processmsg.c

来自「支持SSL v2/v3, TLS, PKCS #5, PKCS #7, PKCS」· C语言代码 · 共 2,164 行 · 第 1/5 页
2,164 行
  msg->data = NULL;  SSM_DEBUG("Rsrc ID %ld.\n", request.value);    rv = SSMControlConnection_GetResource(ctrl, request.value, &obj);  if (rv != PR_SUCCESS)     goto loser;  PR_ASSERT(obj != NULL);    rv = SSM_PickleResource(obj, &len, &dataBlob);  if (rv != PR_SUCCESS)     goto loser;  msg->data = NULL;  msg->len = 0;  msg->type = (SECItemType) (SSM_RESOURCE_ACTION | SSM_PICKLE_RESOURCE                              | SSM_CONSERVE_RESOURCE | SSM_REPLY_OK_MESSAGE);  reply.result = rv;  reply.blob.len = len;  reply.blob.data = (unsigned char *) dataBlob;  if (CMT_EncodeMessage(PickleResourceReplyTemplate, (CMTItem*)msg, &reply) != CMTSuccess) {      goto loser;  }    if (msg->data == NULL || msg->len == 0) goto loser;  PR_Free(dataBlob);  return PR_SUCCESS;    /* something went wrong, could not pickle resource */loser:  if (dataBlob)     PR_Free(dataBlob);  return PR_FAILURE;}SSMStatusSSMControlConnection_ProcessUnpickleRequest(SSMControlConnection * ctrl,                                             SECItem * msg){  SSMResource *obj;  SSMStatus rv;  UnpickleResourceRequest request;  UnpickleResourceReply reply;    SSM_DEBUG("Got an UnpickleResource request.\n");  /* Decode the message */  if (CMT_DecodeMessage(UnpickleResourceRequestTemplate, &request, (CMTItem*)msg) != CMTSuccess) {      goto loser;  }  msg->data = NULL;  rv = SSM_UnpickleResource(&obj, (SSMResourceType) request.resourceType, ctrl,                             (unsigned int) request.resourceData.len, request.resourceData.data);  if (rv != PR_SUCCESS)    goto loser;  SSM_DEBUG("Unpickled rsrc ID %ld.\n", obj->m_id);    /* getting this far means success, send the resource ID */  msg->data = NULL;  msg->len = 0;  msg->type = (SECItemType) (SSM_RESOURCE_ACTION | SSM_UNPICKLE_RESOURCE |     SSM_CONSERVE_RESOURCE | SSM_REPLY_OK_MESSAGE);  reply.result = rv;  reply.resID = obj->m_id;  if (CMT_EncodeMessage(UnpickleResourceReplyTemplate, (CMTItem*)msg, &reply) != CMTSuccess) {      goto loser;  }  if (msg->data == NULL || msg->len == 0) goto loser;  PR_Free(request.resourceData.data);  return PR_SUCCESS;    /* something went wrong, could not unpickle cert */loser:  if (request.resourceData.data)     PR_Free(request.resourceData.data);  return PR_FAILURE;}SSMStatus SSMControlConnection_ProcessPickleSecurityStatusRequest(SSMControlConnection* ctrl,                                                                 SECItem* msg){    SSMStatus rv;    SSMResource* obj = NULL;    PRIntn len;    void* blob = NULL;    PRIntn securityLevel;    SingleNumMessage request;    PickleSecurityStatusReply reply;    SSM_DEBUG("Got an PickleSecurityStatus request.\n");    /* decode the message */    if (CMT_DecodeMessage(SingleNumMessageTemplate, &request, (CMTItem*)msg) !=        CMTSuccess) {        return PR_FAILURE;    }    SSM_DEBUG("Rsrc ID %ld.