Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2025-02-27 12:50:09 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

just hacking.

Browse Source
This commit is contained in:
nicolson%netscape.com 2001-04-03 04:08:20 +00:00
parent 3468c4e24c
commit 601e50f944
4 changed files with 127 additions and 355 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

159
security/jss/org/mozilla/jss/manage/CryptoManager.c
View File

@ -69,20 +69,20 @@ struct CERTCertDBHandleStr {
PZMonitor *dbMon;
};
/*
** NOTE: We must declare a function "prototype" for the following function
** since it is defined in the "private" NSPR 2.0 header files,
** specifically "ns/nspr20/pr/include/private/pprthred.h".
**
** Get this thread's affinity mask. The affinity mask is a 32 bit quantity
** marking a bit for each processor this process is allowed to run on.
** The processor mask is returned in the mask argument.
** The least-significant-bit represents processor 0.
**
** Returns 0 on success, -1 on failure.
*/
PRInt32
PR_GetThreadAffinityMask(PRThread *thread, PRUint32 *mask);
/********************************************************************/
/* The following VERSION Strings should be updated in the following */
/* files everytime a new release of JSS is generated: */
/* */
/* jss.jar: ns/ninja/org/mozilla/jss/manage/CryptoManager.java */
/* jss.dll: ns/ninja/org/mozilla/jss/manage/CryptoManager.c */
/* */
/********************************************************************/
static const char* DLL_JSS_VERSION = "JSS_VERSION = JSS_3_0";
static const char* DLL_JDK_VERSION = "JDK_VERSION = JDK 1.2.2";
static const char* DLL_NSS_VERSION = "NSS_VERSION = NSS_3_2_RTM";
static const char* DLL_DBM_VERSION = "DBM_VERSION = NSS_3_1_1_RTM";
static const char* DLL_NSPR_VERSION = "NSPR_VERSION = NSPRPUB_RELEASE_4_1";
static jobject
makePWCBInfo(JNIEnv *env, PK11SlotInfo *slot);
@ -396,9 +396,10 @@ Java_org_mozilla_jss_CryptoManager_initializeAllNative
*/
void
JSS_completeInitialize(JNIEnv *env,
jstring modDBName,
jstring keyDBName,
jstring certDBName,
jstring configDir,
jstring certPrefix,
jstring keyPrefix,
jstring secmodName,
jboolean readOnly,
jstring manuString,
jstring libraryString,
@ -412,13 +413,13 @@ JSS_completeInitialize(JNIEnv *env,
jstring ocspResponderURL,
jstring ocspResponderCertNickname )
{
CERTCertDBHandle *cdb_handle=NULL;
SECKEYKeyDBHandle *kdb_handle=NULL;
SECStatus rv = SECFailure;
PRStatus status = PR_FAILURE;
JavaVM *VMs[5];
jint numVMs;
char *szDBName = NULL; /* C string version of a database filename */
char *szConfigDir = NULL;
char *szCertPrefix = NULL;
char *szKeyPrefix = NULL;
char *szSecmodName = NULL;
char *manuChars=NULL;
char *libraryChars=NULL;
char *tokChars=NULL;
@ -427,76 +428,17 @@ JSS_completeInitialize(JNIEnv *env,
char *keySlotChars=NULL;
char *fipsChars=NULL;
char *fipsKeyChars=NULL;
PRUint32 initFlags;
/* This is thread-safe because initialize is synchronized */
static PRBool initialized=PR_FALSE;
/*
* Initialize NSPR and the RNG
*/
if( simpleInitialize(env) != PR_SUCCESS ) {
PR_ASSERT((*env)->ExceptionOccurred(env));
return;
}
PR_ASSERT(env!=NULL && modDBName!=NULL && certDBName!=NULL
&& keyDBName!=NULL);
/* Make sure initialize() completes only once */
if(initialized) {
JSS_throw(env, ALREADY_INITIALIZED_EXCEPTION);
return;
