inst.js

来自「支持SSL v2/v3, TLS, PKCS #5, PKCS #7, PKCS」· JavaScript 代码 · 共 269 行

//
// The contents of this file are subject to the Mozilla Public
// License Version 1.1 (the "License"); you may not use this file
// except in compliance with the License. You may obtain a copy of
// the License at http://www.mozilla.org/MPL/
// 
// Software distributed under the License is distributed on an "AS
// IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
// implied. See the License for the specific language governing
// rights and limitations under the License.
// 
// The Original Code is the Netscape security libraries.
// 
// The Initial Developer of the Original Code is Netscape
// Communications Corporation.  Portions created by Netscape are 
// Copyright (C) 1994-2000 Netscape Communications Corporation.  All
// Rights Reserved.
// 
// Contributor(s):
// 
// Alternatively, the contents of this file may be used under the
// terms of the GNU General Public License Version 2 or later (the
// "GPL"), in which case the provisions of the GPL are applicable 
// instead of those above.  If you wish to allow use of your 
// version of this file only under the terms of the GPL and not to
// allow others to use your version of this file under the MPL,
// indicate your decision by deleting the provisions above and
// replace them with the notice and other provisions required by
// the GPL.  If you do not delete the provisions above, a recipient
// may use your version of this file under either the MPL or the
// GPL.
//
////////////////////////////////////////////////////////////////////////////////////////
// Crypto Mechanism Flags
PKCS11_MECH_RSA_FLAG           =  0x1<<0; 
PKCS11_MECH_DSA_FLAG           =  0x1<<1; 
PKCS11_MECH_RC2_FLAG           =  0x1<<2; 
PKCS11_MECH_RC4_FLAG           =  0x1<<3; 
PKCS11_MECH_DES_FLAG           =  0x1<<4; 
PKCS11_MECH_DH_FLAG            =  0x1<<5; //Diffie-Hellman 
PKCS11_MECH_SKIPJACK_FLAG      =  0x1<<6; //SKIPJACK algorithm as in Fortezza cards 
PKCS11_MECH_RC5_FLAG           =  0x1<<7; 
PKCS11_MECH_SHA1_FLAG          =  0x1<<8; 
PKCS11_MECH_MD5_FLAG           =  0x1<<9; 
PKCS11_MECH_MD2_FLAG           =  0x1<<10; 
PKCS11_MECH_RANDOM_FLAG        =  0x1<<27; //Random number generator 
PKCS11_PUB_READABLE_CERT_FLAG  =  0x1<<28; //Stored certs can be read off the token w/o logging in 
PKCS11_DISABLE_FLAG            =  0x1<<30; //tell Navigator to disable this slot by default 

// Important: 
// 0x1<<11, 0x1<<12, ... , 0x1<<26, 0x1<<29, and 0x1<<31 are reserved 
// for internal use in Navigator. 
// Therefore, these bits should always be set to 0; otherwise,
// Navigator might exhibit unpredictable behavior. 

// These flags indicate which mechanisms should be turned on by 
var pkcs11MechanismFlags = PKCS11_MECH_RANDOM_FLAG; 
  
////////////////////////////////////////////////////////////////////////////////////////
// Ciphers that support SSL or S/MIME 
PKCS11_CIPHER_FORTEZZA_FLAG    = 0x1<<0; 

// Important: 
// 0x1<<1, 0x1<<2, ... , 0x1<<31 are reserved 
// for internal use in Navigator. 
// Therefore, these bits should ALWAYS be set to 0; otherwise, 
// Navigator might exhibit unpredictable behavior. 

