static NSSSlot *
nssSlot_CreateFromPK11SlotInfo(NSSTrustDomain *td, PK11SlotInfo *nss3slot)
{
NSSSlot *rvSlot;
NSSArena *arena;
arena = nssArena_Create();
if (!arena) {
return NULL;
}
rvSlot = nss_ZNEW(arena, NSSSlot);
if (!rvSlot) {
nssArena_Destroy(arena);
return NULL;
}
rvSlot->base.refCount = 1;
rvSlot->base.lock = PZ_NewLock(nssILockOther);
rvSlot->base.arena = arena;
rvSlot->pk11slot = nss3slot;
rvSlot->epv = nss3slot->functionList;
rvSlot->slotID = nss3slot->slotID;
/* Grab the slot name from the PKCS#11 fixed-length buffer */
rvSlot->base.name = nssUTF8_Duplicate(nss3slot->slot_name,td->arena);
rvSlot->lock = (nss3slot->isThreadSafe) ? NULL : nss3slot->sessionLock;
return rvSlot;
}
SECStatus
launch_threads(
startFn *startFunc,
PRFileDesc *a,
PRFileDesc *b,
int c,
PRBool local)
{
int i;
SECStatus rv = SECSuccess;
/* create the thread management serialization structs */
qLock = PZ_NewLock(nssILockSelfServ);
jobQNotEmptyCv = PZ_NewCondVar(qLock);
freeListNotEmptyCv = PZ_NewCondVar(qLock);
threadCountChangeCv = PZ_NewCondVar(qLock);
/* create monitor for crl reload procedure */
lastLoadedCrlLock = PR_NewLock();
/* allocate the array of thread slots */
threads = PR_Calloc(maxThreads, sizeof(perThread));
if ( NULL == threads ) {
fprintf(stderr, "Oh Drat! Can't allocate the perThread array\n");
return SECFailure;
}
/* 5 is a little extra, intended to keep the jobQ from underflowing.
** That is, from going empty while not stopping and clients are still
** trying to contact us.
*/
rv = setupJobs(maxThreads + 5);
if (rv != SECSuccess)
return rv;
PZ_Lock(qLock);
for (i = 0; i < maxThreads; ++i) {
perThread * slot = threads + i;
slot->state = rs_running;
slot->a = a;
slot->b = b;
slot->c = c;
slot->startFunc = startFunc;
slot->prThread = PR_CreateThread(PR_USER_THREAD,
thread_wrapper, slot, PR_PRIORITY_NORMAL,
(PR_TRUE==local)?PR_LOCAL_THREAD:PR_GLOBAL_THREAD,
PR_UNJOINABLE_THREAD, 0);
if (slot->prThread == NULL) {
printf("selfserv: Failed to launch thread!\n");
slot->state = rs_idle;
rv = SECFailure;
break;
}
++threadCount;
}
PZ_Unlock(qLock);
return rv;
}
/* InitSessionCacheLocks is called, protected by lockOnce, to create the
* session cache locks. */
static PRStatus
InitSessionCacheLocks(void)
{
SECStatus rv;
cacheLock = PZ_NewLock(nssILockCache);
if (cacheLock == NULL) {
return PR_FAILURE;
}
rv = ssl_InitSymWrapKeysLock();
if (rv != SECSuccess) {
PRErrorCode error = PORT_GetError();
PZ_DestroyLock(cacheLock);
cacheLock = NULL;
PORT_SetError(error);
return PR_FAILURE;
}
rv = NSS_RegisterShutdown(FreeSessionCacheLocks, NULL);
PORT_Assert(SECSuccess == rv);
if (SECSuccess != rv) {
return PR_FAILURE;
}
return PR_SUCCESS;
}
/* build the PKCS #11 2.01 lock files */
CK_RV PR_CALLBACK
secmodCreateMutext(CK_VOID_PTR_PTR pmutex)
{
*pmutex = (CK_VOID_PTR)PZ_NewLock(nssILockOther);
if (*pmutex)
return CKR_OK;
return CKR_HOST_MEMORY;
}
static PRStatus
rng_init(void)
{
PRUint8 bytes[PRNG_SEEDLEN * 2]; /* entropy + nonce */
unsigned int numBytes;
SECStatus rv = SECSuccess;
if (globalrng == NULL) {
/* bytes needs to have enough space to hold
* a SHA256 hash value. Blow up at compile time if this isn't true */
PR_STATIC_ASSERT(sizeof(bytes) >= SHA256_LENGTH);
/* create a new global RNG context */
globalrng = &theGlobalRng;
PORT_Assert(NULL == globalrng->lock);
/* create a lock for it */
globalrng->lock = PZ_NewLock(nssILockOther);
if (globalrng->lock == NULL) {
globalrng = NULL;
PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
return PR_FAILURE;
}
/* Try to get some seed data for the RNG */
numBytes = (unsigned int)RNG_SystemRNG(bytes, sizeof bytes);
