/************************************************************************
*
* U n s e t D e f a u l t M o d u l e
*/
Error
UnsetDefaultModule(char *moduleName, char *slotName, char *mechanisms)
{
SECMODModule *module = NULL;
PK11SlotInfo *slot;
int s, i;
unsigned long mechFlags = getFlagsFromString(mechanisms,
mechanismStrings, numMechanismStrings);
PRBool found = PR_FALSE;
Error rv;
mechFlags = SECMOD_PubMechFlagstoInternal(mechFlags);
module = SECMOD_FindModule(moduleName);
if (!module) {
PR_fprintf(PR_STDERR, errStrings[NO_SUCH_MODULE_ERR], moduleName);
rv = NO_SUCH_MODULE_ERR;
goto loser;
}
for (s = 0; s < module->slotCount; s++) {
slot = module->slots[s];
if ((slotName != NULL) &&
!((strcmp(PK11_GetSlotName(slot), slotName) == 0) ||
(strcmp(PK11_GetTokenName(slot), slotName) == 0))) {
/* we are only interested in changing the one slot */
continue;
}
for (i = 0; i < pk11_DefaultArraySize; i++) {
if (pk11_DefaultArray[i].flag & mechFlags) {
PK11_UpdateSlotAttribute(slot, &(pk11_DefaultArray[i]),
PR_FALSE);
}
}
}
if (slotName && !found) {
PR_fprintf(PR_STDERR, errStrings[NO_SUCH_SLOT_ERR], slotName);
rv = NO_SUCH_SLOT_ERR;
goto loser;
}
/* Delete and re-add module to save changes */
if (SECMOD_UpdateModule(module) != SECSuccess) {
PR_fprintf(PR_STDERR, errStrings[UNDEFAULT_FAILED_ERR],
moduleName);
rv = UNDEFAULT_FAILED_ERR;
goto loser;
}
PR_fprintf(PR_STDOUT, msgStrings[UNDEFAULT_SUCCESS_MSG]);
rv = SUCCESS;
loser:
if (module) {
SECMOD_DestroyModule(module);
}
return rv;
}
/***************************************************************************
*
* P k 1 1 I n s t a l l _ A d d N e w M o d u l e
*/
int
Pk11Install_AddNewModule(char* moduleName, char* dllPath,
unsigned long defaultMechanismFlags,
unsigned long cipherEnableFlags)
{
return (SECMOD_AddNewModule(moduleName, dllPath,
SECMOD_PubMechFlagstoInternal(defaultMechanismFlags),
SECMOD_PubCipherFlagstoInternal(cipherEnableFlags))
== SECSuccess) ? 0 : -1;
}
/**********************************************************************
*
* A d d M o d u l e
*
* Add the named module, with the given library file, ciphers, and
* default mechanism flags
*/
Error
AddModule(char *moduleName, char *libFile, char *cipherString,
char *mechanismString, char *modparms)
{
unsigned long ciphers;
unsigned long mechanisms;
SECStatus status;
mechanisms =
getFlagsFromString(mechanismString, mechanismStrings,
numMechanismStrings);
ciphers =
getFlagsFromString(cipherString, cipherStrings, numCipherStrings);
status =
SECMOD_AddNewModuleEx(moduleName, libFile,
SECMOD_PubMechFlagstoInternal(mechanisms),
SECMOD_PubCipherFlagstoInternal(ciphers),
modparms, NULL);
if (status != SECSuccess) {
char *errtxt = NULL;
PRInt32 copied = 0;
if (PR_GetErrorTextLength()) {
errtxt = PR_Malloc(PR_GetErrorTextLength() + 1);
copied = PR_GetErrorText(errtxt);
}
if (copied && errtxt) {
PR_fprintf(PR_STDERR, errStrings[ADD_MODULE_FAILED_ERR],
moduleName, errtxt);
PR_Free(errtxt);
} else {
PR_fprintf(PR_STDERR, errStrings[ADD_MODULE_FAILED_ERR],
moduleName, SECU_Strerror(PORT_GetError()));
}
return ADD_MODULE_FAILED_ERR;
} else {
PR_fprintf(PR_STDOUT, msgStrings[ADD_MODULE_SUCCESS_MSG], moduleName);
return SUCCESS;
}
}
// Add a new PKCS11 module to the user's profile.