}
/*
* Initialize the private key database.
*/
szDBName = (char*) (*env)->GetStringUTFChars(env, keyDBName, NULL);
PR_ASSERT(szDBName != NULL);
/* Bug #299899: OpenKeyDBFilename is broken. */
kdb_handle = SECKEY_OpenKeyDB( readOnly,
keyDBNameCallback,
(void*) szDBName);
(*env)->ReleaseStringUTFChars(env, keyDBName, szDBName);
if (kdb_handle != NULL) {
SECKEY_SetDefaultKeyDB(kdb_handle);
} else {
char *err;
PR_smprintf(err, "Unable to open key database %s", szDBName);
JSS_nativeThrowMsg(env, KEY_DATABASE_EXCEPTION, err);
PR_smprintf_free(err);
goto finish;
}
/*
* Initialize the certificate database.
*/
cdb_handle = PR_NEWZAP(CERTCertDBHandle);
if(cdb_handle == NULL) {
JSS_nativeThrowMsg(env,
OUT_OF_MEMORY_ERROR,
"creating certificate database handle");
goto finish;
}
szDBName = (char*) (*env)->GetStringUTFChars(env, certDBName, NULL);
PR_ASSERT(szDBName != NULL);
/* Bug #299899: OpenCertDBFilename is broken. */
rv = CERT_OpenCertDB(cdb_handle, readOnly,
certDBNameCallback, szDBName);
(*env)->ReleaseStringUTFChars(env, certDBName, szDBName);
if (rv == SECSuccess) {
CERT_SetDefaultCertDB(cdb_handle);
} else {
char *err;
PR_smprintf(err, "Unable to open certificate database %s", szDBName);
JSS_nativeThrowMsg(env, CERT_DATABASE_EXCEPTION, err);
PR_smprintf_free(err);
goto finish;
}
/*
* Set the PKCS #11 strings
*/
@ -532,14 +474,30 @@ JSS_completeInitialize(JNIEnv *env,
PR_FALSE /* password required */
);
/*
* Open the PKCS #11 Module database
* Set up arguments to NSS_Initialize
*/
szDBName = (char *) (*env)->GetStringUTFChars(env, modDBName, NULL);
PR_ASSERT(szDBName != NULL);
SECMOD_init(szDBName);
/* !!! SECMOD_init doesn't return an error code: Bug #262562 */
(*env)->ReleaseStringUTFChars(env, modDBName, szDBName);
szConfigDir = (char*) (*env)->GetStringUTFChars(env, configDir, NULL);
szCertPrefix = (char*) (*env)->GetStringUTFChars(env, certPrefix, NULL);
szKeyPrefix = (char*) (*env)->GetStringUTFChars(env, keyPrefix, NULL);
szSecmodName = (char*) (*env)->GetStringUTFChars(env, secmodName, NULL);
initFlags = 0;
if( readOnly ) {
initFlags |= NSS_INIT_READONLY;
}
/*
* Initialize NSS.
*/
rv = NSS_Initialize(szConfigDir, szCertPrefix, szKeyPrefix, szSecmodName,
initFlags);
if( rv != SECSuccess ) {
JSS_throwMsg(env, SECURITY_EXCEPTION,
"Unable to initialize security library");
goto finish;
}
/*
* Set default password callback. This is the only place this
@ -587,27 +545,16 @@ JSS_completeInitialize(JNIEnv *env,
initialized = PR_TRUE;
status = PR_SUCCESS;
finish:
if(status == PR_FAILURE) {
if(cdb_handle) {
if(CERT_GetDefaultCertDB() == cdb_handle) {
CERT_SetDefaultCertDB(NULL);
}
CERT_ClosePermCertDB(cdb_handle);
PR_Free(cdb_handle);
}
if(kdb_handle) {
if(SECKEY_GetDefaultKeyDB() == kdb_handle) {
SECKEY_SetDefaultKeyDB(NULL);
}
SECKEY_CloseKeyDB(kdb_handle);
/* CloseKeyDB also frees the handle */
}
}
/* LET'S BE CAREFUL. Unbraced if statements ahead. */
if(szConfigDir)
(*env)->ReleaseStringUTFChars(env, configDir, szConfigDir);
if(szCertPrefix)
(*env)->ReleaseStringUTFChars(env, certPrefix, szCertPrefix);
if(szKeyPrefix)
(*env)->ReleaseStringUTFChars(env, keyPrefix, szKeyPrefix);
if(szSecmodName)
(*env)->ReleaseStringUTFChars(env, secmodName, szSecmodName);
if(manuChars)
(*env)->ReleaseStringUTFChars(env, manuString, manuChars);
if(libraryChars)