PORT_Assert(numBytes == 0 || numBytes == sizeof bytes);
if (numBytes != 0) {
/* if this is our first call, instantiate, otherwise reseed
* prng_instantiate gets a new clean state, we want to mix
* any previous entropy we may have collected */
if (V(globalrng)[0] == 0) {
rv = prng_instantiate(globalrng, bytes, numBytes);
} else {
rv = prng_reseed_test(globalrng, bytes, numBytes, NULL, 0);
}
memset(bytes, 0, numBytes);
} else {
PZ_DestroyLock(globalrng->lock);
globalrng->lock = NULL;
globalrng = NULL;
return PR_FAILURE;
}
if (rv != SECSuccess) {
return PR_FAILURE;
}
/* the RNG is in a valid state */
globalrng->isValid = PR_TRUE;
globalrng->isKatTest = PR_FALSE;
/* fetch one random value so that we can populate rng->oldV for our
* continous random number test. */
prng_generateNewBytes(globalrng, bytes, SHA256_LENGTH, NULL, 0);
/* Fetch more entropy into the PRNG */
RNG_SystemInfoForRNG();
}
return PR_SUCCESS;
}
NSSToken *
nssToken_CreateFromPK11SlotInfo(NSSTrustDomain *td, PK11SlotInfo *nss3slot)
{
NSSToken *rvToken;
NSSArena *arena;
/* Don't create a token object for a disabled slot */
if (nss3slot->disabled) {
PORT_SetError(SEC_ERROR_NO_TOKEN);
return NULL;
}
arena = nssArena_Create();
if (!arena) {
return NULL;
}
rvToken = nss_ZNEW(arena, NSSToken);
if (!rvToken) {
nssArena_Destroy(arena);
return NULL;
}
rvToken->base.refCount = 1;
rvToken->base.lock = PZ_NewLock(nssILockOther);
if (!rvToken->base.lock) {
nssArena_Destroy(arena);
return NULL;
}
rvToken->base.arena = arena;
rvToken->pk11slot = nss3slot;
rvToken->epv = nss3slot->functionList;
rvToken->defaultSession = nssSession_ImportNSS3Session(td->arena,
nss3slot->session,
nss3slot->sessionLock,
nss3slot->defRWSession);
/* continue, even if rvToken->defaultSession is NULL */
if (!PK11_IsInternal(nss3slot) && PK11_IsHW(nss3slot)) {
rvToken->cache = nssTokenObjectCache_Create(rvToken,
PR_TRUE, PR_TRUE, PR_TRUE);
if (!rvToken->cache)
goto loser;
}
rvToken->trustDomain = td;
/* Grab the token name from the PKCS#11 fixed-length buffer */
rvToken->base.name = nssUTF8_Duplicate(nss3slot->token_name,td->arena);
rvToken->slot = nssSlot_CreateFromPK11SlotInfo(td, nss3slot);
if (!rvToken->slot) {
goto loser;
}
rvToken->slot->token = rvToken;
if (rvToken->defaultSession)
rvToken->defaultSession->slot = rvToken->slot;
return rvToken;
loser:
PZ_DestroyLock(rvToken->base.lock);
nssArena_Destroy(arena);
return NULL;
}
/*
* nssHash_create
*
*/
NSS_IMPLEMENT nssHash *
nssHash_Create
(
NSSArena *arenaOpt,
PRUint32 numBuckets,
PLHashFunction keyHash,
PLHashComparator keyCompare,
PLHashComparator valueCompare
)
{
nssHash *rv;
NSSArena *arena;
PRBool i_alloced;
#ifdef NSSDEBUG
if( arenaOpt && PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
nss_SetError(NSS_ERROR_INVALID_POINTER);
return (nssHash *)NULL;
}
#endif /* NSSDEBUG */
if (arenaOpt) {
arena = arenaOpt;
i_alloced = PR_FALSE;
} else {
arena = nssArena_Create();
i_alloced = PR_TRUE;
}
rv = nss_ZNEW(arena, nssHash);
if( (nssHash *)NULL == rv ) {
goto loser;
}
rv->mutex = PZ_NewLock(nssILockOther);
if( (PZLock *)NULL == rv->mutex ) {
goto loser;
}
rv->plHashTable = PL_NewHashTable(numBuckets,
keyHash, keyCompare, valueCompare,
&nssArenaHashAllocOps, arena);
if( (PLHashTable *)NULL == rv->plHashTable ) {
(void)PZ_DestroyLock(rv->mutex);
goto loser;
}
rv->count = 0;
rv->arena = arena;
rv->i_alloced_arena = i_alloced;
return rv;
loser:
(void)nss_ZFreeIf(rv);
return (nssHash *)NULL;
}
/* create a new module */
static SECMODModule *
secmod_NewModule(void)
{
SECMODModule *newMod;
PLArenaPool *arena;
/* create an arena in which dllName and commonName can be
* allocated.
