summaryrefslogtreecommitdiffstats
path: root/security/nss/cmd/pk11util
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-19 01:47:29 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-19 01:47:29 +0000
commit0ebf5bdf043a27fd3dfb7f92e0cb63d88954c44d (patch)
treea31f07c9bcca9d56ce61e9a1ffd30ef350d513aa /security/nss/cmd/pk11util
parentInitial commit. (diff)
downloadfirefox-esr-0ebf5bdf043a27fd3dfb7f92e0cb63d88954c44d.tar.xz
firefox-esr-0ebf5bdf043a27fd3dfb7f92e0cb63d88954c44d.zip
Adding upstream version 115.8.0esr.upstream/115.8.0esr
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'security/nss/cmd/pk11util')
-rw-r--r--security/nss/cmd/pk11util/Makefile48
-rw-r--r--security/nss/cmd/pk11util/manifest.mn23
-rw-r--r--security/nss/cmd/pk11util/pk11util.c2240
-rw-r--r--security/nss/cmd/pk11util/scripts/dosign162
-rw-r--r--security/nss/cmd/pk11util/scripts/hssign48
-rw-r--r--security/nss/cmd/pk11util/scripts/lcert35
-rw-r--r--security/nss/cmd/pk11util/scripts/mechanisms11
-rw-r--r--security/nss/cmd/pk11util/scripts/pLabel16
-rw-r--r--security/nss/cmd/pk11util/scripts/pMechanisms8
-rw-r--r--security/nss/cmd/pk11util/scripts/pcert30
10 files changed, 2611 insertions, 0 deletions
diff --git a/security/nss/cmd/pk11util/Makefile b/security/nss/cmd/pk11util/Makefile
new file mode 100644
index 0000000000..74ae200208
--- /dev/null
+++ b/security/nss/cmd/pk11util/Makefile
@@ -0,0 +1,48 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY). #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL) #
+#######################################################################
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL). #
+#######################################################################
+
+include ../platlibs.mk
+
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL). #
+#######################################################################
+
+
+include ../platrules.mk
+
diff --git a/security/nss/cmd/pk11util/manifest.mn b/security/nss/cmd/pk11util/manifest.mn
new file mode 100644
index 0000000000..ca818aad4b
--- /dev/null
+++ b/security/nss/cmd/pk11util/manifest.mn
@@ -0,0 +1,23 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+CORE_DEPTH = ../..
+
+DEFINES += -DNSPR20
+
+# MODULE public and private header directories are implicitly REQUIRED.
+MODULE = nss
+
+CSRCS = pk11util.c
+#CSRCS = symkeytest.c
+
+# The MODULE is always implicitly required.
+# Listing it here in REQUIRES makes it appear twice in the cc command line.
+REQUIRES = seccmd
+
+PROGRAM = pk11util
+#PROGRAM = symkeytest
+
+#USE_STATIC_LIBS = 1
diff --git a/security/nss/cmd/pk11util/pk11util.c b/security/nss/cmd/pk11util/pk11util.c
new file mode 100644
index 0000000000..bd1ea2bcda
--- /dev/null
+++ b/security/nss/cmd/pk11util/pk11util.c
@@ -0,0 +1,2240 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <stdio.h>
+#include <string.h>
+
+#if defined(WIN32)
+#undef __STDC__
+#include "fcntl.h"
+#include "io.h"
+#include <fcntl.h>
+#else
+#include <unistd.h>
+#include <fcntl.h>
+#endif
+
+#include "secutil.h"
+
+#include "nspr.h"
+#include "prtypes.h"
+#include "prtime.h"
+#include "prlong.h"
+#include "prinrval.h"
+#include "prenv.h"
+
+#include "pkcs11.h"
+
+#include "pk11table.h"
+
+#ifndef O_BINARY
+#define O_BINARY 0
+#endif
+
+CK_ULONG systemFlags;
+#define FLAG_NEGATE 0x80000000
+#define FLAG_Verify 0x00000001
+#define FLAG_VerifyFile 0x00000002
+#define CKR_QUIT 0x80000000
+
+int ArgSize(ArgType type);
+const char *constLookup(const char *bp, CK_ULONG *value, ConstType *type);
+
+int
+isNum(char c)
+{
+ return (c >= '0' && c <= '9');
+}
+
+int
+isConst(const char *c)
+{
+ CK_ULONG value;
+ ConstType type;
+
+ constLookup(c, &value, &type);
+ return type != ConstNone;
+}
+
+/*
+ * see if the variable is really a 'size' function. This
+ * function may modify var if it is a size function.
+ */
+char *
+isSize(char *var, int *isArray)
+{
+ char *ptr = NULL;
+ char *end;
+ int array = 0;
+
+ if (PL_strncasecmp(var, "sizeof(", /*)*/ 7) == 0) {
+ ptr = var + 7;
+ } else if (PL_strncasecmp(var, "size(", /*)*/ 5) == 0) {
+ ptr = var + 5;
+ } else if (PL_strncasecmp(var, "sizeofarray(", /*)*/ 12) == 0) {
+ ptr = var + 12;
+ array = 1;
+ } else if (PL_strncasecmp(var, "sizea(", /*)*/ 6) == 0) {
+ ptr = var + 6;
+ array = 1;
+ } else {
+ return NULL;
+ }
+ end = strchr(ptr, /*(*/ ')');
+ if (end == NULL) {
+ return NULL;
+ }
+ if (isArray)
+ *isArray = array;
+ *end = 0;
+ return ptr;
+}
+
+void
+printConst(CK_ULONG value, ConstType type, int newLine)
+{
+ int i;
+
+ for (i = 0; i < constCount; i++) {
+ if (consts[i].type == type && consts[i].value == value) {
+ printf("%s", consts[i].name);
+ break;
+ }
+ if (type == ConstNone && consts[i].value == value) {
+ printf("%s", consts[i].name);
+ break;
+ }
+ }
+ if (i == constCount) {
+ if ((type == ConstAvailableSizes) || (type == ConstCurrentSize)) {
+ printf("%lu", value);
+ } else {
+ printf("Unknown %s (%lu:0x%lx)", constTypeString[type], value, value);
+ }
+ }
+ if (newLine) {
+ printf("\n");
+ }
+}
+
+ConstType
+getConstFromAttribute(CK_ATTRIBUTE_TYPE type)
+{
+ int i;
+
+ for (i = 0; i < constCount; i++) {
+ if (consts[i].type == ConstAttribute && consts[i].value == type) {
+ return consts[i].attrType;
+ }
+ }
+ return ConstNone;
+}
+
+void
+printChars(const char *name, CK_ULONG size)
+{
+ CK_ULONG i;
+ for (i = 0; i < size; i++) {
+ if (name[i] == 0) {
+ break;
+ }
+ printf("%c", name[i]);
+ }
+ printf("\n");
+}
+
+#define DUMP_LEN 16
+void
+printDump(const unsigned char *buf, int size)
+{
+ int i, j;
+
+ for (i = 0; i < size; i += DUMP_LEN) {
+ printf(" ");
+ for (j = 0; j < DUMP_LEN; j++) {
+ if (i + j < size) {
+ printf("%02x ", buf[i + j]);
+ } else {
+ printf(" ");
+ }
+ }
+ for (j = 0; j < DUMP_LEN; j++) {
+ if (i + j < size) {
+ if (buf[i + j] < ' ' || buf[i + j] >= 0x7f) {
+ printf(".");
+ } else {
+ printf("%c", buf[i + j]);
+ }
+ } else {
+ printf(" ");
+ }
+ }
+ printf("\n");
+ }
+}
+
+/*
+ * free an argument structure
+ */
+void
+argFreeData(Value *arg)
+{
+ if (arg->data && ((arg->type & ArgStatic) == 0)) {
+ if ((arg->type & ArgMask) == ArgAttribute) {
+ int i;
+ CK_ATTRIBUTE *template = (CK_ATTRIBUTE *)arg->data;
+
+ for (i = 0; i < arg->arraySize; i++) {
+ free(template[i].pValue);
+ }
+ }
+ if ((arg->type & ArgMask) == ArgInitializeArgs) {
+ CK_C_INITIALIZE_ARGS *init = (CK_C_INITIALIZE_ARGS *)arg->data;
+ if (init->LibraryParameters) {
+ free(init->LibraryParameters);
+ }
+ }
+ free(arg->data);
+ }
+ arg->type &= ~ArgStatic;
+ arg->data = NULL;
+}
+
+void
+argFree(Value *arg)
+{
+ if (arg == NULL)
+ return;
+
+ arg->reference--;
+ if (arg->reference == 0) {
+ if (arg->type & ArgFile) {
+ free(arg->filename);
+ }
+ argFreeData(arg);
+ free(arg);
+ }
+}
+
+/*
+ * free and argument list
+ */
+void
+parseFree(Value **ap)
+{
+ int i;
+ for (i = 0; i < MAX_ARGS; i++) {
+ argFree(ap[i]);
+ }
+}
+
+/*
+ * getEnd: how for to the end of this argmument list?
