/*
* get the value from that tag value pair.
*/
char *
NSSUTIL_ArgGetParamValue(const char *paramName, const char *parameters)
{
char searchValue[256];
int paramLen = strlen(paramName);
char *returnValue = NULL;
int next;
if ((parameters == NULL) || (*parameters == 0))
return NULL;
PORT_Assert(paramLen + 2 < sizeof(searchValue));
PORT_Strcpy(searchValue, paramName);
PORT_Strcat(searchValue, "=");
while (*parameters) {
if (PORT_Strncasecmp(parameters, searchValue, paramLen + 1) == 0) {
parameters += paramLen + 1;
returnValue = NSSUTIL_ArgFetchValue(parameters, &next);
break;
} else {
parameters = NSSUTIL_ArgSkipParameter(parameters);
}
parameters = NSSUTIL_ArgStrip(parameters);
}
return returnValue;
}
static CK_RV
sftk_parseTokenParameters(char *param, sftk_token_parameters *parsed)
{
int next;
char *tmp = NULL;
const char *index;
index = NSSUTIL_ArgStrip(param);
while (*index) {
NSSUTIL_HANDLE_STRING_ARG(index, parsed->configdir, "configDir=", ;)
NSSUTIL_HANDLE_STRING_ARG(index, parsed->updatedir, "updateDir=", ;)
/* parse all the slot specific parameters. */
struct NSSUTILPreSlotInfoStr *
NSSUTIL_ArgParseSlotInfo(PRArenaPool *arena, char *slotParams, int *retCount)
{
char *slotIndex;
struct NSSUTILPreSlotInfoStr *slotInfo = NULL;
int i=0,count = 0,next;
*retCount = 0;
if ((slotParams == NULL) || (*slotParams == 0)) return NULL;
/* first count the number of slots */
for (slotIndex = NSSUTIL_ArgStrip(slotParams); *slotIndex;
slotIndex = NSSUTIL_ArgStrip(NSSUTIL_ArgSkipParameter(slotIndex))) {
count++;
}
/* get the data structures */
if (arena) {
slotInfo = PORT_ArenaZNewArray(arena,
struct NSSUTILPreSlotInfoStr, count);
} else {
/*
* decode a number. handle octal (leading '0'), hex (leading '0x') or decimal
*/
long
NSSUTIL_ArgDecodeNumber(const char *num)
{
int radix = 10;
unsigned long value = 0;
long retValue = 0;
int sign = 1;
int digit;
if (num == NULL)
return retValue;
num = NSSUTIL_ArgStrip(num);
if (*num == '-') {
sign = -1;
num++;
}
if (*num == '0') {
radix = 8;
num++;
if ((*num == 'x') || (*num == 'X')) {
radix = 16;
num++;
}
}
for (; *num; num++) {
if (isdigit(*num)) {
digit = *num - '0';
} else if ((*num >= 'a') && (*num <= 'f')) {
digit = *num - 'a' + 10;
} else if ((*num >= 'A') && (*num <= 'F')) {
digit = *num - 'A' + 10;
} else {
break;
}
if (digit >= radix)
break;
value = value * radix + digit;
}
retValue = ((int)value) * sign;
return retValue;
}
/* stripped is the rest of the parameters with configdir= stripped out */
static SECStatus
parse_parameters(const char *parameters, char **filename, char **stripped)
{
const char *sourcePrev;
const char *sourceCurr;
char *targetCurr;
char *newStripped;
*filename = NULL;
*stripped = NULL;
newStripped = PORT_Alloc(PORT_Strlen(parameters)+2);
targetCurr = newStripped;
sourcePrev = parameters;
sourceCurr = NSSUTIL_ArgStrip(parameters);
TARGET_SPEC_COPY(targetCurr, sourcePrev, sourceCurr);
while (*sourceCurr) {
int next;
sourcePrev = sourceCurr;
NSSUTIL_HANDLE_STRING_ARG(sourceCurr, *filename, "configdir=",
sourcePrev = sourceCurr; )
NSSUTIL_HANDLE_FINAL_ARG(sourceCurr);
TARGET_SPEC_COPY(targetCurr, sourcePrev, sourceCurr);
}
/*
* Add a module to the Data base
*/
static SECStatus
nssutil_AddSecmodDBEntry(const char *appName,
const char *filename, const char *dbname,
char *module, PRBool rw)
{
os_stat_type stat_existing;
os_open_permissions_type file_mode;
FILE *fd = NULL;
char *block = NULL;
PRBool libFound = PR_FALSE;
if (dbname == NULL) {
PORT_SetError(SEC_ERROR_INVALID_ARGS);
return SECFailure;
}
/* can't write to a read only module */
if (!rw) {
PORT_SetError(SEC_ERROR_READ_ONLY);
return SECFailure;
}
/* remove the previous version if it exists */
(void) nssutil_DeleteSecmodDBEntry(appName, filename, dbname, module, rw);
/* get the permissions of the existing file, or use the default */
if (!os_stat(dbname, &stat_existing)) {
file_mode = stat_existing.st_mode;
} else {
file_mode = os_open_permissions_default;
}
fd = lfopen(dbname, lfopen_append, file_mode);
if (fd == NULL) {
return SECFailure;
}
module = NSSUTIL_ArgStrip(module);
while (*module) {
int count;
char *keyEnd = PORT_Strchr(module,'=');
char *value;
if (PORT_Strncmp(module, "library=", 8) == 0) {
libFound=PR_TRUE;
}
if (keyEnd == NULL) {
block = nssutil_DupCat(block, module);
break;
}
block = nssutil_DupnCat(block, module, keyEnd-module+1);
if (block == NULL) { goto loser; }
value = NSSUTIL_ArgFetchValue(&keyEnd[1], &count);
if (value) {
block = nssutil_DupCat(block, NSSUTIL_ArgStrip(value));
PORT_Free(value);
}
if (block == NULL) { goto loser; }
block = nssutil_DupnCat(block, "\n", 1);
module = keyEnd + 1 + count;
module = NSSUTIL_ArgStrip(module);
}
if (block) {
if (!libFound) {
fprintf(fd,"library=\n");
}
fwrite(block, PORT_Strlen(block), 1, fd);
fprintf(fd,"\n");
PORT_Free(block);
block = NULL;
}
fclose(fd);
return SECSuccess;
loser:
PORT_Free(block);
fclose(fd);
return SECFailure;
}
/*
* Find any tokens= values in the module spec.
