\'');
- rootFlagsPair=pk11_formatPair("rootFlags",rootFlags,'\'');
- if (flags) PR_smprintf_free(flags);
- if (rootFlags) PORT_Free(rootFlags);
- if (defaultFlags & PK11_OWN_PW_DEFAULTS) {
- slotString = PR_smprintf("0x%08x=[%s askpw=%s timeout=%d %s]",slotID,flagPair,askpw,timeout,rootFlagsPair);
- } else {
- slotString = PR_smprintf("0x%08x=[%s %s]",slotID,flagPair,rootFlagsPair);
- }
- pk11_freePair(flagPair);
- pk11_freePair(rootFlagsPair);
- return slotString;
-}
-
-static char *
-pk11_mkNSS(char **slotStrings, int slotCount, PRBool internal, PRBool isFIPS,
- PRBool isModuleDB, PRBool isModuleDBOnly, PRBool isCritical,
- unsigned long trustOrder, unsigned long cipherOrder,
- unsigned long ssl0, unsigned long ssl1) {
- int slotLen, i;
- char *slotParams, *ciphers, *nss, *nssFlags, *tmp;
- char *trustOrderPair,*cipherOrderPair,*slotPair,*cipherPair,*flagPair;
-
-
- /* now let's build up the string
- * first the slot infos
- */
- slotLen=0;
- for (i=0; i < (int)slotCount; i++) {
- slotLen += PORT_Strlen(slotStrings[i])+1;
- }
- slotLen += 1; /* space for the final NULL */
-
- slotParams = (char *)PORT_ZAlloc(slotLen);
- PORT_Memset(slotParams,0,slotLen);
- for (i=0; i < (int)slotCount; i++) {
- PORT_Strcat(slotParams,slotStrings[i]);
- PORT_Strcat(slotParams," ");
- PR_smprintf_free(slotStrings[i]);
- slotStrings[i]=NULL;
- }
-
- /*
- * now the NSS structure
- */
- nssFlags = pk11_mkNSSFlags(internal,isFIPS,isModuleDB,isModuleDBOnly,
- isCritical);
- /* for now only the internal module is critical */
- ciphers = pk11_mkCipherFlags(ssl0, ssl1);
-
- trustOrderPair=pk11_formatIntPair("trustOrder",trustOrder,
- PK11_DEFAULT_TRUST_ORDER);
- cipherOrderPair=pk11_formatIntPair("cipherOrder",cipherOrder,
- PK11_DEFAULT_CIPHER_ORDER);
- slotPair=pk11_formatPair("slotParams",slotParams,'{'); /* } */
- if (slotParams) PORT_Free(slotParams);
- cipherPair=pk11_formatPair("ciphers",ciphers,'\'');
- if (ciphers) PR_smprintf_free(ciphers);
- flagPair=pk11_formatPair("Flags",nssFlags,'\'');
- if (nssFlags) PORT_Free(nssFlags);
- nss = PR_smprintf("%s %s %s %s %s",trustOrderPair,
- cipherOrderPair,slotPair,cipherPair,flagPair);
- pk11_freePair(trustOrderPair);
- pk11_freePair(cipherOrderPair);
- pk11_freePair(slotPair);
- pk11_freePair(cipherPair);
- pk11_freePair(flagPair);
- tmp = pk11_argStrip(nss);
- if (*tmp == '\0') {
- PR_smprintf_free(nss);
- nss = NULL;
- }
- return nss;
-}
-
-static char *
-pk11_mkNewModuleSpec(char *dllName, char *commonName, char *parameters,
- char *NSS) {
- char *moduleSpec;
- char *lib,*name,*param,*nss;
-
- /*
- * now the final spec
- */
- lib = pk11_formatPair("library",dllName,'\"');
- name = pk11_formatPair("name",commonName,'\"');
- param = pk11_formatPair("parameters",parameters,'\"');
- nss = pk11_formatPair("NSS",NSS,'\"');
- moduleSpec = PR_smprintf("%s %s %s %s", lib,name,param,nss);
- pk11_freePair(lib);
- pk11_freePair(name);
- pk11_freePair(param);
- pk11_freePair(nss);
- return (moduleSpec);
-}
-