+ */
+int
+getEnd(const char *bp)
+{
+ int count = 0;
+
+ while (*bp) {
+ if (*bp == ' ' || *bp == '\t' || *bp == '\n')
+ return count;
+ count++;
+ bp++;
+ }
+ return (count);
+}
+
+/*
+ * strip: return the first none white space character
+ */
+const char *
+strip(const char *bp)
+{
+ while (*bp && (*bp == ' ' || *bp == '\t' || *bp == '\n'))
+ bp++;
+ return bp;
+}
+
+/*
+ * read in the next argument into dp ... don't overflow
+ */
+const char *
+readChars(const char *bp, char *dp, int max)
+{
+ int count = 1;
+ while (*bp) {
+ if (*bp == ' ' || *bp == '\t' || *bp == '\n') {
+ *dp = 0;
+ return bp;
+ }
+ *dp++ = *bp++;
+ if (++count == max)
+ break;
+ }
+ while (*bp && (*bp != ' ' && *bp != '\t' && *bp != '\n'))
+ bp++;
+ *dp = 0;
+ return (bp);
+}
+
+Value *varLookup(const char *bp, char *vname, int max, int *error);
+
+CK_ULONG
+getValue(const char *v, int *error)
+{
+ Value *varVal = NULL;
+ CK_ULONG retVal = 0;
+ ConstType type;
+ char tvar[512];
+
+ *error = 0;
+
+ varVal = varLookup(v, tvar, sizeof(tvar), error);
+
+ if (varVal) {
+ if ((varVal->type & ArgMask) == ArgULong) {
+ retVal = *(CK_ULONG *)varVal->data;
+ } else {
+ fprintf(stderr, "%s: is not a ulong\n", v);
+ *error = 1;
+ }
+ argFree(varVal);
+ return retVal;
+ }
+ constLookup(v, &retVal, &type);
+ return retVal;
+}
+
+Value *
+NewValue(ArgType type, CK_ULONG arraySize)
+{
+ Value *value;
+
+ value = (Value *)malloc(sizeof(Value));
+ if (!value)
+ return NULL;
+ value->size = ArgSize(type) * arraySize;
+ value->type = type;
+ value->filename = NULL;
+ value->constType = ConstNone;
+ value->data = (void *)malloc(value->size);
+ if (!value->data) {
+ free(value);
+ return NULL;
+ }
+ value->reference = 1;
+ value->arraySize = (type == ArgChar) ? 1 : arraySize;
+
+ memset(value->data, 0, value->size);
+ return value;
+}
+
+#define INVALID_INDEX 0xffffffff
+
+CK_ULONG
+handleArray(char *vname, int *error)
+{
+ char *bracket;
+ CK_ULONG index = INVALID_INDEX;
+
+ if ((bracket = strchr(vname, '[')) != 0) {
+ char *tmpv = bracket + 1;
+ *bracket = 0;
+ bracket = strchr(tmpv, ']');
+
+ if (bracket == 0) {
+ fprintf(stderr, "%s: missing closing brace\n", vname);
+ return INVALID_INDEX;
+ }
+ *bracket = 0;
+
+ index = getValue(tmpv, error);
+ if (*error == 1) {
+ return INVALID_INDEX;
+ } else if (index == INVALID_INDEX) {
+ fprintf(stderr, "%s: 0x%lx is an invalid index\n", vname, index);
+ *error = 1;
+ }
+ }
+ return index;
+}
+
+void *
+makeArrayTarget(const char *vname, const Value *value, CK_ULONG index)
+{
+ char *target;
+ CK_ULONG elementSize;
+
+ if (index >= (CK_ULONG)value->arraySize) {
+ fprintf(stderr, "%s[%lu]: index larger than array size (%d)\n",
+ vname, index, value->arraySize);
+ return NULL;
+ }
+
+ target = (char *)value->data;
+ elementSize = value->size / value->arraySize;
+ target += index * elementSize;
+ return target;
+}
+
+/*
+ * look up a variable from the variable chain
+ */
+static Variable *varHead = NULL;
+Value *
+varLookup(const char *bp, char *vname, int max, int *error)
+{
+ Variable *current;
+ CK_ULONG index = INVALID_INDEX;
+ int isArray = 0;
+ char *ptr;
+ *error = 0;
+
+ if (bp != NULL) {
+ readChars(bp, vname, max);
+ }
+
+ /* don't make numbers into variables */
+ if (isNum(vname[0])) {
+ return NULL;
+ }
+ /* nor consts */
+ if (isConst(vname)) {
+ return NULL;
+ }
+ /* handle sizeof() */
+ if ((ptr = isSize(vname, &isArray)) != NULL) {
+ CK_ULONG size;
+ Value *targetValue = NULL;
+ Value *sourceValue = varLookup(NULL, ptr, 0, error);
+ if (!sourceValue) {
+ if (*error == 0) {
+ /* just didn't find it */
+ *error = 1;
+ fprintf(stderr, "Couldn't find variable %s to take size of\n",
+ ptr);
+ return NULL;
+ }
+ }
+ size = isArray ? sourceValue->arraySize : sourceValue->size;
+ targetValue = NewValue(ArgULong, 1);
+ memcpy(targetValue->data, &size, sizeof(size));
+
+ return targetValue;
+ }
+
+ /* modifies vname */
+ index = handleArray(vname, error);
+ if (*error == 1) {
+ return NULL;
+ }
+
+ for (current = varHead; current; current = current->next) {
+ if (PL_strcasecmp(current->vname, vname) == 0) {
+ char *target;
+ if (index == INVALID_INDEX) {
+ (current->value->reference)++;
+ return current->value;
+ }
+ target = makeArrayTarget(vname, current->value, index);
+ if (target) {
+ Value *element = NewValue(current->value->type, 1);
+ if (!element) {
+ fprintf(stderr, "MEMORY ERROR!\n");
+ *error = 1;
+ }
+ argFreeData(element);
+ element->data = target;
+ element->type |= ArgStatic;
+ return element;
+ }
+ *error = 1;
+ return NULL;
+ }
+ }
+ return NULL;
+}
+
+static CK_RV
+list(void)
+{
+ Variable *current;
+
+ if (varHead) {
+ printf(" %10s\t%16s\t%8s\tSize\tElements\n", "Name", "Type", "Const");
+ } else {
+ printf(" no variables set\n");
+ }
+
+ for (current = varHead; current; current = current->next) {
+ printf(" %10s\t%16s\t%8s\t%d\t%d\n", current->vname,
+ valueString[current->value->type & ArgMask],
+ constTypeString[current->value->constType],
+ current->value->size, current->value->arraySize);
+ }
+ return CKR_OK;
+}
+
+CK_RV
+printFlags(const char *s, CK_ULONG flags, ConstType type)
+{
+ CK_ULONG i;
+ int needComma = 0;
+
+ printf("%s", s);
+ for (i = 1; i; i = i << 1) {
+ if (flags & i) {
+ printf("%s", needComma ? "," : "");
+ printConst(i, type, 0);
+ needComma = 1;
+ }
+ }
+ if (!needComma) {
+ printf("Empty");
+ }
+ printf("\n");
+ return CKR_OK;
