1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
|
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include <plarena.h>
#include <prerror.h>
#include <prio.h>
#include <prprf.h>
#include <seccomon.h>
#include <secmod.h>
#include <jar.h>
#include <secutil.h>
/* These are installation functions that make calls to the security library.
* We don't want to include security include files in the C++ code too much.
*/
static char *PR_fgets(char *buf, int size, PRFileDesc *file);
/***************************************************************************
*
* P k 1 1 I n s t a l l _ A d d N e w M o d u l e
*/
int
Pk11Install_AddNewModule(char *moduleName, char *dllPath,
unsigned long defaultMechanismFlags,
unsigned long cipherEnableFlags)
{
return (SECMOD_AddNewModule(moduleName, dllPath,
SECMOD_PubMechFlagstoInternal(defaultMechanismFlags),
SECMOD_PubCipherFlagstoInternal(cipherEnableFlags)) == SECSuccess)
? 0
: -1;
}
/*************************************************************************
*
* P k 1 1 I n s t a l l _ U s e r V e r i f y J a r
*
* Gives the user feedback on the signatures of a JAR files, asks them
* whether they actually want to continue.
* Assumes the jar structure has already been created and is valid.
* Returns 0 if the user wants to continue the installation, nonzero
* if the user wishes to abort.
*/
short
Pk11Install_UserVerifyJar(JAR *jar, PRFileDesc *out, PRBool query)
{
JAR_Context *ctx;
JAR_Cert *fing;
JAR_Item *item;
char stdinbuf[80];
int count = 0;
CERTCertificate *cert, *prev = NULL;
PR_fprintf(out, "\nThis installation JAR file was signed by:\n");
ctx = JAR_find(jar, NULL, jarTypeSign);
while (JAR_find_next(ctx, &item) >= 0) {
fing = (JAR_Cert *)item->data;
cert = fing->cert;
if (cert == prev) {
continue;
}
count++;
PR_fprintf(out, "----------------------------------------------\n");
if (cert) {
if (cert->nickname) {
PR_fprintf(out, "**NICKNAME**\n%s\n", cert->nickname);
}
if (cert->subjectName) {
PR_fprintf(out, "**SUBJECT NAME**\n%s\n", cert->subjectName);
}
if (cert->issuerName) {
PR_fprintf(out, "**ISSUER NAME**\n%s\n", cert->issuerName);
}
} else {
PR_fprintf(out, "No matching certificate could be found.\n");
}
PR_fprintf(out, "----------------------------------------------\n\n");
prev = cert;
}
JAR_find_end(ctx);
if (count == 0) {
PR_fprintf(out, "No signatures found: JAR FILE IS UNSIGNED.\n");
}
if (query) {
PR_fprintf(out,
"Do you wish to continue this installation? (y/n) ");
if (PR_fgets(stdinbuf, 80, PR_STDIN) != NULL) {
char *response;
if ((response = strtok(stdinbuf, " \t\n\r"))) {
if (!PL_strcasecmp(response, "y") ||
!PL_strcasecmp(response, "yes")) {
return 0;
}
}
}
}
return 1;
}
/**************************************************************************
*
* P R _ f g e t s
*
* fgets implemented with NSPR.
*/
static char *
PR_fgets(char *buf, int size, PRFileDesc *file)
{
int i;
int status;
char c;
i = 0;
while (i < size - 1) {
status = PR_Read(file, (void *)&c, 1);
if (status == -1) {
return NULL;
} else if (status == 0) {
break;
}
buf[i++] = c;
if (c == '\n') {
break;
}
}
buf[i] = '\0';
return buf;
}
/**************************************************************************
*
* m y S E C U _ E r r o r S t r i n g
*
*/
const char *
mySECU_ErrorString(PRErrorCode errnum)
{
return SECU_Strerror(errnum);
}
|