// These flags indicate which SSL ciphers are supported 
var pkcs11CipherFlags = PKCS11_CIPHER_FORTEZZA_FLAG; 
  
////////////////////////////////////////////////////////////////////////////////////////
// Return values of pkcs11.addmodule() & pkcs11.delmodule() 
// success codes 
JS_OK_ADD_MODULE                 = 3; // Successfully added a module 
JS_OK_DEL_EXTERNAL_MODULE        = 2; // Successfully deleted ext. module 
JS_OK_DEL_INTERNAL_MODULE        = 1; // Successfully deleted int. module 

// failure codes 
JS_ERR_OTHER                     = -1; // Other errors than the followings 
JS_ERR_USER_CANCEL_ACTION        = -2; // User abort an action 
JS_ERR_INCORRECT_NUM_OF_ARGUMENTS= -3; // Calling a method w/ incorrect # of arguments 
JS_ERR_DEL_MODULE                = -4; // Error deleting a module 
JS_ERR_ADD_MODULE                = -5; // Error adding a module 
JS_ERR_BAD_MODULE_NAME           = -6; // The module name is invalid 
JS_ERR_BAD_DLL_NAME              = -7; // The DLL name is bad 
JS_ERR_BAD_MECHANISM_FLAGS       = -8; // The mechanism flags are invalid 
JS_ERR_BAD_CIPHER_ENABLE_FLAGS   = -9; // The SSL, S/MIME cipher flags are invalid 
JS_ERR_ADD_MODULE_DULICATE       =-10; // Module with the same name already installed

////////////////////////////////////////////////////////////////////////////////////////
// Find out which library is to be installed depending on the platform

// pathname seperator is platform specific
var sep = "/";
var vendor = "netscape";
var moduleName = "not_supported";
var plat = navigator.platform;
 
var dir = "pkcs11/" + vendor + "/" + plat + "/";
if (plat == "Win16") {
    dir = "pkcs11/";
}

bAbort = false;
if (plat == "Win32") {
    moduleName = "fort32.dll";
    sep = "\\";
} else if (plat == "Win16") {
    moduleName = "FORT16.DLL";
    sep = "\\";
} else if (plat == "MacPPC") {
    moduleName = "FortPK11Lib";
    sep = ":";
} else if (plat == "AIX4.1") {
    moduleName = "libfort_shr.a";
} else if (plat == "SunOS4.1.3_U1") {
    moduleName = "libfort.so.1.0";        
} else if ((plat == "SunOS5.4") || (plat == "SunOS5.5.1")){
    moduleName = "libfort.so";
} else if ((plat == "HP-UXA.09") || (plat == "HP-UXB.10")){
    moduleName = "libfort.sl";
} else if (plat == "IRIX6.2"){
    // The module only works on 6.3, but Communicator returns 6.2 even when
    // running 6.3.  So in order to prevent the user from thinking
    // the module actually works on 6.2, we will force the name to 
    // say 6.3 instead of 6.2.  In the even the user tries to install
    // on 6.2, the user will see 6.3 instead.  If they don't get it that
    // it's not going to work at this point in time, then the entire install
    // process wil just fail miserably, and that is OK.
    plat = "IRIX6.3";
    moduleName = "libfort.so";
} else {
    window.alert("Sorry, platform "+plat+" is not supported.");
    bAbort = true;
}

////////////////////////////////////////////////////////////////////////////////////////
// Installation Begins...
if (!bAbort) {
if (confirm("This script will install a security module. \nIt may over-write older files having the same name. \nDo you want to continue?")) { 
 // Step 1. Create a version object and a software update object 
 vi = new netscape.softupdate.VersionInfo(1, 6, 0, 0); 
 su = new netscape.softupdate.SoftwareUpdate(this, "Fortezza Card PKCS#11 Module"); 
                 // "Fortezza ... Module" is the logical name of the bundle 

 ////////////////////////////////////////
 // Step 2. Start the install process 
 bAbort = false; 
 err = su.StartInstall("NSfortezza", // NSfortezza is the component folder (logical) 
                       vi, 
                       netscape.softupdate.SoftwareUpdate.FULL_INSTALL); 
                            
 bAbort = (err!=0); 

 if (err == 0) { 
     ////////////////////////////////////////
    // Step 3. Find out the physical location of the Program dir 
    Folder = su.GetFolder("Program"); 