+}
+
+/*
+ * add a new variable to the chain
+ */
+const char *
+AddVariable(const char *bp, Value **ptr)
+{
+ char vname[512];
+ Variable *current;
+ int index = INVALID_INDEX;
+ int size;
+ int error = 0;
+
+ bp = readChars(bp, vname, sizeof(vname));
+
+ /* don't make numbers into variables */
+ if (isNum(vname[0])) {
+ return bp;
+ }
+ /* or consts */
+ if (isConst(vname)) {
+ return bp;
+ }
+ /* or NULLs */
+ if (vname[0] == 0) {
+ return bp;
+ }
+ /* or sizeof */
+ if (isSize(vname, NULL)) {
+ return bp;
+ }
+ /* arrays values should be written back to the original */
+ index = handleArray(vname, &error);
+ if (error == 1) {
+ return bp;
+ }
+
+ for (current = varHead; current; current = current->next) {
+ if (PL_strcasecmp(current->vname, vname) == 0) {
+ char *target;
+ /* found a complete object, return the found one */
+ if (index == INVALID_INDEX) {
+ argFree(*ptr);
+ *ptr = current->value;
+ return bp;
+ }
+ /* found an array, update the array element */
+ target = makeArrayTarget(vname, current->value, index);
+ if (target) {
+ memcpy(target, (*ptr)->data, (*ptr)->size);
+ argFreeData(*ptr);
+ (*ptr)->data = target;
+ (*ptr)->type |= ArgStatic;
+ }
+ return bp;
+ }
+ }
+
+ /* we are looking for an array and didn't find one */
+ if (index != INVALID_INDEX) {
+ return bp;
+ }
+
+ current = (Variable *)malloc(sizeof(Variable));
+ size = strlen(vname);
+ current->vname = (char *)malloc(size + 1);
+ strcpy(current->vname, vname);
+ current->value = *ptr;
+ (*ptr)->reference++;
+
+ current->next = varHead;
+ varHead = current;
+ return bp;
+}
+
+ArgType
+FindTypeByName(const char *typeName)
+{
+ int i;
+
+ for (i = 0; i < valueCount; i++) {
+ if (PL_strcasecmp(typeName, valueString[i]) == 0) {
+ return (ArgType)i;
+ }
+ if (valueString[i][0] == 'C' && valueString[i][1] == 'K' &&
+ valueString[i][2] == '_' &&
+ (PL_strcasecmp(typeName, &valueString[i][3]) == 0)) {
+ return (ArgType)i;
+ }
+ }
+ return ArgNone;
+}
+
+CK_RV
+ArrayVariable(const char *bp, const char *typeName, CK_ULONG count)
+{
+ ArgType type;
+ Value *value; /* new Value */
+
+ type = FindTypeByName(typeName);
+ if (type == ArgNone) {
+ fprintf(stderr, "Invalid type (%s)\n", typeName);
+ return CKR_FUNCTION_FAILED;
+ }
+ value = NewValue(type, count);
+ (void)AddVariable(bp, &value);
+ return CKR_OK;
+}
+
+#define MAX_TEMPLATE 25
+
+CK_RV
+ArrayTemplate(const char *bp, char *attributes)
+{
+ char aname[512];
+ CK_ULONG attributeTypes[MAX_TEMPLATE];
+ CK_ATTRIBUTE *template;
+ Value *value; /* new Value */
+ char *ap;
+ int i, count = 0;
+
+ memcpy(aname, attributes, strlen(attributes) + 1);
+
+ for (ap = aname, count = 0; ap && *ap && count < MAX_TEMPLATE; count++) {
+ char *cur = ap;
+ ConstType type;
+
+ ap = strchr(ap, ',');
+ if (ap) {
+ *ap++ = 0;
+ }
+
+ (void)constLookup(cur, &attributeTypes[count], &type);
+ if ((type != ConstAttribute) && (type != ConstNone)) {
+ fprintf(stderr, "Unknown Attribute %s\n", cur);
+ return CKR_FUNCTION_FAILED;
+ }
+ }
+
+ value = NewValue(ArgAttribute, count);
+
+ template = (CK_ATTRIBUTE *)value->data;
+ for (i = 0; i < count; i++) {
+ template[i].type = attributeTypes[i];
+ }
+ (void)AddVariable(bp, &value);
+ return CKR_OK;
+}
+
+CK_RV
+BuildTemplate(Value *vp)
+{
+ CK_ATTRIBUTE *template = (CK_ATTRIBUTE *)vp->data;
+ int i;
+
+ for (i = 0; i < vp->arraySize; i++) {
+ if (((signed long)template[i].ulValueLen) > 0) {
+ if (template[i].pValue)
+ free(template[i].pValue);
+ template[i].pValue = malloc(template[i].ulValueLen);
+ }
+ }
+ return CKR_OK;
+}
+
+CK_RV
+SetTemplate(Value *vp, CK_ULONG index, CK_ULONG value)
+{
+ CK_ATTRIBUTE *template = (CK_ATTRIBUTE *)vp->data;
+ int isbool = 0;
+ CK_ULONG len;
+ ConstType attrType;
+
+ if (index >= (CK_ULONG)vp->arraySize) {
+ fprintf(stderr, "index (%lu) greater than array (%d)\n",
+ index, vp->arraySize);
+ return CKR_ARGUMENTS_BAD;
+ }
+ attrType = getConstFromAttribute(template[index].type);
+
+ if (attrType == ConstNone) {
+ fprintf(stderr, "can't set index (%lu) because ", index);
+ printConst(template[index].type, ConstAttribute, 0);
+ fprintf(stderr, " is not a CK_BBOOL or CK_ULONG\n");
+ return CKR_ARGUMENTS_BAD;
+ }
+ isbool = (attrType == ConstBool);
+ len = isbool ? sizeof(CK_BBOOL) : sizeof(CK_ULONG);
+ if ((template[index].ulValueLen != len) || (template[index].pValue)) {
+ free(template[index].pValue);
+ template[index].pValue = malloc(len);
+ template[index].ulValueLen = len;
+ }
+ if (isbool) {
+ *(CK_BBOOL *)template[index].pValue = (CK_BBOOL)value;
+ } else {
+ *(CK_ULONG *)template[index].pValue = (CK_ULONG)value;
+ }
+ return CKR_OK;
+}
+
+CK_RV
+NewMechanism(const char *bp, CK_ULONG mechType)
+{
+ Value *value; /* new Value */
+ CK_MECHANISM *mechanism;
+
+ value = NewValue(ArgMechanism, 1);
+ mechanism = (CK_MECHANISM *)value->data;
+ mechanism->mechanism = mechType;
+ mechanism->pParameter = NULL;
+ mechanism->ulParameterLen = 0;
+ (void)AddVariable(bp, &value);
+ return CKR_OK;
+}
+
+CK_RV
+NewInitializeArgs(const char *bp, CK_ULONG flags, const char *param)
+{
+ Value *value; /* new Value */
+ CK_C_INITIALIZE_ARGS *init;
+
+ value = NewValue(ArgInitializeArgs, 1);
+ init = (CK_C_INITIALIZE_ARGS *)value->data;
+ init->flags = flags;
+ if (strcmp(param, "null") != 0) {
+ init->LibraryParameters = (CK_CHAR_PTR *)strdup(param);
+ }
+ (void)AddVariable(bp, &value);
+ return CKR_OK;
+}
+
+/*