121
security/jss/org/mozilla/jss/manage/CryptoManager.java
View File

@ -51,7 +51,7 @@ import org.mozilla.jss.CRLImportException;
* Initialization is done with static methods, and must be done before
* an instance can be created. All other operations are done with instance
* methods.
* @version $Revision: 1.4 $ $Date: 2001/03/23 19:50:02 $
* @version $Revision: 1.5 $ $Date: 2001/04/03 04:08:19 $
*/
public final class CryptoManager implements TokenSupplier
{
@ -110,37 +110,23 @@ public final class CryptoManager implements TokenSupplier
public static final FIPSMode UNCHANGED = new FIPSMode();
}
/**
* Creates a new set of CryptoManager initialization values.
* These values should be passed into
* <code>CryptoManager.initialize()</code>. All the values have
* defaults, except for modDBName, keyDBName, and certDBName,
* which are passed in as parameters. All the values can be
* modified after this constructor has been called.
*/
public InitializationValues( String modDBName,
String keyDBName,
String certDBName )
{
this.modDBName = modDBName;
this.keyDBName = keyDBName;
this.certDBName = certDBName;
public InitializationValues(String configDir) {
this.configDir = configDir;
}
/**
* The path of the security module database (secmod[ule].db).
*/
public String modDBName;
public InitializationValues(String configDir, String certPrefix,
String keyPrefix, String secmodName)
{
this.configDir = configDir;
this.certPrefix = certPrefix;
this.keyPrefix = keyPrefix;
this.secmodName = secmodName;
}
/**
* The path of the key database (key3.db).
*/
public String keyDBName;
/**
* The path of the certificate database (cert7.db).
*/
public String certDBName;
public String configDir = null;
public String certPrefix = null;
public String keyPrefix = null;
public String secmodName = null;
/**
* The password callback to be used by JSS whenever a password
@ -743,28 +729,19 @@ public final class CryptoManager implements TokenSupplier
* an exception. It is OK to call them after calling
* <code>initialize()</code>.
*
* @param modDBName The full path, relative or absolute, of the security
* module database.
* @param keyDBName The full path, relative or absolute, of the key
* database.
* @param certDBName The full path, relative or absolute, of the
* certificate database.
* @param configDir The directory containing the security databases.
* @exception org.mozilla.jss.util.KeyDatabaseException Unable to open
* the key database, or it was currupted.
* @exception org.mozilla.jss.util.CertDatabaseException Unable
* to open the certificate database, or it was currupted.
**/
public static synchronized void initialize( String modDBName,
String keyDBName,
String certDBName )
public static synchronized void initialize( String configDir )
throws KeyDatabaseException,
CertDatabaseException,
AlreadyInitializedException,
GeneralSecurityException
{
InitializationValues vals =
new InitializationValues( modDBName, keyDBName, certDBName );
initialize( vals );
initialize( new InitializationValues(configDir) );
}
/**
@ -798,9 +775,10 @@ public final class CryptoManager implements TokenSupplier
"Must set ocspResponderCertNickname");
}
}
initializeAllNative(values.modDBName,
values.keyDBName,
values.certDBName,
initializeAllNative(values.configDir,
values.certPrefix,
values.keyPrefix,
values.secmodName,
values.readOnly,
values.getManufacturerID(),
values.getLibraryDescription(),
@ -839,9 +817,10 @@ public final class CryptoManager implements TokenSupplier
}
private static native void
initializeAllNative(String modDBName,
String keyDBName,
String certDBName,
initializeAllNative(String configDir,
String certPrefix,
String keyPrefix,
String secmodName,
boolean readOnly,
String manufacturerID,
String libraryDescription,
@ -1264,4 +1243,52 @@ public final class CryptoManager implements TokenSupplier
public static final int DOMESTIC_POLICY=1;
public static final int EXPORT_POLICY=2;
public static final int FRANCE_POLICY=3;
/********************************************************************/
/* The following VERSION Strings should be updated in the following */
/* files everytime a new release of JSS is generated: */
/* */
/* jss.jar: ns/ninja/org/mozilla/jss/manage/CryptoManager.java */
/* jss.dll: ns/ninja/org/mozilla/jss/manage/CryptoManager.c */
/* */
/********************************************************************/
public static final String
JAR_JSS_VERSION = "JSS_VERSION = JSS_3_0";
public static final String
JAR_JDK_VERSION = "JDK_VERSION = JDK 1.2.2";
public static final String
JAR_NSS_VERSION = "NSS_VERSION = NSS_3_2_RTM";
public static final String
JAR_DBM_VERSION = "DBM_VERSION = NSS_3_1_1_RTM";
public static final String
JAR_NSPR_VERSION = "NSPR_VERSION = NSPRPUB_RELEASE_4_1";
/**
* Loads the JSS dynamic library if necessary.
* The system property "jss.load" will be set to "no" by jssjava
* because it is statically linked to the jss libraries. If this
* property is not set, that means we are not running jssjava
* and need to dynamically load the library.
* <p>This method is idempotent.
*/
synchronized static void loadNativeLibraries()
{
if( ! mNativeLibrariesLoaded &&
! ("no").equals(System.getProperty("jss.load")) )
{
try {
Debug.trace(Debug.VERBOSE, "about to load jss library");
System.loadLibrary("jss3");
Debug.trace(Debug.VERBOSE, "jss library loaded");
} catch( UnsatisfiedLinkError e) {
Debug.trace(Debug.ERROR, "ERROR: Unable to load jss library");
throw e;
}
mNativeLibrariesLoaded = true;
}
}
static private boolean mNativeLibrariesLoaded = false;
}