     ////////////////////////////////////////
    // Step 4. Install the files. Unpack them and list where they go 

    err = su.AddSubcomponent("FortezzaLibrary_"+plat, //component name (logical) 
                                    vi, // version info 
                                    moduleName, // source file in JAR (physical) 
                                    Folder, // target folder (physical) 
                                    dir + moduleName, // target path & filename (physical) 
                                    true); // forces update 
    if (err != 0) {
        if (err == -200) {
             errmsg = "Bad Package Name.";
        } else if (err == -201) {
             errmsg = "Unexpected error.";
        } else if (err == -203) {
             errmsg = "Installation script was signed by more than one certificate.";
        } else if (err == -204) {
             errmsg = "Installation script was not signed."
        } else if (err == -205) {
             errmsg = "The file to be installed is not signed."
        } else if (err == -206) {
             errmsg = "The file to be installed is not present, or it was signed with a different certificate than the one used to sign the install script.";
        } else if (err == -207) {
             errmsg = "JAR archive has not been opened."
        } else if (err == -208) {
             errmsg = "Bad arguments to AddSubcomponent( )."
        } else if (err == -209) {
             errmsg = "Illegal relative path( )."
        } else if (err == -210) {
             errmsg = "User cancelled installation."
        } else if (err == -211) {
             errmsg = "A problem occurred with the StartInstall( )."
        } else {
             errmsg = "Unknown error";
        }
        window.alert("Error adding sub-component: "+"("+err+")"+errmsg); 
        //window.alert("Aborting, Folder="+Folder+" module="+dir+moduleName);
        bAbort = true;
    }
 } 

 ////////////////////////////////////////
 // Step 5. Unless there was a problem, move files to final location 
 // and update the Client Version Registry 
 if (bAbort) { 
    su.AbortInstall(); 
 } else { 
    err = su.FinalizeInstall(); 

    if (err != 0) {

        if (err == -900) {
             errmsg = "Restart the computer, and install again.";
        } else if (err == -201) {
             errmsg = "Unexpected error.";
        } else if (err == -202) {
             errmsg = "Access denied. Make sure you have the permissions to write to the disk.";    
        } else if (err == -203) {
             errmsg = "Installation script was signed by more than one certificate.";
        } else if (err == -204) {
             errmsg = "Installation script was not signed."
        } else if (err == -205) {
             errmsg = "The file to be installed is not signed."
        } else if (err == -206) {
             errmsg = "The file to be installed is not present, or it was signed with a different certificate than the one used to sign the install script." 
        } else if (err == -207) {
             errmsg = "JAR archive has not been opened."
        } else if (err == -208) {
             errmsg = "Bad arguments to AddSubcomponent( )."
        } else if (err == -209) {
             errmsg = "Illegal relative path( )."
        } else if (err == -210) {
             errmsg = "User cancelled installation."
        } else if (err == -211) {
             errmsg = "A problem occurred with the StartInstall( )."
        } else {
             errmsg = "\nIf you have FORTEZZA module already installed, try deleting it first.";
        }
        window.alert("Error Finalizing Install: "+"("+err+")"+errmsg); 
        //window.alert("Aborting, Folder="+Folder+" module="+dir+moduleName);

    } else {

        // Platform specific full path 
        if (plat=="Win16") { 
            fullpath = Folder +  "pkcs11" + sep + moduleName; 
        } else { 
            fullpath = Folder +  "pkcs11" + sep + vendor + sep + plat + sep + moduleName; 
        } 
 
         ////////////////////////////////////////
        // Step 6: Call pkcs11.addmodule() to register the newly downloaded module
        moduleCommonName = "Netscape FORTEZZA Module " + plat;
        result = pkcs11.addmodule(moduleCommonName, 
                              fullpath, 
                              pkcs11MechanismFlags, 
                              pkcs11CipherFlags); 
       if (result == -10) {
           window.alert("New module was copied to destination, \nbut setup failed because a module "
                   +"with the same name has been installed. \nTry deleting the module "
                   + moduleCommonName +" first.")
       } else if (result < 0) {
           window.alert("New module was copied to destination, but setup failed.  Error code: " + result); 
       }           
    } 
 } 
}
}