\n", request.value);    rv = SSMControlConnection_GetResource(ctrl, request.value, &obj);    if (rv != PR_SUCCESS) {         return rv;    }    PR_ASSERT(obj != NULL);      /* the resource'd better be an SSMSSLDataConnection */    if (SSM_IsA(obj, SSM_RESTYPE_SSL_DATA_CONNECTION) != PR_TRUE) {        goto loser;    }    /* now have the SSL connection handle the action */    rv = SSMSSLDataConnection_PickleSecurityStatus((SSMSSLDataConnection*)obj,                                                   &len, &blob,                                                    &securityLevel);    if (rv != PR_SUCCESS) {        goto loser;    }    msg->data = NULL;    msg->len = 0;    msg->type = (SECItemType) (SSM_REPLY_OK_MESSAGE | SSM_RESOURCE_ACTION |         SSM_CONSERVE_RESOURCE | SSM_PICKLE_SECURITY_STATUS);    reply.result = rv;    reply.securityLevel = securityLevel;    reply.blob.len = len;    reply.blob.data = (unsigned char *) blob;    if (CMT_EncodeMessage(PickleSecurityStatusReplyTemplate, (CMTItem*)msg,                           &reply) != CMTSuccess) {        goto loser;    }      if (msg->data == NULL || msg->len == 0) {        goto loser;    }    PR_Free(blob);    SSM_FreeResource(obj);    return PR_SUCCESS;      /* something went wrong, could not pickle security status */loser:    if (blob != NULL) {         PR_Free(blob);    }    if (obj != NULL) {        SSM_FreeResource(obj);    }    return PR_FAILURE;}                                                   SECStatusSSMControlConnection_AddNewSecurityModule(SSMControlConnection *ctrl,                                           SECItem              *msg){    SECStatus      srv=SECFailure;    AddNewSecurityModuleRequest request;    if (CMT_DecodeMessage(AddNewSecurityModuleRequestTemplate, &request, (CMTItem*)msg) != CMTSuccess) {        goto loser;    }    srv = SECMOD_AddNewModule(request.moduleName, request.libraryPath,                              SECMOD_PubMechFlagstoInternal(request.pubMechFlags),                              SECMOD_PubCipherFlagstoInternal(request.pubCipherFlags)); loser:    if (request.moduleName != NULL) {        PR_Free(request.moduleName);    }    if (request.libraryPath != NULL) {        PR_Free(request.libraryPath);    }    return srv;}SSMStatusSSMControlConnection_DeleteSecurityModule(SSMControlConnection *ctrl,                                           SECItem              *msg,                                           PRInt32              *moduleType){    SECStatus srv;    SingleStringMessage request;        if (moduleType == NULL) {        goto loser;    }     if (CMT_DecodeMessage(SingleStringMessageTemplate, &request, (CMTItem*)msg) != CMTSuccess) {        goto loser;    }    /* To avoid any possible addition of data due to differing data types.*/    *moduleType = 0;    srv = SECMOD_DeleteModule(request.string, moduleType);    if (srv != SECSuccess) {        goto loser;    }    PR_Free(request.string);    return PR_SUCCESS; loser:    if (request.string != NULL) {        PR_Free(request.string);    }    return PR_FAILURE;}static PRBoolSSM_CiphersEnabled(PRInt32 *ciphers, PRInt16 numCiphers){    PRInt16 i;    SECStatus rv;    PRInt32 policy;    for (i=0; i<numCiphers; i++) {        rv = SSL_CipherPolicyGet(ciphers[i], &policy);        if (rv == SECSuccess && policy == SSL_ALLOWED) {            return PR_TRUE;        }    }    return PR_FALSE;}#define SSL_CB_RC4_128_WITH_MD5              (SSL_EN_RC4_128_WITH_MD5)#define SSL_CB_RC4_128_EXPORT40_WITH_MD5     (SSL_EN_RC4_128_EXPORT40_WITH_MD5)#define SSL_CB_RC2_128_CBC_WITH_MD5          (SSL_EN_RC2_128_CBC_WITH_MD5)#define SSL_CB_RC2_128_CBC_EXPORT40_WITH_MD5 (SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5)#define SSL_CB_IDEA_128_CBC_WITH_MD5         (SSL_EN_IDEA_128_CBC_WITH_MD5)#define SSL_CB_DES_64_CBC_WITH_MD5           (SSL_EN_DES_64_CBC_WITH_MD5)#define SSL_CB_DES_192_EDE3_CBC_WITH_MD5     (SSL_EN_DES_192_EDE3_CBC_WITH_MD5)static CMInt32SSM_GetSSLCapabilities(void){    CMInt32 allowed = (SSL_SC_RSA | SSL_SC_MD2 | SSL_SC_MD5);    PRInt32 policies[2];    policies[0] = SSL_CB_RC2_128_CBC_WITH_MD5;    policies[1] = SSL_CB_RC2_128_CBC_EXPORT40_WITH_MD5;    if (SSM_CiphersEnabled(policies, 2)) {        allowed |= SSL_SC_RC2_CBC;    }    policies[0] = SSL_CB_RC4_128_WITH_MD5;    policies[1] = SSL_CB_RC4_128_EXPORT40_WITH_MD5;    if (SSM_CiphersEnabled(policies, 2)) {        allowed |= SSL_SC_RC4;    }    policies[0] = SSL_CB_DES_64_CBC_WITH_MD5;    if (SSM_CiphersEnabled(policies, 1)) {        allowed |= SSL_SC_DES_CBC;    }    policies[0] = SSL_CB_DES_192_EDE3_CBC_WITH_MD5;    if (SSM_CiphersEnabled(policies, 1)) {        allowed |= SSL_SC_DES_EDE3_CBC;    }    policies[0] = SSL_CB_IDEA_128_CBC_WITH_MD5;    if (SSM_CiphersEnabled(policies, 1)) {        allowed |= SSL_SC_IDEA_CBC;    }    return allowed;}SSMStatusSSMControlConnection_ProcessPKCS11Request(SSMControlConnection * ctrl,                                           SECItem * msg){  SSMResourceID  rsrcid;  SSMStatus       rv;  SECStatus      srv;  PRInt32        moduleType;  SingleNumMessage reply;  SSM_DEBUG("Got a PKCS11 request.\n");    switch (msg->type & SSM_SUBTYPE_MASK) {  case SSM_CREATE_KEY_PAIR: /*Should just call a function that does the 			     *approprieate action */    SSM_DEBUG("Generating a key pair.\n");    rv = SSMKeyGenContext_BeginGeneratingKeyPair(ctrl, msg, &rsrcid);    if (rv != PR_SUCCESS) {      goto loser;    }    /* Getting this far means success */    msg->type = (SECItemType) (SSM_REPLY_OK_MESSAGE | SSM_PKCS11_ACTION | SSM_CREATE_KEY_PAIR);    msg->data = NULL;    msg->len = 0;    reply.value = rsrcid;    if (CMT_EncodeMessage(SingleNumMessageTemplate, (CMTItem*)msg, &reply) != CMTSuccess) {        goto loser;    }    break;  case SSM_FINISH_KEY_GEN:    SSM_DEBUG("Finish generating all of the key pairs. \n");    rv = SSMKeyGenContext_FinishGeneratingAllKeyPairs(ctrl, msg);    if (rv != PR_SUCCESS) {        goto loser;    }    msg->type = (SECItemType) (SSM_REPLY_OK_MESSAGE | SSM_PKCS11_ACTION | SSM_FINISH_KEY_GEN);    msg->data = NULL;    msg->len  = 0;    break;  case SSM_ADD_NEW_MODULE:      SSM_DEBUG("Adding a new PKCS11 module.\n");      srv = SSMControlConnection_AddNewSecurityModule(ctrl, msg);      msg->type = (SECItemType) (SSM_REPLY_OK_MESSAGE | SSM_PKCS11_ACTION |                   SSM_ADD_NEW_MODULE);      reply.value = srv;      if (CMT_EncodeMessage(SingleNumMessageTemplate, (CMTItem*)msg, &reply) != CMTSuccess) {        goto loser;      }      break;  case SSM_DEL_MODULE:      rv = SSMControlConnection_DeleteSecurityModule(ctrl, msg, &moduleType);      if (rv != PR_SUCCESS) {          goto loser;      }      PR_Free(msg->data);      msg->type = (SECItemType) (SSM_REPLY_OK_MESSAGE | SSM_PKCS11_ACTION |                  SSM_DEL_MODULE);      reply.value = moduleType;      if (CMT_EncodeMessage(SingleNumMessageTemplate, (CMTItem*)msg, &reply) != CMTSuccess) {        goto loser;      }      break;  case SSM_LOGOUT_ALL:      PK11_LogoutAll();      if (msg->data) {          PR_Free(msg->data);      }      msg->data = NULL;      msg->len  = 0;      msg->type = (SECItemType) (SSM_REPLY_OK_MESSAGE | SSM_PKCS11_ACTION |                                 SSM_LOGOUT_ALL);      break;  case SSM_ENABLED_CIPHERS:      reply.value = SSM_GetSSLCapabilities();      msg->type = (SECItemType) (SSM_REPLY_OK_MESSAGE | SSM_PKCS11_ACTION |                                 SSM_ENABLED_CIPHERS);      if (CMT_EncodeMessage(SingleNumMessageTemplate,                             (CMTItem*)msg, &reply) != CMTSuccess) {          goto loser;      }      break;  default:    SSM_DEBUG("Unknown PKCS11 message %lx\n",msg->type);    goto loser;  }  return PR_SUCCESS;  loser:  return PR_FAILURE;}SSMStatusSSMControlConnection_ProcessCRMFRequest(SSMControlConnection * ctrl,                                        SECItem *msg){  SSMResourceID  rsrcid;  char          *challengeResponse;  SSMStatus       rv;  PRInt32        challengeLen;  SSM_DEBUG("Got a CRMF/CMMF request\n");  switch(msg->type & SSM_SUBTYPE_MASK) {  case SSM_CREATE_CRMF_REQ:      {        SingleNumMessage reply;        SSM_DEBUG("Generating a new CRMF request\n");        rv = SSM_CreateNewCRMFRequest(msg, ctrl, &rsrcid);        if (rv != PR_SUCCESS) {            goto loser;        }        msg->type = (SECItemType) (SSM_REPLY_OK_MESSAGE | SSM_CRMF_ACTION | SSM_CREATE_CRMF_REQ);        reply.value = rsrcid;        if (CMT_EncodeMessage(SingleNumMessageTemplate, (CMTItem*)msg, &reply) != CMTSuccess) {            goto loser;        }      }    break;  case SSM_DER_ENCODE_REQ:      {          SSMCRMFThreadArg *arg;          arg = SSM_NEW(SSMCRMFThreadArg);          if (arg == NULL) {              goto loser;          }          arg->ctrl = ctrl;          arg->msg = SECITEM_DupItem(msg);          if (arg->msg == NULL) {              PR_Free(arg);          }          SSM_GetResourceReference(&ctrl->super.super);          if (SSM_CreateAndRegisterThread(PR_USER_THREAD,                              SSM_CRMFEncodeThread,                              (void*)arg,                              PR_PRIORITY_NORMAL,                              PR_LOCAL_THREAD,                              PR_UNJOINABLE_THREAD, 0) == NULL) {              SSM_DEBUG("Couldn't start thread for CRMF encoding");              SECITEM_FreeItem(arg->msg, PR_TRUE);              PR_Free(arg);              SSM_FreeResource(&ctrl->super.super);              goto loser;          }          return SSM_ERR_DEFER_RESPONSE;      }    break;  case SSM_PROCESS_CMMF_RESP:    SSM_DEBUG("Process a CMMF Response.\n");    rv = SSM_ProcessCMMFCertResponse(msg, ctrl);    if (rv != SSM_ERR_DEFER_RESPONSE) {      goto loser;    }    return rv;  case SSM_CHALLENGE:      {        SingleItemMessage reply;        SSM_DEBUG("Doing a Challenge-Response for Proof Of Possession.\n");        rv = SSM_RespondToPOPChallenge(msg, ctrl, &challengeResponse,                                    (unsigned int *) &challengeLen);        if (rv != PR_SUCCESS) {            goto loser;        }           msg->data = NULL;        msg->len  = 0;
processmsg.c - 源码说明

本页面展示了「支持SSL v2/v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509v3证书等安全协议或标准的开发库编译用到NSPR」中的 processmsg.c 源码文件，采用 C语言编程语言编写，共 2,164 行代码。您可以在线阅读完整代码内容，也可以返回资源详情页下载完整源码包进行本地学习和开发。
虫虫下载站收录了大量与PKCS相关的技术资源，包括源代码、技术文档、电路图等，是电子工程师和嵌入式开发者的专业学习平台。
⌨️ 快捷键说明

复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?