+ * add a new variable to the chain
+ */
+CK_RV
+DeleteVariable(const char *bp)
+{
+ char vname[512];
+ Variable **current;
+
+ bp = readChars(bp, vname, sizeof(vname));
+
+ for (current = &varHead; *current; current = &(*current)->next) {
+ if (PL_strcasecmp((*current)->vname, vname) == 0) {
+ argFree((*current)->value);
+ *current = (*current)->next;
+ break;
+ }
+ }
+ return CKR_OK;
+}
+
+/*
+ * convert an octal value to integer
+ */
+CK_ULONG
+otoi(const char *o)
+{
+ CK_ULONG value = 0;
+
+ while (*o) {
+ if ((*o >= '0') && (*o <= '7')) {
+ value = (value << 3) | (unsigned)(*o - '0');
+ } else {
+ break;
+ }
+ }
+ return value;
+}
+
+/*
+ * convert a hex value to integer
+ */
+CK_ULONG
+htoi(const char *x)
+{
+ CK_ULONG value = 0;
+
+ while (*x) {
+ if ((*x >= '0') && (*x <= '9')) {
+ value = (value << 4) | (unsigned)(*x - '0');
+ } else if ((*x >= 'a') && (*x <= 'f')) {
+ value = (value << 4) | (unsigned)(*x - 'a');
+ } else if ((*x >= 'A') && (*x <= 'F')) {
+ value = (value << 4) | (unsigned)(*x - 'A');
+ } else {
+ break;
+ }
+ }
+ return value;
+}
+
+/*
+ * look up or decode a constant value
+ */
+const char *
+constLookup(const char *bp, CK_ULONG *value, ConstType *type)
+{
+ char vname[512];
+ int i;
+
+ bp = readChars(bp, vname, sizeof(vname));
+
+ for (i = 0; i < constCount; i++) {
+ if ((PL_strcasecmp(consts[i].name, vname) == 0) ||
+ PL_strcasecmp(consts[i].name + 5, vname) == 0) {
+ *value = consts[i].value;
+ *type = consts[i].type;
+ return bp;
+ }
+ }
+
+ *type = ConstNone;
+ if (vname[0] == '0' && vname[1] == 'X') {
+ *value = htoi(&vname[2]);
+ } else if (vname[0] == '0') {
+ *value = otoi(&vname[1]);
+ } else {
+ *value = atoi(vname);
+ }
+ return bp;
+}
+
+int
+ArgSize(ArgType type)
+{
+ int size = 0;
+ type &= ArgMask;
+
+ switch (type) {
+ case ArgNone:
+ size = 0;
+ break;
+ case ArgULong:
+ size = sizeof(CK_ULONG);
+ break;
+ case ArgVar:
+ size = 1; /* get's changed later */
+ break;
+ case ArgChar:
+ case ArgUTF8:
+ size = 1;
+ break;
+ case ArgInfo:
+ size = sizeof(CK_INFO);
+ break;
+ case ArgSlotInfo:
+ size = sizeof(CK_SLOT_INFO);
+ break;
+ case ArgTokenInfo:
+ size = sizeof(CK_TOKEN_INFO);
+ break;
+ case ArgSessionInfo:
+ size = sizeof(CK_SESSION_INFO);
+ break;
+ case ArgAttribute:
+ size = sizeof(CK_ATTRIBUTE);
+ break;
+ case ArgMechanism:
+ size = sizeof(CK_MECHANISM);
+ break;
+ case ArgMechanismInfo:
+ size = sizeof(CK_MECHANISM_INFO);
+ break;
+ case ArgInitializeArgs:
+ size = sizeof(CK_C_INITIALIZE_ARGS);
+ break;
+ case ArgFunctionList:
+ size = sizeof(CK_FUNCTION_LIST);
+ break;
+ default:
+ break;
+ }
+
+ return (size);
+}
+
+CK_RV
+restore(const char *filename, Value *ptr)
+{
+ int fd, size;
+
+ fd = open(filename, O_RDONLY | O_BINARY);
+ if (fd < 0) {
+ perror(filename);
+ return CKR_FUNCTION_FAILED;
+ }
+
+ size = read(fd, ptr->data, ptr->size);
+ if (systemFlags & FLAG_VerifyFile) {
+ printDump(ptr->data, ptr->size);
+ }
+ if (size < 0) {
+ perror(filename);
+ return CKR_FUNCTION_FAILED;
+ } else if (size != ptr->size) {
+ fprintf(stderr, "%s: only read %d bytes, needed to read %d bytes\n",
+ filename, size, ptr->size);
+ return CKR_FUNCTION_FAILED;
+ }
+ close(fd);
+ return CKR_OK;
+}
+
+CK_RV
+save(const char *filename, Value *ptr)
+{
+ int fd, size;
+
+ fd = open(filename, O_WRONLY | O_BINARY | O_CREAT, 0666);
+ if (fd < 0) {
+ perror(filename);
+ return CKR_FUNCTION_FAILED;
+ }
+
+ size = write(fd, ptr->data, ptr->size);
+ if (size < 0) {
+ perror(filename);
+ return CKR_FUNCTION_FAILED;
+ } else if (size != ptr->size) {
+ fprintf(stderr, "%s: only wrote %d bytes, need to write %d bytes\n",
+ filename, size, ptr->size);
+ return CKR_FUNCTION_FAILED;
+ }
+ close(fd);
+ return CKR_OK;
+}
+
+static CK_RV
+increment(Value *ptr, CK_ULONG value)
+{
+ if ((ptr->type & ArgMask) != ArgULong) {
+ return CKR_ARGUMENTS_BAD;
+ }
+ *(CK_ULONG *)ptr->data += value;
+ return CKR_OK;
+}
+
+static CK_RV
+decrement(Value *ptr, CK_ULONG value)
+{
+ if ((ptr->type & ArgMask) != ArgULong) {
+ return CKR_ARGUMENTS_BAD;
+ }
+ *(CK_ULONG *)ptr->data -= value;
+ return CKR_OK;
+}
+
+CK_RV
+printArg(Value *ptr, int arg_number)
+{
+ ArgType type = ptr->type & ArgMask;
+ CK_INFO *info;
+ CK_SLOT_INFO *slotInfo;
+ CK_TOKEN_INFO *tokenInfo;
+ CK_SESSION_INFO *sessionInfo;
+ CK_ATTRIBUTE *attribute;
+ CK_MECHANISM *mechanism;
+ CK_MECHANISM_INFO *mechanismInfo;
+ CK_C_INITIALIZE_ARGS *initArgs;
+ CK_FUNCTION_LIST *functionList;
+ CK_RV ckrv = CKR_OK;
+ ConstType constType;
+
+ if (arg_number) {
+ printf("Arg %d: \n", arg_number);
+ }
+ if (ptr->arraySize > 1) {
+ Value element;
+ int i;
+ int elementSize = ptr->size / ptr->arraySize;
+ char *dp = (char *)ptr->data;
+
+ /* build a temporary Value to hold a single element */
+ element.type = type;
+ element.constType = ptr->constType;
+ element.size = elementSize;
+ element.filename = ptr->filename;
+ element.reference = 1;
+ element.arraySize = 1;
+ for (i = 0; i < ptr->arraySize; i++) {
+ printf(" -----[ %d ] -----\n", i);
+ element.data = (void *)&dp[i * elementSize];
+ (void)printArg(&element, 0);
+ }
+ return ckrv;
+ }
+ if (ptr->data == NULL) {
+ printf(" NULL ptr to a %s\n", valueString[type]);
+ return ckrv;
+ }
+ switch (type) {
+ case ArgNone:
+ printf(" None\n");
+ break;
+ case ArgULong:
+ printf(" %lu (0x%lx)\n", *((CK_ULONG *)ptr->data),
+ *((CK_ULONG *)ptr->data));
