/* * get the value from that tag value pair. */ char * NSSUTIL_ArgGetParamValue(const char *paramName, const char *parameters) { char searchValue[256]; int paramLen = strlen(paramName); char *returnValue = NULL; int next; if ((parameters == NULL) || (*parameters == 0)) return NULL; PORT_Assert(paramLen + 2 < sizeof(searchValue)); PORT_Strcpy(searchValue, paramName); PORT_Strcat(searchValue, "="); while (*parameters) { if (PORT_Strncasecmp(parameters, searchValue, paramLen + 1) == 0) { parameters += paramLen + 1; returnValue = NSSUTIL_ArgFetchValue(parameters, &next); break; } else { parameters = NSSUTIL_ArgSkipParameter(parameters); } parameters = NSSUTIL_ArgStrip(parameters); } return returnValue; }
static CK_RV sftk_parseTokenParameters(char *param, sftk_token_parameters *parsed) { int next; char *tmp = NULL; const char *index; index = NSSUTIL_ArgStrip(param); while (*index) { NSSUTIL_HANDLE_STRING_ARG(index, parsed->configdir, "configDir=", ;) NSSUTIL_HANDLE_STRING_ARG(index, parsed->updatedir, "updateDir=", ;)
/* parse all the slot specific parameters. */ struct NSSUTILPreSlotInfoStr * NSSUTIL_ArgParseSlotInfo(PRArenaPool *arena, char *slotParams, int *retCount) { char *slotIndex; struct NSSUTILPreSlotInfoStr *slotInfo = NULL; int i=0,count = 0,next; *retCount = 0; if ((slotParams == NULL) || (*slotParams == 0)) return NULL; /* first count the number of slots */ for (slotIndex = NSSUTIL_ArgStrip(slotParams); *slotIndex; slotIndex = NSSUTIL_ArgStrip(NSSUTIL_ArgSkipParameter(slotIndex))) { count++; } /* get the data structures */ if (arena) { slotInfo = PORT_ArenaZNewArray(arena, struct NSSUTILPreSlotInfoStr, count); } else {
/* * decode a number. handle octal (leading '0'), hex (leading '0x') or decimal */ long NSSUTIL_ArgDecodeNumber(const char *num) { int radix = 10; unsigned long value = 0; long retValue = 0; int sign = 1; int digit; if (num == NULL) return retValue; num = NSSUTIL_ArgStrip(num); if (*num == '-') { sign = -1; num++; } if (*num == '0') { radix = 8; num++; if ((*num == 'x') || (*num == 'X')) { radix = 16; num++; } } for (; *num; num++) { if (isdigit(*num)) { digit = *num - '0'; } else if ((*num >= 'a') && (*num <= 'f')) { digit = *num - 'a' + 10; } else if ((*num >= 'A') && (*num <= 'F')) { digit = *num - 'A' + 10; } else { break; } if (digit >= radix) break; value = value * radix + digit; } retValue = ((int)value) * sign; return retValue; }
/* stripped is the rest of the parameters with configdir= stripped out */ static SECStatus parse_parameters(const char *parameters, char **filename, char **stripped) { const char *sourcePrev; const char *sourceCurr; char *targetCurr; char *newStripped; *filename = NULL; *stripped = NULL; newStripped = PORT_Alloc(PORT_Strlen(parameters)+2); targetCurr = newStripped; sourcePrev = parameters; sourceCurr = NSSUTIL_ArgStrip(parameters); TARGET_SPEC_COPY(targetCurr, sourcePrev, sourceCurr); while (*sourceCurr) { int next; sourcePrev = sourceCurr; NSSUTIL_HANDLE_STRING_ARG(sourceCurr, *filename, "configdir=", sourcePrev = sourceCurr; ) NSSUTIL_HANDLE_FINAL_ARG(sourceCurr); TARGET_SPEC_COPY(targetCurr, sourcePrev, sourceCurr); }
/* * Add a module to the Data base */ static SECStatus nssutil_AddSecmodDBEntry(const char *appName, const char *filename, const char *dbname, char *module, PRBool rw) { os_stat_type stat_existing; os_open_permissions_type file_mode; FILE *fd = NULL; char *block = NULL; PRBool libFound = PR_FALSE; if (dbname == NULL) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } /* can't write to a read only module */ if (!rw) { PORT_SetError(SEC_ERROR_READ_ONLY); return SECFailure; } /* remove the previous version if it exists */ (void) nssutil_DeleteSecmodDBEntry(appName, filename, dbname, module, rw); /* get the permissions of the existing file, or use the default */ if (!os_stat(dbname, &stat_existing)) { file_mode = stat_existing.st_mode; } else { file_mode = os_open_permissions_default; } fd = lfopen(dbname, lfopen_append, file_mode); if (fd == NULL) { return SECFailure; } module = NSSUTIL_ArgStrip(module); while (*module) { int count; char *keyEnd = PORT_Strchr(module,'='); char *value; if (PORT_Strncmp(module, "library=", 8) == 0) { libFound=PR_TRUE; } if (keyEnd == NULL) { block = nssutil_DupCat(block, module); break; } block = nssutil_DupnCat(block, module, keyEnd-module+1); if (block == NULL) { goto loser; } value = NSSUTIL_ArgFetchValue(&keyEnd[1], &count); if (value) { block = nssutil_DupCat(block, NSSUTIL_ArgStrip(value)); PORT_Free(value); } if (block == NULL) { goto loser; } block = nssutil_DupnCat(block, "\n", 1); module = keyEnd + 1 + count; module = NSSUTIL_ArgStrip(module); } if (block) { if (!libFound) { fprintf(fd,"library=\n"); } fwrite(block, PORT_Strlen(block), 1, fd); fprintf(fd,"\n"); PORT_Free(block); block = NULL; } fclose(fd); return SECSuccess; loser: PORT_Free(block); fclose(fd); return SECFailure; }
