kgenctxt.c

来自「支持SSL v2/v3, TLS, PKCS #5, PKCS #7, PKCS」· C语言 代码 · 共 1,252 行 · 第 1/3 页

/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
/*
 * The contents of this file are subject to the Mozilla Public
 * License Version 1.1 (the "License"); you may not use this file
 * except in compliance with the License. You may obtain a copy of
 * the License at http://www.mozilla.org/MPL/
 * 
 * Software distributed under the License is distributed on an "AS
 * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
 * implied. See the License for the specific language governing
 * rights and limitations under the License.
 * 
 * The Original Code is the Netscape security libraries.
 * 
 * The Initial Developer of the Original Code is Netscape
 * Communications Corporation.  Portions created by Netscape are 
 * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
 * Rights Reserved.
 * 
 * Contributor(s):
 * 
 * Alternatively, the contents of this file may be used under the
 * terms of the GNU General Public License Version 2 or later (the
 * "GPL"), in which case the provisions of the GPL are applicable 
 * instead of those above.  If you wish to allow use of your 
 * version of this file only under the terms of the GPL and not to
 * allow others to use your version of this file under the MPL,
 * indicate your decision by deleting the provisions above and
 * replace them with the notice and other provisions required by
 * the GPL.  If you do not delete the provisions above, a recipient
 * may use your version of this file under either the MPL or the
 * GPL.
 */
#include "kgenctxt.h"
#include "ssmerrs.h"
#include "minihttp.h"
#include "textgen.h"
#include "base64.h"
#include "newproto.h"
#include "messages.h"
#include "advisor.h"
#include "oldfunc.h"
#include "secmod.h"

#define SSMRESOURCE(ct) (&(ct)->super)

#define DEFAULT_KEY_GEN_ALLOC 5

void SSMKeyGenContext_ServiceThread(void *arg);

static PRBool
ssmkeygencontext_can_escrow(SSMKeyGenType keyGenType);

#if 1
/*
 * We're cheating for now so that escrowing keys on smart cards 
 * will work.
 */
SECKEYPrivateKey*
pk11_loadPrivKey(PK11SlotInfo *slot,SECKEYPrivateKey *privKey,
                SECKEYPublicKey *pubKey, PRBool token, PRBool sensitive);
#endif

/* Initialize an SSMKeyGenContext object. */
SSMStatus
SSMKeyGenContext_Init(SSMKeyGenContext *ct, 
                      SSMKeyGenContextCreateArg *arg, 
                      SSMResourceType type)
{
    SSMStatus rv;
    SSMControlConnection * parent = arg->parent;

    rv = SSMResource_Init(parent, SSMRESOURCE(ct), type);
    if (rv != PR_SUCCESS) goto loser;

    ct->m_parent = parent;
    ct->m_ctxtype = arg->type;

    if (arg->param) {
        ct->super.m_clientContext.data = arg->param->data;
        ct->super.m_clientContext.len  = arg->param->len;
    }
    /*
     *  Create full keyGenContext for CRMF request and 
     *  keyGenContext-light for old-style keygen.
     *  Differentiate on arg->type.
     */
    switch (arg->type) { 
      case SSM_CRMF_KEYGEN:
        /* Create message queue and key collection. */
        ct->m_incomingQ = SSM_NewCollection();
        if (!ct->m_incomingQ) goto loser;

        ct->m_serviceThread = SSM_CreateThread(SSMRESOURCE(ct),
                                               SSMKeyGenContext_ServiceThread);
        if (!ct->m_serviceThread)
          goto loser;
        break;
      case SSM_OLD_STYLE_KEYGEN:
        /* don't need to do anything */
        ct->m_serviceThread = NULL;
        SSM_DEBUG("Creating a keygen context for old-style keygen.\n");
        break;
      default:
        goto loser;
        break;
    }
      
    /* this is temporary hack, need to send this event in any case -jane */
    rv = SSMControlConnection_SendUIEvent(ct->m_parent,
                                          "get",
                                          "keygen_window",
                                          SSMRESOURCE(ct),
                                          NULL,
                                          &SSMRESOURCE(ct)->m_clientContext,
                                          PR_FALSE);
    /*
     * UI isn't crucial for the keygen to work, don't bail if sending UI
     * didn't work.
     */

    if (arg->type == SSM_CRMF_KEYGEN) {
      rv = SSM_SendQMessage(ct->m_incomingQ, SSM_PRIORITY_SHUTDOWN,
                          SSM_KEYGEN_CXT_MESSAGE_DATA_PROVIDER_OPEN,
                          0, NULL, PR_FALSE);
      if (rv != PR_SUCCESS)
        goto loser;

      ct->m_keyGens = SSM_ZNEW_ARRAY(SSMKeyGenParams*, DEFAULT_KEY_GEN_ALLOC);
      if (ct->m_keyGens == NULL) {
        goto loser;
      }
    }
    ct->m_numKeyGens = 0;
    ct->m_allocKeyGens = DEFAULT_KEY_GEN_ALLOC;
    ct->m_eaCert = NULL;
    ct->m_userCancel = PR_FALSE;
    goto done;
 loser:
    if (rv == PR_SUCCESS) rv = PR_FAILURE;
    ct->m_serviceThread = PR_GetCurrentThread();
 done:
	/* 
		Prevent the control thread from responding if we successfully
		created this object. This is because we want to make sure that
		the Create Resource response is sent before the UI event due
		to total weirdness in the browser. 
	