+ if (ptr->constType != ConstNone) {
+ printf(" ");
+ printConst(*(CK_ULONG *)ptr->data, ptr->constType, 1);
+ }
+ break;
+ case ArgVar:
+ printf(" %s\n", (char *)ptr->data);
+ break;
+ case ArgUTF8:
+ printf(" %s\n", (char *)ptr->data);
+ break;
+ case ArgChar:
+ printDump(ptr->data, ptr->size);
+ break;
+ case ArgInfo:
+#define VERSION(x) (x).major, (x).minor
+ info = (CK_INFO *)ptr->data;
+ printf(" Cryptoki Version: %d.%02d\n",
+ VERSION(info->cryptokiVersion));
+ printf(" Manufacturer ID: ");
+ printChars((char *)info->manufacturerID,
+ sizeof(info->manufacturerID));
+ printFlags(" Flags: ", info->flags, ConstInfoFlags);
+ printf(" Library Description: ");
+ printChars((char *)info->libraryDescription,
+ sizeof(info->libraryDescription));
+ printf(" Library Version: %d.%02d\n",
+ VERSION(info->libraryVersion));
+ break;
+ case ArgSlotInfo:
+ slotInfo = (CK_SLOT_INFO *)ptr->data;
+ printf(" Slot Description: ");
+ printChars((char *)slotInfo->slotDescription,
+ sizeof(slotInfo->slotDescription));
+ printf(" Manufacturer ID: ");
+ printChars((char *)slotInfo->manufacturerID,
+ sizeof(slotInfo->manufacturerID));
+ printFlags(" Flags: ", slotInfo->flags, ConstSlotFlags);
+ printf(" Hardware Version: %d.%02d\n",
+ VERSION(slotInfo->hardwareVersion));
+ printf(" Firmware Version: %d.%02d\n",
+ VERSION(slotInfo->firmwareVersion));
+ break;
+ case ArgTokenInfo:
+ tokenInfo = (CK_TOKEN_INFO *)ptr->data;
+ printf(" Label: ");
+ printChars((char *)tokenInfo->label, sizeof(tokenInfo->label));
+ printf(" Manufacturer ID: ");
+ printChars((char *)tokenInfo->manufacturerID,
+ sizeof(tokenInfo->manufacturerID));
+ printf(" Model: ");
+ printChars((char *)tokenInfo->model, sizeof(tokenInfo->model));
+ printf(" Serial Number: ");
+ printChars((char *)tokenInfo->serialNumber,
+ sizeof(tokenInfo->serialNumber));
+ printFlags(" Flags: ", tokenInfo->flags, ConstTokenFlags);
+ printf(" Max Session Count: ");
+ printConst(tokenInfo->ulMaxSessionCount, ConstAvailableSizes, 1);
+ printf(" Session Count: ");
+ printConst(tokenInfo->ulSessionCount, ConstCurrentSize, 1);
+ printf(" RW Session Count: ");
+ printConst(tokenInfo->ulMaxRwSessionCount, ConstAvailableSizes, 1);
+ printf(" Max Pin Length : ");
+ printConst(tokenInfo->ulMaxPinLen, ConstCurrentSize, 1);
+ printf(" Min Pin Length : ");
+ printConst(tokenInfo->ulMinPinLen, ConstCurrentSize, 1);
+ printf(" Total Public Memory: ");
+ printConst(tokenInfo->ulTotalPublicMemory, ConstAvailableSizes, 1);
+ printf(" Free Public Memory: ");
+ printConst(tokenInfo->ulFreePublicMemory, ConstCurrentSize, 1);
+ printf(" Total Private Memory: ");
+ printConst(tokenInfo->ulTotalPrivateMemory, ConstAvailableSizes, 1);
+ printf(" Free Private Memory: ");
+ printConst(tokenInfo->ulFreePrivateMemory, ConstCurrentSize, 1);
+ printf(" Hardware Version: %d.%02d\n",
+ VERSION(tokenInfo->hardwareVersion));
+ printf(" Firmware Version: %d.%02d\n",
+ VERSION(tokenInfo->firmwareVersion));
+ printf(" UTC Time: ");
+ printChars((char *)tokenInfo->utcTime, sizeof(tokenInfo->utcTime));
+ break;
+ case ArgSessionInfo:
+ sessionInfo = (CK_SESSION_INFO *)ptr->data;
+ printf(" SlotID: 0x%08lx\n", sessionInfo->slotID);
+ printf(" State: ");
+ printConst(sessionInfo->state, ConstSessionState, 1);
+ printFlags(" Flags: ", sessionInfo->flags, ConstSessionFlags);
+ printf(" Device error: %lu 0x%08lx\n", sessionInfo->ulDeviceError,
+ sessionInfo->ulDeviceError);
+ break;
+ case ArgAttribute:
+ attribute = (CK_ATTRIBUTE *)ptr->data;
+ printf(" Attribute Type: ");
+ printConst(attribute->type, ConstAttribute, 1);
+ printf(" Attribute Data: ");
+ if (attribute->pValue == NULL) {
+ printf("NULL\n");
+ printf("Attribute Len: %lu\n", attribute->ulValueLen);
+ } else {
+ constType = getConstFromAttribute(attribute->type);
+ if (constType != ConstNone) {
+ CK_ULONG value = (constType == ConstBool) ? *(CK_BBOOL *)attribute->pValue
+ : *(CK_ULONG *)attribute->pValue;
+ printConst(value, constType, 1);
+ } else {
+ printf("\n");
+ printDump(attribute->pValue, attribute->ulValueLen);
+ }
+ }
+ break;
+ case ArgMechanism:
+ mechanism = (CK_MECHANISM *)ptr->data;
+ printf(" Mechanism Type: ");
+ printConst(mechanism->mechanism, ConstMechanism, 1);
+ printf(" Mechanism Data:\n");
+ printDump(mechanism->pParameter, mechanism->ulParameterLen);
+ break;
+ case ArgMechanismInfo:
+ mechanismInfo = (CK_MECHANISM_INFO *)ptr->data;
+ printf(" Minimum Key Size: %ld\n", mechanismInfo->ulMinKeySize);
+ printf(" Maximum Key Size: %ld\n", mechanismInfo->ulMaxKeySize);
+ printFlags(" Flags: ", mechanismInfo->flags, ConstMechanismFlags);
+ break;
+ case ArgInitializeArgs:
+ initArgs = (CK_C_INITIALIZE_ARGS *)ptr->data;
+ printFlags(" Flags: ", initArgs->flags, ConstInitializeFlags);
+ if (initArgs->LibraryParameters) {
+ printf("Params: %s\n", (char *)initArgs->LibraryParameters);
+ }
+ case ArgFunctionList:
+ functionList = (CK_FUNCTION_LIST *)ptr->data;
+ printf(" Version: %d.%02d\n", VERSION(functionList->version));
+#ifdef notdef
+#undef CK_NEED_ARG_LIST
+#define CK_PKCS11_FUNCTION_INFO(func) \
+ printf(" %s: 0x%08lx\n", #func, (unsigned long)functionList->func);
+#include "pkcs11f.h"
+#undef CK_NEED_ARG_LIST
+#undef CK_PKCS11_FUNCTION_INFO
+#endif
+ default:
+ ckrv = CKR_ARGUMENTS_BAD;
+ break;
+ }
+
+ return ckrv;
+}
+
+/*
+ * Feeling ambitious? turn this whole thing into lexx yacc parser
+ * with full expressions.
