jar.c

来自「支持SSL v2/v3, TLS, PKCS #5, PKCS #7, PKCS」· C语言 代码 · 共 834 行 · 第 1/2 页

       return -1;
       }
    PORT_Assert (ctx->nextsign->thing != NULL);
    signer = (JAR_Signer*)ctx->nextsign->thing->data;
    }


  /* Find out which linked list to traverse. Then if
     necessary, advance to the next linked list. */

  while (1)
    {
    switch (finding)
      {
      case jarTypeSign:    /* not any more */
                           PORT_Assert( finding != jarTypeSign );
                           list = signer->certs;
                           break;

      case jarTypeSect:    list = jar->manifest;
                           break;

      case jarTypePhy:     list = jar->phy;
                           break;

      case jarTypeSF:      /* signer, not jar */
                           PORT_Assert( signer != NULL );
                           list = signer->sf;
                           break;

      case jarTypeMF:      list = jar->hashes;
                           break;

      case jarTypeOwner:   list = jar->signers;
                           break;

      case jarTypeMeta:    list = jar->metainfo;
                           break;

      default:             PORT_Assert( 1 != 2 );
                           break;
      }

    if (list == NULL)
      {
      *it = NULL;
      return -1;
      }

    /* When looping over lists of lists, advance
       to the next signer. This is done when multiple
       signers are possible. */

    if (ZZ_ListIterDone (list, ctx->next))
      {
      if (ctx->nextsign && jar->signers) 
        {
        ctx->nextsign = ctx->nextsign->next;
        if (!ZZ_ListIterDone (jar->signers, ctx->nextsign)) 
          {
          PORT_Assert (ctx->nextsign->thing != NULL);

          signer = (JAR_Signer*)ctx->nextsign->thing->data;
          PORT_Assert( signer != NULL );

          ctx->next = NULL;
          continue;
          }
        }
      *it = NULL;
      return -1;
      }

    /* if the signer changed, still need to fill
       in the "next" link */

    if (ctx->nextsign && ctx->next == NULL)
      {
      switch (finding)
        {
        case jarTypeSF:

          ctx->next = ZZ_ListHead (signer->sf);
          break;

        case jarTypeSign:

          ctx->next = ZZ_ListHead (signer->certs);
          break;
        }
      }

    PORT_Assert( ctx->next != NULL );


    while (!ZZ_ListIterDone (list, ctx->next))
      {
      *it = ctx->next->thing;
      ctx->next = ctx->next->next;

      if (!it || !*it || (*it)->type != finding)
        continue;

      if (ctx->pattern && *ctx->pattern)
        {
        if (PORT_Strcmp ((*it)->pathname, ctx->pattern))
          continue;
        }

      /* We have a valid match. If this is a jarTypeSign
         return the certificate instead.. */

      if (ctx->finding == jarTypeSign)
        {
        JAR_Item *itt;

        /* just the first one for now */
        if (jar_find_first_cert (signer, jarTypeSign, &itt) >= 0) 
           {
           *it = itt;
           return 0;
           }

        continue;      
        }

      return 0;
      }

    } /* end while */
  }

static int jar_find_first_cert 
    (JAR_Signer *signer, int type, JAR_Item **it)
  {
  ZZLink *link;
  ZZList *list;

  int status = JAR_ERR_PNF;

  list = signer->certs;

  *it = NULL;

  if (ZZ_ListEmpty (list))
    {
    /* empty list */
    return JAR_ERR_PNF;
    }

  for (link = ZZ_ListHead (list); 
       !ZZ_ListIterDone (list, link); 
       link = link->next)
    {
    if (link->thing->type == type)
      {
      *it = link->thing;
      status = 0;
      break;
      }
    }

  return status;
  }

JAR_Signer *JAR_new_signer (void)
  {
  JAR_Signer *signer;

  signer = (JAR_Signer *) PORT_ZAlloc (sizeof (JAR_Signer));

  if (signer == NULL)
    goto loser;


  /* certs */
  signer->certs = ZZ_NewList();

  if (signer->certs == NULL)
    goto loser;


  /* sf */
  signer->sf = ZZ_NewList();

  if (signer->sf == NULL)
    goto loser;


  return signer;


loser:

  if (signer)
    {
    if (signer->certs) 
      ZZ_DestroyList (signer->certs);

    if (signer->sf) 
      ZZ_DestroyList (signer->sf);