		See SSMKeyGenContext_ServiceThread below; at the top of that
		routine, the Create Resource request is sent just before the
		UI event.
	
		"Icepicks in my forehead!" 
                (Only needs that for CRMF context)
	*/
	if (rv == PR_SUCCESS && arg->type == SSM_CRMF_KEYGEN) 
          rv = SSM_ERR_DEFER_RESPONSE;
    return rv;
}

SSMStatus
SSMKeyGenContext_Shutdown(SSMResource *res, SSMStatus status)
{
    SSMKeyGenContext *ct = (SSMKeyGenContext *) res;
    SSMStatus rv = PR_SUCCESS, trv;

    SSMKeyGenContext_Invariant(ct);

    SSM_LockResource(res);
    if (res->m_resourceShutdown) {
        rv = SSM_ERR_ALREADY_SHUT_DOWN;
    } else {

        /* If this is the service thread, deregister it. */
        rv = SSMResource_Shutdown(res, status);
        
        if (rv == PR_SUCCESS)
        {
            /* Post shutdown msgs to all applicable queues. */
            
            if (status != PR_SUCCESS && ct->m_incomingQ)
                trv = SSM_SendQMessage(ct->m_incomingQ,
                                       SSM_PRIORITY_SHUTDOWN,
                                       SSM_DATA_PROVIDER_SHUTDOWN,
                                       0, NULL, PR_TRUE);
            
            /* Wake up the keygen thread */
            if (ct->m_serviceThread)
                PR_Interrupt(ct->m_serviceThread);
        }
    }
    SSM_NotifyResource(res);
    res->m_resourceShutdown = PR_TRUE;
    SSM_UnlockResource(res);
    return rv;
}

SSMStatus
SSMKeyGenContext_Destroy(SSMResource *res, PRBool doFree)
{
    SSMKeyGenContext *ct = (SSMKeyGenContext *) res;
    int i;
    
    PR_ASSERT(SSM_IsAKindOf(res, SSM_RESTYPE_KEYGEN_CONTEXT));
    PR_ASSERT(res->m_threadCount == 0);

    SSM_LockResource(res);
    if (ct->slot) 
        PK11_FreeSlot(ct->slot);
    
    ct->slot = NULL; 

    if (ct->m_incomingQ)
        ssm_DrainAndDestroyQueue(&ct->m_incomingQ);

    if (ct->m_eaCert != NULL) {
        CERT_DestroyCertificate(ct->m_eaCert);
    }
    ct->m_eaCert = NULL;
    if (ct->m_keyGens) {
        for (i=0; i<ct->m_numKeyGens; i++) {
            SSM_FreeResource(SSMRESOURCE(ct->m_keyGens[i]->kp));
            PR_Free(ct->m_keyGens[i]);
            ct->m_keyGens[i] = NULL;
        }
        PR_Free(ct->m_keyGens);
        ct->m_keyGens = NULL;
    }
    

    SSM_UnlockResource(res); /* we're done, stand aside for superclass */

    SSMResource_Destroy(res, PR_FALSE); /* destroy superclass fields */
    if (doFree)
        PR_DELETE(res);
    return PR_SUCCESS;
}

/* 
   SSMKeyGenContext_Create creates an SSMKeyGenContext object. 
   The value argument is ignored.
*/
SSMStatus
SSMKeyGenContext_Create(void *arg, SSMControlConnection * connection, 
                        SSMResource **res)
{
    SSMStatus rv = PR_SUCCESS;
    SSMKeyGenContext *ct;
    SSMKeyGenContextCreateArg *carg = (SSMKeyGenContextCreateArg *) arg;
    *res = NULL; /* in case we fail */

    if (!arg)
    {
        rv = PR_INVALID_ARGUMENT_ERROR;
        goto loser;
    }

    ct = (SSMKeyGenContext *) PR_CALLOC(sizeof(SSMKeyGenContext));
    if (!ct) 
    {
        rv = PR_OUT_OF_MEMORY_ERROR;
        goto loser;
    }
    SSMRESOURCE(ct)->m_connection = connection;
    rv = SSMKeyGenContext_Init(ct, carg, SSM_RESTYPE_KEYGEN_CONTEXT);
    if ((rv != PR_SUCCESS) && (rv != SSM_ERR_DEFER_RESPONSE)) goto loser;

    SSMKeyGenContext_Invariant(ct);
    