+ */
+Value **
+parseArgs(int index, const char *bp)
+{
+ const Commands *cp = &commands[index];
+ int size = strlen(cp->fname);
+ int i;
+ CK_ULONG value;
+ char vname[512];
+ Value **argList, *possible;
+ ConstType constType;
+
+ /*
+ * skip pass the command
+ */
+ if ((cp->fname[0] == 'C') && (cp->fname[1] == '_') && (bp[1] != '_')) {
+ size -= 2;
+ }
+ bp += size;
+
+ /*
+ * Initialize our argument list
+ */
+ argList = (Value **)malloc(sizeof(Value *) * MAX_ARGS);
+ for (i = 0; i < MAX_ARGS; i++) {
+ argList[i] = NULL;
+ }
+
+ /*
+ * Walk the argument list parsing it...
+ */
+ for (i = 0; i < MAX_ARGS; i++) {
+ ArgType type = cp->args[i] & ArgMask;
+ int error;
+
+ /* strip blanks */
+ bp = strip(bp);
+
+ /* if we hit ArgNone, we've nabbed all the arguments we need */
+ if (type == ArgNone) {
+ break;
+ }
+
+ /* if we run out of space in the line, we weren't given enough
+ * arguments... */
+ if (*bp == '\0') {
+ /* we're into optional arguments, ok to quit now */
+ if (cp->args[i] & ArgOpt) {
+ break;
+ }
+ fprintf(stderr, "%s: only %d args found,\n", cp->fname, i);
+ parseFree(argList);
+ return NULL;
+ }
+
+ /* collect all the rest of the command line and send
+ * it as a single argument */
+ if (cp->args[i] & ArgFull) {
+ int size = strlen(bp) + 1;
+ argList[i] = NewValue(type, size);
+ memcpy(argList[i]->data, bp, size);
+ break;
+ }
+
+ /*
+ * look up the argument in our variable list first... only
+ * exception is the new argument type for set...
+ */
+ error = 0;
+ if ((cp->args[i] != (ArgVar | ArgNew)) &&
+ (possible = varLookup(bp, vname, sizeof(vname), &error))) {
+ /* ints are only compatible with other ints... all other types
+ * are interchangeable... */
+ if (type != ArgVar) { /* ArgVar's match anyone */
+ if ((type == ArgULong) ^
+ ((possible->type & ArgMask) == ArgULong)) {
+ fprintf(stderr, "%s: Arg %d incompatible type with <%s>\n",
+ cp->fname, i + 1, vname);
+ argFree(possible);
+ parseFree(argList);
+ return NULL;
+ }
+ /*
+ * ... that is as long as they are big enough...
+ */
+ if (ArgSize(type) > possible->size) {
+ fprintf(stderr,
+ "%s: Arg %d %s is too small (%d bytes needs to be %d bytes)\n",
+ cp->fname, i + 1, vname, possible->size, ArgSize(type));
+ argFree(possible);
+ parseFree(argList);
+ return NULL;
+ }
+ }
+
+ /* everything looks kosher here, use it */
+ argList[i] = possible;
+
+ bp = readChars(bp, vname, sizeof(vname));
+ if (cp->args[i] & ArgOut) {
+ possible->type |= ArgOut;
+ }
+ continue;
+ }
+
+ if (error == 1) {
+ parseFree(argList);
+ return NULL;
+ }
+
+ /* create space for our argument */
+ argList[i] = NewValue(type, 1);
+
+ if ((PL_strncasecmp(bp, "null", 4) == 0) && ((bp[4] == 0) ||
+ (bp[4] ==
+ ' ') ||
+ (bp[4] ==
+ '\t') ||
+ (bp[4] == '\n'))) {
+ if (cp->args[i] == ArgULong) {
+ fprintf(stderr, "%s: Arg %d CK_ULONG can't be NULL\n",
+ cp->fname, i + 1);
+ parseFree(argList);
+ return NULL;
+ }
+ argFreeData(argList[i]);
+ argList[i]->data = NULL;
+ argList[i]->size = 0;
+ bp += 4;
+ if (*bp)
+ bp++;
+ continue;
+ }
+
+ /* if we're an output variable, we need to add it */
+ if (cp->args[i] & ArgOut) {
+ if (PL_strncasecmp(bp, "file(", 5) == 0 /* ) */) {
+ char filename[512];
+ bp = readChars(bp + 5, filename, sizeof(filename));
+ size = PL_strlen(filename);
+ if ((size > 0) && (/* ( */ filename[size - 1] == ')')) {
+ filename[size - 1] = 0;
+ }
+ filename[size] = 0;
+ argList[i]->filename = (char *)malloc(size + 1);
+
+ PL_strcpy(argList[i]->filename, filename);
+
+ argList[i]->type |= ArgOut | ArgFile;
+ break;
+ }
+ bp = AddVariable(bp, &argList[i]);
+ argList[i]->type |= ArgOut;
+ continue;
+ }
+
+ if (PL_strncasecmp(bp, "file(", 5) == 0 /* ) */) {
+ char filename[512];
+
+ bp = readChars(bp + 5, filename, sizeof(filename));
+ size = PL_strlen(filename);
+ if ((size > 0) && (/* ( */ filename[size - 1] == ')')) {
+ filename[size - 1] = 0;
+ }
+
+ if (restore(filename, argList[i]) != CKR_OK) {
+ parseFree(argList);
+ return NULL;
+ }
+ continue;
+ }
+
+ switch (type) {
+ case ArgULong:
+ bp = constLookup(bp, &value, &constType);
+ *(int *)argList[i]->data = value;
+ argList[i]->constType = constType;
+ break;
+ case ArgVar:
+ argFreeData(argList[i]);
+ size = getEnd(bp) + 1;
+ argList[i]->data = (void *)malloc(size);
+ argList[i]->size = size;
+ /* fall through */
+ case ArgInfo:
+ case ArgSlotInfo:
+ case ArgTokenInfo:
+ case ArgSessionInfo:
+ case ArgAttribute:
+ case ArgMechanism:
+ case ArgMechanismInfo:
+ case ArgInitializeArgs:
+ case ArgUTF8:
+ case ArgChar:
+ bp = readChars(bp, (char *)argList[i]->data, argList[i]->size);
+ case ArgNone:
+ default:
+ break;
+ }
+ }
+
+ return argList;
+}
+