    PORT_Free (signer);
    }

  return NULL;
  }

void JAR_destroy_signer (JAR_Signer *signer)
  {
  if (signer)
    {
    if (signer->owner) PORT_Free (signer->owner);
    if (signer->digest) PORT_Free (signer->digest);

    jar_destroy_list (signer->sf);
    ZZ_DestroyList (signer->sf);

    jar_destroy_list (signer->certs);
    ZZ_DestroyList (signer->certs);

    PORT_Free (signer);
    }
  }

JAR_Signer *jar_get_signer (JAR *jar, char *basename)
  {
  JAR_Item *it;
  JAR_Context *ctx;

  JAR_Signer *candidate;
  JAR_Signer *signer = NULL;

  ctx = JAR_find (jar, NULL, jarTypeOwner);

  if (ctx == NULL)
    return NULL;

  while (JAR_find_next (ctx, &it) >= 0)
    {
    candidate = (JAR_Signer *) it->data;
    if (*basename == '*' || !PORT_Strcmp (candidate->owner, basename))
      {
      signer = candidate;
      break;
      }
    }

  JAR_find_end (ctx);

  return signer;
  }

/*
 *  J A R _ g e t _ f i l e n a m e
 *
 *  Returns the filename associated with
 *  a JAR structure.
 *
 */

char *JAR_get_filename (JAR *jar)
  {
  return jar->filename;
  }

/*
 *  J A R _ g e t _ u r l
 *
 *  Returns the URL associated with
 *  a JAR structure. Nobody really uses this now.
 *
 */

char *JAR_get_url (JAR *jar)
  {
  return jar->url;
  }

/*
 *  J A R _ s e t _ c a l l b a c k
 *
 *  Register some manner of callback function for this jar. 
 *
 */

int JAR_set_callback (int type, JAR *jar, 
      int (*fn) (int status, JAR *jar, 
         const char *metafile, char *pathname, char *errortext))
  {
  if (type == JAR_CB_SIGNAL)
    {
    jar->signal = fn;
    return 0;
    }
  else
    return -1;
  }

/*
 *  Callbacks
 *
 */

/* To return an error string */
char *(*jar_fn_GetString) (int) = NULL;

/* To return an MWContext for Java */
void *(*jar_fn_FindSomeContext) (void) = NULL;

/* To fabricate an MWContext for FE_GetPassword */
void *(*jar_fn_GetInitContext) (void) = NULL;

void
JAR_init_callbacks
     ( 
     char *(*string_cb)(int), 
     void *(*find_cx)(void), 
     void *(*init_cx)(void) 
     )
  {
  jar_fn_GetString = string_cb;
  jar_fn_FindSomeContext = find_cx;
  jar_fn_GetInitContext = init_cx;
  }

/*
 *  J A R _ g e t _ e r r o r
 *
 *  This is provided to map internal JAR errors to strings for
 *  the Java console. Also, a DLL may call this function if it does
 *  not have access to the XP_GetString function.
 *
 *  These strings aren't UI, since they are Java console only.
 *
 */

char *JAR_get_error (int status)
  { 
  char *errstring = NULL;

  switch (status)
    {
    case JAR_ERR_GENERAL:
      errstring = "General JAR file error";
      break;

    case JAR_ERR_FNF:
      errstring = "JAR file not found";
      break;

    case JAR_ERR_CORRUPT:
      errstring = "Corrupt JAR file";
      break;

    case JAR_ERR_MEMORY:
      errstring = "Out of memory";
      break;

    case JAR_ERR_DISK:
      errstring = "Disk error (perhaps out of space)";
      break;

    case JAR_ERR_ORDER:
      errstring = "Inconsistent files in META-INF directory";
      break;

    case JAR_ERR_SIG:
      errstring = "Invalid digital signature file";
      break;

    case JAR_ERR_METADATA:
      errstring = "JAR metadata failed verification";
      break;

    case JAR_ERR_ENTRY:
      errstring = "No Manifest entry for this JAR entry";
      break;

    case JAR_ERR_HASH:
      errstring = "Invalid Hash of this JAR entry";
      break;

    case JAR_ERR_PK7:
      errstring = "Strange PKCS7 or RSA failure";
      break;

    case JAR_ERR_PNF:
      errstring = "Path not found inside JAR file";
      break;

    default:
      if (jar_fn_GetString)
        {
        errstring = jar_fn_GetString (status);
        }
      else
        {
        /* this is not a normal situation, and would only be
           called in cases of improper initialization */

        char *err;

        err = (char*)PORT_Alloc (40);
        if (err)
          PR_snprintf (err, 39,  "Error %d\n", status);
        else
          err = "Error! Bad! Out of memory!";

        return err;
        }
      break;
    }

  return errstring;
  }