/* * Find any tokens= values in the module spec. * Always return a new spec which does not have any tokens= arguments. * If tokens= arguments are found, Split the the various tokens defined into * an array of child specs to return. * * Caller is responsible for freeing the child spec and the new token * spec. */ char * secmod_ParseModuleSpecForTokens(PRBool convert, PRBool isFIPS, char *moduleSpec, char ***children, CK_SLOT_ID **ids) { int newSpecLen = PORT_Strlen(moduleSpec)+2; char *newSpec = PORT_Alloc(newSpecLen); char *newSpecPtr = newSpec; char *modulePrev = moduleSpec; char *target = NULL; char *tmp = NULL; char **childArray = NULL; char *tokenIndex; CK_SLOT_ID *idArray = NULL; int tokenCount = 0; int i; if (newSpec == NULL) { return NULL; } *children = NULL; if (ids) { *ids = NULL; } moduleSpec = NSSUTIL_ArgStrip(moduleSpec); SECMOD_SPEC_COPY(newSpecPtr, modulePrev, moduleSpec); /* Notes on 'convert' and 'isFIPS' flags: The base parameters for opening * a new softoken module takes the following parameters to name the * various tokens: * * cryptoTokenDescription: name of the non-fips crypto token. * cryptoSlotDescription: name of the non-fips crypto slot. * dbTokenDescription: name of the non-fips db token. * dbSlotDescription: name of the non-fips db slot. * FIPSTokenDescription: name of the fips db/crypto token. * FIPSSlotDescription: name of the fips db/crypto slot. * * if we are opening a new slot, we need to have the following * parameters: * tokenDescription: name of the token. * slotDescription: name of the slot. * * * The convert flag tells us to drop the unnecessary *TokenDescription * and *SlotDescription arguments and convert the appropriate pair * (either db or FIPS based on the isFIPS flag) to tokenDescription and * slotDescription). */ /* * walk down the list. if we find a tokens= argument, save it, * otherise copy the argument. */ while (*moduleSpec) { int next; modulePrev = moduleSpec; NSSUTIL_HANDLE_STRING_ARG(moduleSpec, target, "tokens=", modulePrev = moduleSpec; /* skip copying */ ) NSSUTIL_HANDLE_STRING_ARG(moduleSpec, tmp, "cryptoTokenDescription=", if (convert) { modulePrev = moduleSpec; } ); NSSUTIL_HANDLE_STRING_ARG(moduleSpec, tmp, "cryptoSlotDescription=", if (convert) { modulePrev = moduleSpec; } ); NSSUTIL_HANDLE_STRING_ARG(moduleSpec, tmp, "dbTokenDescription=", if (convert) { modulePrev = moduleSpec; if (!isFIPS) { newSpecPtr = secmod_doDescCopy(newSpecPtr, &newSpecLen, SECMOD_TOKEN_DESCRIPTION, sizeof(SECMOD_TOKEN_DESCRIPTION)-1, tmp); } });
/* * Add a module to the Data base */ static SECStatus nssutil_AddSecmodDB(const char *appName, const char *filename, const char *dbname, char *module, PRBool rw) { FILE *fd = NULL; char *block = NULL; PRBool libFound = PR_FALSE; if (dbname == NULL) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } /* can't write to a read only module */ if (!rw) { PORT_SetError(SEC_ERROR_READ_ONLY); return SECFailure; } /* remove the previous version if it exists */ (void) nssutil_DeleteSecmodDB(appName, filename, dbname, module, rw); fd = lfopen(dbname, "a+", O_CREAT|O_RDWR|O_APPEND); if (fd == NULL) { return SECFailure; } module = NSSUTIL_ArgStrip(module); while (*module) { int count; char *keyEnd = PORT_Strchr(module,'='); char *value; if (PORT_Strncmp(module, "library=", 8) == 0) { libFound=PR_TRUE; } if (keyEnd == NULL) { block = nssutil_DupCat(block, module); break; } block = nssutil_DupnCat(block, module, keyEnd-module+1); if (block == NULL) { goto loser; } value = NSSUTIL_ArgFetchValue(&keyEnd[1], &count); if (value) { block = nssutil_DupCat(block, NSSUTIL_ArgStrip(value)); PORT_Free(value); } if (block == NULL) { goto loser; } block = nssutil_DupnCat(block, "\n", 1); module = keyEnd + 1 + count; module = NSSUTIL_ArgStrip(module); } if (block) { if (!libFound) { fprintf(fd,"library=\n"); } fwrite(block, PORT_Strlen(block), 1, fd); fprintf(fd,"\n"); PORT_Free(block); block = NULL; } fclose(fd); return SECSuccess; loser: PORT_Free(block); fclose(fd); return SECFailure; }