*/
arena = PORT_NewArena(512);
if (arena == NULL) {
return NULL;
}
newMod = (SECMODModule *)PORT_ArenaAlloc(arena,sizeof (SECMODModule));
if (newMod == NULL) {
PORT_FreeArena(arena,PR_FALSE);
return NULL;
}
/*
* initialize of the fields of the module
*/
newMod->arena = arena;
newMod->internal = PR_FALSE;
newMod->loaded = PR_FALSE;
newMod->isFIPS = PR_FALSE;
newMod->dllName = NULL;
newMod->commonName = NULL;
newMod->library = NULL;
newMod->functionList = NULL;
newMod->slotCount = 0;
newMod->slots = NULL;
newMod->slotInfo = NULL;
newMod->slotInfoCount = 0;
newMod->refCount = 1;
newMod->ssl[0] = 0;
newMod->ssl[1] = 0;
newMod->libraryParams = NULL;
newMod->moduleDBFunc = NULL;
newMod->parent = NULL;
newMod->isCritical = PR_FALSE;
newMod->isModuleDB = PR_FALSE;
newMod->moduleDBOnly = PR_FALSE;
newMod->trustOrder = 0;
newMod->cipherOrder = 0;
newMod->evControlMask = 0;
newMod->refLock = PZ_NewLock(nssILockRefLock);
if (newMod->refLock == NULL) {
PORT_FreeArena(arena,PR_FALSE);
return NULL;
}
return newMod;
}
NSS_IMPLEMENT nssCertificateStore *
nssCertificateStore_Create (
NSSArena *arenaOpt
)
{
NSSArena *arena;
nssCertificateStore *store;
PRBool i_alloced_arena;
if (arenaOpt) {
arena = arenaOpt;
i_alloced_arena = PR_FALSE;
} else {
arena = nssArena_Create();
if (!arena) {
return NULL;
}
i_alloced_arena = PR_TRUE;
}
store = nss_ZNEW(arena, nssCertificateStore);
if (!store) {
goto loser;
}
store->lock = PZ_NewLock(nssILockOther);
if (!store->lock) {
goto loser;
}
/* Create the issuer/serial --> {cert, trust, S/MIME profile } hash */
store->issuer_and_serial = nssHash_CreateCertificate(arena, 0);
if (!store->issuer_and_serial) {
goto loser;
}
/* Create the subject DER --> subject list hash */
store->subject = nssHash_CreateItem(arena, 0);
if (!store->subject) {
goto loser;
}
store->arena = arena;
store->i_alloced_arena = i_alloced_arena;
return store;
loser:
if (store) {
if (store->lock) {
PZ_DestroyLock(store->lock);
}
if (store->issuer_and_serial) {
nssHash_Destroy(store->issuer_and_serial);
}
if (store->subject) {
nssHash_Destroy(store->subject);
}
}
if (i_alloced_arena) {
nssArena_Destroy(arena);
}
return NULL;
}
static PRStatus
init_blinding_params_list(void)
{
blindingParamsList.lock = PZ_NewLock(nssILockOther);
if (!blindingParamsList.lock) {
PORT_SetError(SEC_ERROR_NO_MEMORY);
return PR_FAILURE;
}
PR_INIT_CLIST(&blindingParamsList.head);
return PR_SUCCESS;
}
PLArenaPool *
PORT_NewArena(unsigned long chunksize)
{
PORTArenaPool *pool;
pool = PORT_ZNew(PORTArenaPool);
if (!pool) {
return NULL;
}
pool->magic = ARENAPOOL_MAGIC;
pool->lock = PZ_NewLock(nssILockArena);
if (!pool->lock) {
++port_allocFailures;
PORT_Free(pool);
return NULL;
}
PL_InitArenaPool(&pool->arena, "security", chunksize, sizeof(double));
return(&pool->arena);
}
/********************* Arena code follows *****************************
* ArenaPools are like heaps. The memory in them consists of large blocks,
* called arenas, which are allocated from the/a system heap. Inside an
* ArenaPool, the arenas are organized as if they were in a stack. Newly
* allocated arenas are "pushed" on that stack. When you attempt to
* allocate memory from an ArenaPool, the code first looks to see if there
* is enough unused space in the top arena on the stack to satisfy your
* request, and if so, your request is satisfied from that arena.