* Always return a new spec which does not have any tokens= arguments.
* If tokens= arguments are found, Split the the various tokens defined into
* an array of child specs to return.
*
* Caller is responsible for freeing the child spec and the new token
* spec.
*/
char *
secmod_ParseModuleSpecForTokens(PRBool convert, PRBool isFIPS,
char *moduleSpec, char ***children,
CK_SLOT_ID **ids)
{
int newSpecLen = PORT_Strlen(moduleSpec)+2;
char *newSpec = PORT_Alloc(newSpecLen);
char *newSpecPtr = newSpec;
char *modulePrev = moduleSpec;
char *target = NULL;
char *tmp = NULL;
char **childArray = NULL;
char *tokenIndex;
CK_SLOT_ID *idArray = NULL;
int tokenCount = 0;
int i;
if (newSpec == NULL) {
return NULL;
}
*children = NULL;
if (ids) {
*ids = NULL;
}
moduleSpec = NSSUTIL_ArgStrip(moduleSpec);
SECMOD_SPEC_COPY(newSpecPtr, modulePrev, moduleSpec);
/* Notes on 'convert' and 'isFIPS' flags: The base parameters for opening
* a new softoken module takes the following parameters to name the
* various tokens:
*
* cryptoTokenDescription: name of the non-fips crypto token.
* cryptoSlotDescription: name of the non-fips crypto slot.
* dbTokenDescription: name of the non-fips db token.
* dbSlotDescription: name of the non-fips db slot.
* FIPSTokenDescription: name of the fips db/crypto token.
* FIPSSlotDescription: name of the fips db/crypto slot.
*
* if we are opening a new slot, we need to have the following
* parameters:
* tokenDescription: name of the token.
* slotDescription: name of the slot.
*
*
* The convert flag tells us to drop the unnecessary *TokenDescription
* and *SlotDescription arguments and convert the appropriate pair
* (either db or FIPS based on the isFIPS flag) to tokenDescription and
* slotDescription).
*/
/*
* walk down the list. if we find a tokens= argument, save it,
* otherise copy the argument.
*/
while (*moduleSpec) {
int next;
modulePrev = moduleSpec;
NSSUTIL_HANDLE_STRING_ARG(moduleSpec, target, "tokens=",
modulePrev = moduleSpec; /* skip copying */ )
NSSUTIL_HANDLE_STRING_ARG(moduleSpec, tmp, "cryptoTokenDescription=",
if (convert) { modulePrev = moduleSpec; } );
NSSUTIL_HANDLE_STRING_ARG(moduleSpec, tmp, "cryptoSlotDescription=",
if (convert) { modulePrev = moduleSpec; } );
NSSUTIL_HANDLE_STRING_ARG(moduleSpec, tmp, "dbTokenDescription=",
if (convert) {
modulePrev = moduleSpec;
if (!isFIPS) {
newSpecPtr = secmod_doDescCopy(newSpecPtr,
&newSpecLen, SECMOD_TOKEN_DESCRIPTION,
sizeof(SECMOD_TOKEN_DESCRIPTION)-1, tmp);
}
});
/*
* Add a module to the Data base
*/
static SECStatus
nssutil_AddSecmodDB(const char *appName,
const char *filename, const char *dbname,
char *module, PRBool rw)
{
FILE *fd = NULL;
char *block = NULL;
PRBool libFound = PR_FALSE;
if (dbname == NULL) {
PORT_SetError(SEC_ERROR_INVALID_ARGS);
return SECFailure;
}
/* can't write to a read only module */
if (!rw) {
PORT_SetError(SEC_ERROR_READ_ONLY);
return SECFailure;
}
/* remove the previous version if it exists */
(void) nssutil_DeleteSecmodDB(appName, filename,
dbname, module, rw);
fd = lfopen(dbname, "a+", O_CREAT|O_RDWR|O_APPEND);
if (fd == NULL) {
return SECFailure;
}
module = NSSUTIL_ArgStrip(module);
while (*module) {
int count;
char *keyEnd = PORT_Strchr(module,'=');
char *value;
if (PORT_Strncmp(module, "library=", 8) == 0) {
libFound=PR_TRUE;
}
if (keyEnd == NULL) {
block = nssutil_DupCat(block, module);
break;
}
block = nssutil_DupnCat(block, module, keyEnd-module+1);
if (block == NULL) { goto loser; }
value = NSSUTIL_ArgFetchValue(&keyEnd[1], &count);
if (value) {
block = nssutil_DupCat(block, NSSUTIL_ArgStrip(value));
PORT_Free(value);
}
if (block == NULL) { goto loser; }
block = nssutil_DupnCat(block, "\n", 1);
module = keyEnd + 1 + count;
module = NSSUTIL_ArgStrip(module);
}
if (block) {
if (!libFound) {
fprintf(fd,"library=\n");
}
fwrite(block, PORT_Strlen(block), 1, fd);
fprintf(fd,"\n");
PORT_Free(block);
block = NULL;
}
fclose(fd);
return SECSuccess;
loser:
PORT_Free(block);
fclose(fd);
return SECFailure;
}