198
security/jss/org/mozilla/jss/manage/NSSInit.java
View File

@ -1,198 +0,0 @@
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
package org.mozilla.jss;
import org.mozilla.jss.util.Debug;
import org.mozilla.jss.util.PasswordCallback;
import org.mozilla.jss.util.ConsolePasswordCallback;
import org.mozilla.jss.KeyDatabaseException;
import org.mozilla.jss.CertDatabaseException;
import org.mozilla.jss.crypto.AlreadyInitializedException;
/**
* This class initializes Java NSS and sets up the password callback.
*/
public final class NSSInit {
/********************************************************************/
/* The following VERSION Strings should be updated in the following */
/* files everytime a new release of JSS is generated: */
/* */
/* jssjava: ns/ninja/cmd/jssjava/jssjava.c */
/* jss.jar: ns/ninja/org/mozilla/jss/manage/NSSInit.java */
/* jss.dll: ns/ninja/org/mozilla/jss/manage/NSSInit.c */
/* */
/********************************************************************/
public static final String
JAR_JSS_VERSION = "JSS_VERSION = JSS_3_0";
public static final String
JAR_JDK_VERSION = "JDK_VERSION = JDK 1.2.2";
public static final String
JAR_NSS_VERSION = "NSS_VERSION = NSS_3_2_RTM";
public static final String
JAR_DBM_VERSION = "DBM_VERSION = NSS_3_1_1_RTM";
public static final String
JAR_NSPR_VERSION = "NSPR_VERSION = NSPRPUB_RELEASE_4_1";
/**
* Loads the JSS dynamic library if necessary.
* The system property "jss.load" will be set to "no" by jssjava
* because it is statically linked to the jss libraries. If this
* property is not set, that means we are not running jssjava
* and need to dynamically load the library.
* <p>This method is idempotent.
*/
synchronized static void loadNativeLibraries()
{
if( ! mNativeLibrariesLoaded &&
! ("no").equals(System.getProperty("jss.load")) )
{
try {
Debug.trace(Debug.VERBOSE, "about to load jss library");
System.loadLibrary("jss3");
Debug.trace(Debug.VERBOSE, "jss library loaded");
} catch( UnsatisfiedLinkError e) {
Debug.trace(Debug.ERROR, "ERROR: Unable to load jss library");
throw e;
}
mNativeLibrariesLoaded = true;
}
}
static private boolean mNativeLibrariesLoaded = false;
/**
* Initialize Java NSS. This method opens the security module, key,
* and certificate databases and initializes the Random Number Generator.
* The certificate and key databases are opened in read-only mode.
*
* <p>This method also attempts to load the native implementation library.
* On UNIX systems, this library is named <code>libjss.so</code>,
* and it must be present in the <code>LD_LIBRARY_PATH</code>.
* On Windows systems, the library is named
* <code>jss.dll</code> and must be present in the <code>PATH</code>.
* If the library cannot be found, an <code>UnsatisfiedLinkError</code>
* is thrown.
*
* <p>This method should only be called once by an application,
* otherwise an
* <code>AlreadyInitializedException</code> will be thrown.
*
* @param modDBName The complete path, relative or absolute, of the
* security module database.
* If it does not exist, it will be created.
* @param keyDBName The complete path, relative or absolute, of the key