* Otherwise, a new arena is allocated (or taken from NSPR's list of freed
* arenas) and pushed on to the stack. The new arena is always big enough
* to satisfy the request, and is also at least a minimum size that is
* established at the time that the ArenaPool is created.
*
* The ArenaMark function returns the address of a marker in the arena at
* the top of the arena stack. It is the address of the place in the arena
* on the top of the arena stack from which the next block of memory will
* be allocated. Each ArenaPool has its own separate stack, and hence
* marks are only relevant to the ArenaPool from which they are gotten.
* Marks may be nested. That is, a thread can get a mark, and then get
* another mark.
*
* It is intended that all the marks in an ArenaPool may only be owned by a
* single thread. In DEBUG builds, this is enforced. In non-DEBUG builds,
* it is not. In DEBUG builds, when a thread gets a mark from an
* ArenaPool, no other thread may acquire a mark in that ArenaPool while
* that mark exists, that is, until that mark is unmarked or released.
* Therefore, it is important that every mark be unmarked or released when
* the creating thread has no further need for exclusive ownership of the
* right to manage the ArenaPool.
*
* The ArenaUnmark function discards the ArenaMark at the address given,
* and all marks nested inside that mark (that is, acquired from that same
* ArenaPool while that mark existed). It is an error for a thread other
* than the mark's creator to try to unmark it. When a thread has unmarked
* all its marks from an ArenaPool, then another thread is able to set
* marks in that ArenaPool. ArenaUnmark does not deallocate (or "pop") any
* memory allocated from the ArenaPool since the mark was created.
*
* ArenaRelease "pops" the stack back to the mark, deallocating all the
* memory allocated from the arenas in the ArenaPool since that mark was
* created, and removing any arenas from the ArenaPool that have no
* remaining active allocations when that is done. It implicitly releases
* any marks nested inside the mark being explicitly released. It is the
* only operation, other than destroying the arenapool, that potentially
* reduces the number of arenas on the stack. Otherwise, the stack grows
* until the arenapool is destroyed, at which point all the arenas are
* freed or returned to a "free arena list", depending on their sizes.
*/
PLArenaPool *
PORT_NewArena(unsigned long chunksize)
{
PORTArenaPool *pool;
if (chunksize > MAX_SIZE) {
PORT_SetError(SEC_ERROR_NO_MEMORY);
return NULL;
}
pool = PORT_ZNew(PORTArenaPool);
if (!pool) {
return NULL;
}
pool->magic = ARENAPOOL_MAGIC;
pool->lock = PZ_NewLock(nssILockArena);
if (!pool->lock) {
PORT_Free(pool);
return NULL;
}
PL_InitArenaPool(&pool->arena, "security", chunksize, sizeof(double));
return (&pool->arena);
}
/*
* Common Helper Function do come up with a new context.