+/* lookup the command in the array */
+int
+lookup(const char *buf)
+{
+ int size, i;
+ int buflen;
+
+ buflen = PL_strlen(buf);
+
+ for (i = 0; i < commandCount; i++) {
+ size = PL_strlen(commands[i].fname);
+
+ if (size <= buflen) {
+ if (PL_strncasecmp(buf, commands[i].fname, size) == 0) {
+ return i;
+ }
+ }
+ if (size - 2 <= buflen) {
+ if (commands[i].fname[0] == 'C' && commands[i].fname[1] == '_' &&
+ (PL_strncasecmp(buf, &commands[i].fname[2], size - 2) == 0)) {
+ return i;
+ }
+ }
+ }
+ fprintf(stderr, "Can't find command %s\n", buf);
+ return -1;
+}
+
+void
+putOutput(Value **ptr)
+{
+ int i;
+
+ for (i = 0; i < MAX_ARGS; i++) {
+ ArgType type;
+
+ if (ptr[i] == NULL)
+ break;
+
+ type = ptr[i]->type;
+
+ ptr[i]->type &= ~ArgOut;
+ if (type == ArgNone) {
+ break;
+ }
+ if (type & ArgOut) {
+ (void)printArg(ptr[i], i + 1);
+ }
+ if (type & ArgFile) {
+ save(ptr[i]->filename, ptr[i]);
+ free(ptr[i]->filename);
+ ptr[i]->filename = NULL; /* paranoia */
+ }
+ }
+}
+
+CK_RV
+unloadModule(Module *module)
+{
+ char *disableUnload = NULL;
+
+ disableUnload = PR_GetEnvSecure("NSS_DISABLE_UNLOAD");
+
+ if (module->library && !disableUnload) {
+ PR_UnloadLibrary(module->library);
+ }
+
+ module->library = NULL;
+ module->functionList = NULL;
+
+ return CKR_OK;
+}
+
+CK_RV
+loadModule(Module *module, char *library)
+{
+ PRLibrary *newLibrary;
+ CK_C_GetFunctionList getFunctionList;
+ CK_FUNCTION_LIST *functionList;
+ CK_RV ckrv;
+
+ newLibrary = PR_LoadLibrary(library);
+ if (!newLibrary) {
+ fprintf(stderr, "Couldn't load library %s\n", library);
+ return CKR_FUNCTION_FAILED;
+ }
+ getFunctionList = (CK_C_GetFunctionList)
+ PR_FindSymbol(newLibrary, "C_GetFunctionList");
+ if (!getFunctionList) {
+ fprintf(stderr, "Couldn't find \"C_GetFunctionList\" in %s\n", library);
+ return CKR_FUNCTION_FAILED;
+ }
+
+ ckrv = (*getFunctionList)(&functionList);
+ if (ckrv != CKR_OK) {
+ return ckrv;
+ }
+
+ if (module->library) {
+ PR_UnloadLibrary(module->library);
+ }
+
+ module->library = newLibrary;
+ module->functionList = functionList;
+
+ return CKR_OK;
+}
+
+static void
+printHelp(int index, int full)
+{
+ int j;
+ printf(" %s", commands[index].fname);
+ for (j = 0; j < MAX_ARGS; j++) {
+ ArgType type = commands[index].args[j] & ArgMask;
+ if (type == ArgNone) {
+ break;
+ }
+ printf(" %s", valueString[type]);
+ }
+ printf("\n");
+ printf(" %s\n", commands[index].helpString);
+}
+
+/* add Topical help here ! */
+static CK_RV
+printTopicHelp(char *topic)
+{
+ int size, i;
+ int topicLen;
+
+ topicLen = PL_strlen(topic);
+
+ for (i = 0; i < topicCount; i++) {
+ size = PL_strlen(topics[i].name);
+
+ if (size <= topicLen) {
+ if (PL_strncasecmp(topic, topics[i].name, size) == 0) {
+ break;
+ }
+ }
+ }
+
+ if (i == topicCount) {
+ fprintf(stderr, "Can't find topic '%s'\n", topic);
+ return CKR_DATA_INVALID;
+ }
+
+ printf(" %s", topic);
+ printf("\n");
+ printf(" %s\n", topics[i].helpString);
+ return CKR_OK;
+}
+
+static CK_RV
+printGeneralHelp(void)
+{
+ int i;
+ printf(" To get help on commands, select from the list below:");
+ for (i = 0; i < commandCount; i++) {
+ if (i % 5 == 0)
+ printf("\n");
+ printf("%s,", commands[i].fname);
+ }
+ printf("\n");
+ /* print help topics */
+ printf(" To get help on a topic, select from the list below:");
+ for (i = 0; i < topicCount; i++) {
+ if (i % 5 == 0)
+ printf("\n");
+ printf("%s,", topics[i].name);
+ }
+ printf("\n");
+ return CKR_OK;
+}
+
+static CK_RV
+quitIf(CK_ULONG a, const char *cmp, CK_ULONG b)
+{
+ if (strcmp(cmp, "<") == 0) {
+ return (a < b) ? CKR_QUIT : CKR_OK;
+ } else if (strcmp(cmp, ">") == 0) {
+ return (a > b) ? CKR_QUIT : CKR_OK;
+ } else if (strcmp(cmp, "<=") == 0) {
+ return (a <= b) ? CKR_QUIT : CKR_OK;
+ } else if (strcmp(cmp, ">=") == 0) {
+ return (a >= b) ? CKR_QUIT : CKR_OK;
+ } else if (strcmp(cmp, "=") == 0) {
+ return (a == b) ? CKR_QUIT : CKR_OK;
+ } else if (strcmp(cmp, "!=") == 0) {
+ return (a != b) ? CKR_QUIT : CKR_OK;
+ }
+ printf("Unkown integer comparator: '%s'\n", cmp);
+ return CKR_ARGUMENTS_BAD;
+}
+
+static CK_RV
+quitIfString(const char *a, const char *cmp, const char *b)
+{
+
+ if (strcmp(cmp, "=") == 0) {
+ return (strcmp(a, b) == 0) ? CKR_QUIT : CKR_OK;
+ } else if (strcmp(cmp, "!=") == 0) {
+ return (strcmp(a, b) != 0) ? CKR_QUIT : CKR_OK;
+ }
+ printf("Unkown string comparator: '%s'\n", cmp);
+ return CKR_ARGUMENTS_BAD;
+}
+
+CK_RV run(const char *);
+CK_RV timeCommand(const char *);
+CK_RV loop(const char *filename, const char *var,
+ CK_ULONG start, CK_ULONG end, CK_ULONG step);
+
+/*
+ * Actually dispatch the function... Bad things happen
+ * if these don't match the commands array.