* database. It must already exist.
* @param certDBName The complete path, relative or absolute, of the
* certificate database. It must already exist.
* @exception KeyDatabaseException If the key database does not exist
* or cannot be opened.
* @exception CertDatabaseException If the certificate database does
* not exist or cannot be opened.
* @exception AlreadyInitializedException If this method has already
* been called.
* @exception UnsatisfiedLinkError If the implementation dynamic library
* cannot be found or loaded.
*/
public static synchronized void
initialize( String modDBName, String keyDBName,
String certDBName )
throws KeyDatabaseException, CertDatabaseException,
AlreadyInitializedException
{
if (mNSSInitialized) throw new AlreadyInitializedException();
loadNativeLibraries();
initializeNative(modDBName,
keyDBName,
certDBName,
true, // readOnly
"mozilla.org ",
"Internal Crypto Services ",
"Internal Crypto Services Token ",
"Internal Key Storage Token ",
"NSS Internal Cryptographic Services ",
"NSS Internal Private Key and Certificate Storage ",
"NSS Internal FIPS-140-1 Cryptographic Services ",
"NSS Internal FIPS-140-1 Private Key and Certificate Storage ");
setPasswordCallback( new ConsolePasswordCallback() );
mNSSInitialized = true;
}
static private boolean mNSSInitialized = false;
/**
* Indicates whether Java NSS has been initialized.
*
* @return <code>true</code> if <code>initialize</code> has been called,
* <code>false</code> otherwise.
*/
public static synchronized boolean isInitialized()
{
return mNSSInitialized;
}
private static native void initializeNative(
String modDBName,
String keyDBName,
String certDBName,
boolean readOnly,
String manuString,
String libraryString,
String tokString,
String keyTokString,
String slotString,
String keySlotString,
String fipsString,
String fipsKeyString)
throws KeyDatabaseException, CertDatabaseException,
AlreadyInitializedException;
/**
* Sets the password callback.
* This password callback will be called when access is required
* to the key database, and to any PKCS #11 token. Once a token
* has been logged into successfully, it is not necessary to login to
* that token again. By default,
* a <code>ConsolePasswordCallback</code> is used to obtain passwords
* from the console.
*
* <p>This method may be called multiple times to alter the password
* callback.
*
* @see org.mozilla.jss.util.PasswordCallback
* @see org.mozilla.jss.util.ConsolePasswordCallback
*/
public static synchronized native void
setPasswordCallback(PasswordCallback cb);
}

4
security/jss/org/mozilla/jss/manage/manifest.mn
View File

@ -43,7 +43,6 @@ PACKAGE = org/mozilla/jss
JNI_GEN = \
org.mozilla.jss.DatabaseCloser \
org.mozilla.jss.CryptoManager \
org.mozilla.jss.NSSInit \
$(NULL)
CLASSES = \
@ -52,7 +51,6 @@ CLASSES = \
CryptoManager \
KeyDatabaseException \
NoSuchTokenException \
NSSInit \
DatabaseCloser \
$(NULL)
@ -62,14 +60,12 @@ JSRCS = \
CryptoManager.java \
KeyDatabaseException.java \
NoSuchTokenException.java \
NSSInit.java \
DatabaseCloser.java \
$(NULL)
CSRCS = \
CryptoManager.c \
PK11Finder.c \
NSSInit.c \
$(NULL)