*/
static PK11Context *pk11_CreateNewContextInSlot(CK_MECHANISM_TYPE type,
PK11SlotInfo *slot, CK_ATTRIBUTE_TYPE operation, PK11SymKey *symKey,
SECItem *param)
{
CK_MECHANISM mech_info;
PK11Context *context;
SECStatus rv;
PORT_Assert(slot != NULL);
if (!slot || (!symKey && operation != CKA_DIGEST)) {
PORT_SetError(SEC_ERROR_INVALID_ARGS);
return NULL;
}
context = (PK11Context *) PORT_Alloc(sizeof(PK11Context));
if (context == NULL) {
return NULL;
}
/* now deal with the fortezza hack... the fortezza hack is an attempt
* to get around the issue of the card not allowing you to do a FORTEZZA
* LoadIV/Encrypt, which was added because such a combination could be
* use to circumvent the key escrow system. Unfortunately SSL needs to
* do this kind of operation, so in SSL we do a loadIV (to verify it),
* Then GenerateIV, and through away the first 8 bytes on either side
* of the connection.*/
context->fortezzaHack = PR_FALSE;
if (type == CKM_SKIPJACK_CBC64) {
if (symKey->origin == PK11_OriginFortezzaHack) {
context->fortezzaHack = PR_TRUE;
}
}
/* initialize the critical fields of the context */
context->operation = operation;
context->key = symKey ? PK11_ReferenceSymKey(symKey) : NULL;
context->slot = PK11_ReferenceSlot(slot);
context->session = pk11_GetNewSession(slot,&context->ownSession);
context->cx = symKey ? symKey->cx : NULL;
/* get our session */
context->savedData = NULL;
/* save the parameters so that some digesting stuff can do multiple
* begins on a single context */
context->type = type;
if (param) {
if (param->len > 0) {
context->param = SECITEM_DupItem(param);
} else {
context->param = (SECItem *)&pk11_null_params;
}
} else {
context->param = NULL;
}
context->init = PR_FALSE;
context->sessionLock = PZ_NewLock(nssILockPK11cxt);
if ((context->param == NULL) || (context->sessionLock == NULL)) {
PK11_DestroyContext(context,PR_TRUE);
return NULL;
}
mech_info.mechanism = type;
mech_info.pParameter = param->data;
mech_info.ulParameterLen = param->len;
PK11_EnterContextMonitor(context);
rv = pk11_context_init(context,&mech_info);
PK11_ExitContextMonitor(context);
if (rv != SECSuccess) {
PK11_DestroyContext(context,PR_TRUE);
return NULL;
}
context->init = PR_TRUE;
return context;
}
/* this should not be exposed in a header, but is here to keep the above
* types/functions static
*/
NSS_IMPLEMENT PRStatus
nssTrustDomain_InitializeCache (
NSSTrustDomain *td,
PRUint32 cacheSize
)
{
NSSArena *arena;
nssTDCertificateCache *cache = td->cache;
#ifdef DEBUG_CACHE
s_log = PR_NewLogModule("nss_cache");
PR_ASSERT(s_log);
#endif
PR_ASSERT(!cache);
arena = nssArena_Create();
if (!arena) {
return PR_FAILURE;
}
cache = nss_ZNEW(arena, nssTDCertificateCache);
if (!cache) {
nssArena_Destroy(arena);
return PR_FAILURE;
}
cache->lock = PZ_NewLock(nssILockCache);
if (!cache->lock) {
nssArena_Destroy(arena);
return PR_FAILURE;
}
/* Create the issuer and serial DER --> certificate hash */
cache->issuerAndSN = nssHash_CreateCertificate(arena, cacheSize);
if (!cache->issuerAndSN) {
goto loser;
}
/* Create the subject DER --> subject list hash */
cache->subject = nssHash_CreateItem(arena, cacheSize);
if (!cache->subject) {
goto loser;
}
/* Create the nickname --> subject list hash */
cache->nickname = nssHash_CreateString(arena, cacheSize);
if (!cache->nickname) {
goto loser;
}
/* Create the email --> list of subject lists hash */
cache->email = nssHash_CreateString(arena, cacheSize);
if (!cache->email) {
goto loser;
}
cache->arena = arena;
td->cache = cache;
#ifdef DEBUG_CACHE
PR_LOG(s_log, PR_LOG_DEBUG, ("Cache initialized."));
#endif
return PR_SUCCESS;
loser:
PZ_DestroyLock(cache->lock);
nssArena_Destroy(arena);
td->cache = NULL;
#ifdef DEBUG_CACHE
PR_LOG(s_log, PR_LOG_DEBUG, ("Cache initialization failed."));
#endif
return PR_FAILURE;
}
static SECStatus
ssl_InitClientSessionCacheLock(void)
{
cacheLock = PZ_NewLock(nssILockCache);
return cacheLock ? SECSuccess : SECFailure;
}