    *res = &ct->super;
    return rv;

 loser:
    if (rv == PR_SUCCESS) rv = PR_FAILURE;

    if (ct) 
    {
        SSM_ShutdownResource(SSMRESOURCE(ct), rv); /* force destroy */
        SSM_FreeResource(&ct->super);
    }

    return rv;
}

SSMStatus
SSMKeyGenContext_FormSubmitHandler(SSMResource * res, HTTPRequest * req)
{
   SSMStatus rv = SSM_FAILURE;
   char * tmpStr = NULL;
	
  /* make sure you got the right baseRef */
  rv = SSM_HTTPParamValue(req, "baseRef", &tmpStr);
  if (rv != SSM_SUCCESS ||
      PL_strcmp(tmpStr, "windowclose_doclose_js") != 0) {
    goto loser;
  }

  if (!res->m_formName)
    goto loser;
  if (PL_strcmp(res->m_formName, "set_db_password") == 0)
    return rv = SSM_SetDBPasswordHandler(req);
  else 
    goto loser;

loser:
  return SSM_HTTPDefaultCommandHandler(req);
}

SSMStatus 
SSMKeyGenContext_Print(SSMResource   *res,
                       char *fmt,
                       PRIntn numParams,
                       char **value,
                       char **resultStr)
{
    SSMKeyGenContext  *ct              = (SSMKeyGenContext*)res;
    char              *escrowCAName    = NULL;
    SSMTextGenContext *textGenCxt      = NULL;
    SSMStatus          rv = PR_FAILURE;
    char              mechStr[48];

    PR_ASSERT(resultStr != NULL);
    if (resultStr == NULL) {
        return PR_FAILURE;
    }
    if (!SSM_IsAKindOf(res, SSM_RESTYPE_KEYGEN_CONTEXT)) {
        goto loser;
    }

    /* 
     * arghh, this function thinks it's always called for key escrow dialog.
     * not so, it is also called for set password dialog, and maybe called for
     * other things too. 
     * Assume, if no param values are supplied through the arguments, it is
     * indeed key escrow case, otherwise use arguments.
     */
    if (!numParams) {
        if (ct->m_eaCert != NULL) {
            escrowCAName = CERT_GetCommonName(&ct->m_eaCert->subject);
        }
        if(escrowCAName == NULL) {
            if (SSMTextGen_NewTopLevelContext(NULL, &textGenCxt) != 
                SSM_SUCCESS) 
                goto loser;
            
            rv = SSM_FindUTF8StringInBundles(textGenCxt, 
                                             "certificate_authority_text",
                                             &escrowCAName); 
            if (rv != PR_SUCCESS)
                goto loser;
        }
        /* The escrow name should be in a format we can print already. */
        /* We supply one parameter to NLS_MessageFormat, the resource ID. */
        PR_snprintf(mechStr, 48, "%d", 
                    SSMKeyGenContext_GenMechToAlgMech(ct->mech));
        *resultStr = PR_smprintf(fmt, res->m_id, mechStr, escrowCAName);
    } else 
        SSMResource_Print(res, fmt, numParams, value, resultStr);
    
    rv = (*resultStr == NULL) ? PR_FAILURE : PR_SUCCESS;
 loser:
    PR_FREEIF(escrowCAName);
    return rv;
}

SSMStatus SSMKeyGenContext_SetEscrowAuthority(SSMKeyGenContext *ct,
                                             char             *base64Cert)
{
    SECItem   derCert = { siBuffer, NULL, 0 };
    SECStatus rv;

    if (base64Cert    == NULL ||
        ct->m_eaCert != NULL) {
        return PR_FAILURE;
    }
    rv = ATOB_ConvertAsciiToItem(&derCert, base64Cert);
    if (rv != SECSuccess) {
        goto loser;
    }
    ct->m_eaCert = CERT_NewTempCertificate(ct->super.m_connection->m_certdb,
                                           &derCert, NULL, PR_FALSE, PR_TRUE);
    if (ct->m_eaCert == NULL) {
        goto loser;
    }
    return PR_SUCCESS;
 loser:
    if (ct->m_eaCert != NULL) {
        CERT_DestroyCertificate(ct->m_eaCert);
    }
    ct->m_eaCert = NULL;
    return PR_FAILURE;
}

/*
 * This function is very similar to SECMOD_FindSlotByName.
 * The main difference is that we want to look for the slot
 * name and then see if a token exists.  The NSS version looks
 * at the token name if the token is present when doing this.
 */
PK11SlotInfo*
SSM_FindSlotByNameFromModule(SECMODModule *module, char *slotName)
{
    int i;
    PK11SlotInfo *currSlot = NULL;
    char *currSlotName = NULL;
    
    for (i=0; i<module->slotCount; i++) {
        currSlot = module->slots[i];
        if (currSlot == NULL) {
            continue;
        }
        currSlotName = PK11_GetSlotName(currSlot);
        if (currSlotName == NULL) {
            continue;
        }
        if (PL_strcmp(currSlotName, slotName) == 0 &&
            PK11_IsPresent(currSlot)) {
            return currSlot;