NS_IMETHODIMP
nsPkcs11::AddModule(const nsAString& aModuleName,
const nsAString& aLibraryFullPath,
int32_t aCryptoMechanismFlags,
int32_t aCipherFlags)
{
nsNSSShutDownPreventionLock locker;
if (isAlreadyShutDown()) {
return NS_ERROR_NOT_AVAILABLE;
}
if (aModuleName.IsEmpty()) {
return NS_ERROR_INVALID_ARG;
}
NS_ConvertUTF16toUTF8 moduleName(aModuleName);
nsCString fullPath;
// NSS doesn't support Unicode path. Use native charset
NS_CopyUnicodeToNative(aLibraryFullPath, fullPath);
uint32_t mechFlags = SECMOD_PubMechFlagstoInternal(aCryptoMechanismFlags);
uint32_t cipherFlags = SECMOD_PubCipherFlagstoInternal(aCipherFlags);
SECStatus srv = SECMOD_AddNewModule(moduleName.get(), fullPath.get(),
mechFlags, cipherFlags);
if (srv != SECSuccess) {
return NS_ERROR_FAILURE;
}
#ifndef MOZ_NO_SMART_CARDS
mozilla::UniqueSECMODModule module(SECMOD_FindModule(moduleName.get()));
if (!module) {
return NS_ERROR_FAILURE;
}
nsCOMPtr<nsINSSComponent> nssComponent(
do_GetService(PSM_COMPONENT_CONTRACTID));
nssComponent->LaunchSmartCardThread(module.get());
#endif
return NS_OK;
}
/*************************************************************************
*
* S e t D e f a u l t M o d u l e
*
*/
Error
SetDefaultModule(char *moduleName, char *slotName, char *mechanisms)
{
SECMODModule *module = NULL;
PK11SlotInfo *slot;
int s, i;
unsigned long mechFlags = getFlagsFromString(mechanisms, mechanismStrings,
numMechanismStrings);
PRBool found = PR_FALSE;
Error errcode = UNSPECIFIED_ERR;
if (pk11_DefaultArray == NULL) {
pk11_DefaultArray = PK11_GetDefaultArray(&pk11_DefaultArraySize);
if (pk11_DefaultArray == NULL) {
/* should assert. This shouldn't happen */
goto loser;
}
}
mechFlags = SECMOD_PubMechFlagstoInternal(mechFlags);
module = SECMOD_FindModule(moduleName);
if(!module) {
PR_fprintf(PR_STDERR, errStrings[NO_SUCH_MODULE_ERR], moduleName);
errcode = NO_SUCH_MODULE_ERR;
goto loser;
}
/* Go through each slot */
for(s=0; s < module->slotCount; s++) {
slot = module->slots[s];
if ((slotName != NULL) &&
!((strcmp(PK11_GetSlotName(slot),slotName) == 0) ||
(strcmp(PK11_GetTokenName(slot),slotName) == 0)) ) {
/* we are only interested in changing the one slot */
continue;
}
found = PR_TRUE;
/* Go through each mechanism */
for(i=0; i < pk11_DefaultArraySize; i++) {
if(pk11_DefaultArray[i].flag & mechFlags) {
/* Enable this default mechanism */
PK11_UpdateSlotAttribute(slot, &(pk11_DefaultArray[i]),
PR_TRUE);
}
}
}
if (slotName && !found) {
PR_fprintf(PR_STDERR, errStrings[NO_SUCH_SLOT_ERR], slotName);
errcode = NO_SUCH_SLOT_ERR;
goto loser;
}
/* Delete and re-add module to save changes */
if( SECMOD_UpdateModule(module) != SECSuccess ) {
PR_fprintf(PR_STDERR, errStrings[DEFAULT_FAILED_ERR],
moduleName);
errcode = DEFAULT_FAILED_ERR;
goto loser;
}
PR_fprintf(PR_STDOUT, msgStrings[DEFAULT_SUCCESS_MSG]);
errcode = SUCCESS;
loser:
if (module) {
SECMOD_DestroyModule(module);
}
return errcode;
}