+ */
+CK_RV
+do_func(int index, Value **a)
+{
+ int value, helpIndex;
+ static Module module = { NULL, NULL };
+ CK_FUNCTION_LIST *func = module.functionList;
+
+ switch (commands[index].fType) {
+ case F_C_Initialize:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_Initialize((void *)a[0]->data);
+ case F_C_Finalize:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_Finalize((void *)a[0]->data);
+ case F_C_GetInfo:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_GetInfo((CK_INFO *)a[0]->data);
+ case F_C_GetFunctionList:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_GetFunctionList((CK_FUNCTION_LIST **)a[0]->data);
+ case F_C_GetSlotList:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_GetSlotList((CK_BBOOL) * (CK_ULONG *)a[0]->data,
+ (CK_SLOT_ID *)a[1]->data,
+ (CK_ULONG *)a[2]->data);
+ case F_C_GetSlotInfo:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_GetSlotInfo(*(CK_ULONG *)a[0]->data,
+ (CK_SLOT_INFO *)a[1]->data);
+ case F_C_GetTokenInfo:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_GetTokenInfo(*(CK_ULONG *)a[0]->data,
+ (CK_TOKEN_INFO *)a[1]->data);
+ case F_C_GetMechanismList:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ if (a[1]->data) {
+ a[1]->constType = ConstMechanism;
+ }
+ return func->C_GetMechanismList(*(CK_ULONG *)a[0]->data,
+ (CK_MECHANISM_TYPE *)a[1]->data,
+ (CK_ULONG *)a[2]->data);
+ case F_C_GetMechanismInfo:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_GetMechanismInfo(*(CK_ULONG *)a[0]->data,
+ *(CK_ULONG *)a[1]->data,
+ (CK_MECHANISM_INFO *)a[2]->data);
+ case F_C_InitToken:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_InitToken(*(CK_ULONG *)a[0]->data,
+ (CK_CHAR *)a[1]->data,
+ *(CK_ULONG *)a[2]->data,
+ (CK_CHAR *)a[3]->data);
+ case F_C_InitPIN:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_InitPIN(*(CK_ULONG *)a[0]->data,
+ (CK_CHAR *)a[1]->data,
+ *(CK_ULONG *)a[2]->data);
+ case F_C_SetPIN:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_SetPIN(*(CK_ULONG *)a[0]->data,
+ (CK_CHAR *)a[1]->data,
+ *(CK_ULONG *)a[2]->data,
+ (CK_CHAR *)a[3]->data,
+ *(CK_ULONG *)a[4]->data);
+ case F_C_OpenSession:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_OpenSession(*(CK_ULONG *)a[0]->data,
+ *(CK_ULONG *)a[1]->data,
+ (void *)NULL,
+ (CK_NOTIFY)NULL,
+ (CK_ULONG *)a[2]->data);
+ case F_C_CloseSession:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_CloseSession(*(CK_ULONG *)a[0]->data);
+ case F_C_CloseAllSessions:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_CloseAllSessions(*(CK_ULONG *)a[0]->data);
+ case F_C_GetSessionInfo:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_GetSessionInfo(*(CK_ULONG *)a[0]->data,
+ (CK_SESSION_INFO *)a[1]->data);
+ case F_C_GetOperationState:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_GetOperationState(*(CK_ULONG *)a[0]->data,
+ (CK_BYTE *)a[1]->data,
+ (CK_ULONG *)a[2]->data);
+ case F_C_SetOperationState:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_SetOperationState(*(CK_ULONG *)a[0]->data,
+ (CK_CHAR *)a[1]->data,
+ *(CK_ULONG *)a[2]->data,
+ *(CK_ULONG *)a[3]->data,
+ *(CK_ULONG *)a[4]->data);
+ case F_C_Login:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_Login(*(CK_ULONG *)a[0]->data,
+ *(CK_ULONG *)a[1]->data,
+ (CK_CHAR *)a[2]->data,
+ *(CK_ULONG *)a[3]->data);
+ case F_C_Logout:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_Logout(*(CK_ULONG *)a[0]->data);
+ case F_C_CreateObject:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_CreateObject(*(CK_ULONG *)a[0]->data,
+ (CK_ATTRIBUTE *)a[1]->data,
+ *(CK_ULONG *)a[2]->data,
+ (CK_ULONG *)a[3]->data);
+ case F_C_CopyObject:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_CopyObject(*(CK_ULONG *)a[0]->data,
+ *(CK_ULONG *)a[0]->data,
+ (CK_ATTRIBUTE *)a[1]->data,
+ *(CK_ULONG *)a[2]->data,
+ (CK_ULONG *)a[3]->data);
+ case F_C_DestroyObject:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_DestroyObject(*(CK_ULONG *)a[0]->data,
+ *(CK_ULONG *)a[1]->data);
+ case F_C_GetObjectSize:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_GetObjectSize(*(CK_ULONG *)a[0]->data,
+ *(CK_ULONG *)a[1]->data,
+ (CK_ULONG *)a[2]->data);
+ case F_C_GetAttributeValue:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_GetAttributeValue(*(CK_ULONG *)a[0]->data,
+ *(CK_ULONG *)a[1]->data,
+ (CK_ATTRIBUTE *)a[2]->data,
+ *(CK_ULONG *)a[3]->data);
+ case F_C_SetAttributeValue:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_SetAttributeValue(*(CK_ULONG *)a[0]->data,
+ *(CK_ULONG *)a[1]->data,
+ (CK_ATTRIBUTE *)a[2]->data,
+ *(CK_ULONG *)a[3]->data);
+ case F_C_FindObjectsInit:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_FindObjectsInit(*(CK_ULONG *)a[0]->data,
+ (CK_ATTRIBUTE *)a[1]->data,
+ *(CK_ULONG *)a[2]->data);
+ case F_C_FindObjects:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_FindObjects(*(CK_ULONG *)a[0]->data,
+ (CK_ULONG *)a[1]->data,
+ *(CK_ULONG *)a[2]->data,
+ (CK_ULONG *)a[3]->data);
+ case F_C_FindObjectsFinal:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_FindObjectsFinal(*(CK_ULONG *)a[0]->data);
+ case F_C_EncryptInit:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_EncryptInit(*(CK_ULONG *)a[0]->data,
+ (CK_MECHANISM *)a[1]->data,
+ *(CK_ULONG *)a[2]->data);
+ case F_C_Encrypt:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_Encrypt(*(CK_ULONG *)a[0]->data,
+ (CK_CHAR *)a[1]->data,
+ *(CK_ULONG *)a[2]->data,
+ (CK_CHAR *)a[3]->data,
+ (CK_ULONG *)a[4]->data);
+ case F_C_EncryptUpdate:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_EncryptUpdate(*(CK_ULONG *)a[0]->data,
+ (CK_CHAR *)a[1]->data,
+ *(CK_ULONG *)a[2]->data,
+ (CK_CHAR *)a[3]->data,
+ (CK_ULONG *)a[4]->data);
+ case F_C_EncryptFinal:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_EncryptFinal(*(CK_ULONG *)a[0]->data,
+ (CK_CHAR *)a[1]->data,
+ (CK_ULONG *)a[2]->data);
+ case F_C_DecryptInit:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_DecryptInit(*(CK_ULONG *)a[0]->data,
+ (CK_MECHANISM *)a[1]->data,
+ *(CK_ULONG *)a[2]->data);
+ case F_C_Decrypt:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_Decrypt(*(CK_ULONG *)a[0]->data,
+ (CK_CHAR *)a[1]->data,
+ *(CK_ULONG *)a[2]->data,
+ (CK_CHAR *)a[3]->data,
+ (CK_ULONG *)a[4]->data);
+ case F_C_DecryptUpdate:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_DecryptUpdate(*(CK_ULONG *)a[0]->data,
+ (CK_CHAR *)a[1]->data,
+ *(CK_ULONG *)a[2]->data,
+ (CK_CHAR *)a[3]->data,
+ (CK_ULONG *)a[4]->data);
+ case F_C_DecryptFinal:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_DecryptFinal(*(CK_ULONG *)a[0]->data,
+ (CK_CHAR *)a[1]->data,
+ (CK_ULONG *)a[2]->data);
+ case F_C_DigestInit:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_DigestInit(*(CK_ULONG *)a[0]->data,
+ (CK_MECHANISM *)a[1]->data);
+ case F_C_Digest:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_Digest(*(CK_ULONG *)a[0]->data,
+ (CK_CHAR *)a[1]->data,
+ *(CK_ULONG *)a[2]->data,
+ (CK_CHAR *)a[3]->data,
+ (CK_ULONG *)a[4]->data);
+ case F_C_DigestUpdate:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_DigestUpdate(*(CK_ULONG *)a[0]->data,
+ (CK_CHAR *)a[1]->data,
+ *(CK_ULONG *)a[2]->data);
+ case F_C_DigestKey:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_DigestKey(*(CK_ULONG *)a[0]->data,
+ *(CK_ULONG *)a[1]->data);
+ case F_C_DigestFinal:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_DigestFinal(*(CK_ULONG *)a[0]->data,
+ (CK_CHAR *)a[1]->data,
+ (CK_ULONG *)a[2]->data);
+ case F_C_SignInit:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_SignInit(*(CK_ULONG *)a[0]->data,
+ (CK_MECHANISM *)a[1]->data,
+ *(CK_ULONG *)a[2]->data);
+ case F_C_Sign:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_Sign(*(CK_ULONG *)a[0]->data,
+ (CK_CHAR *)a[1]->data,
+ *(CK_ULONG *)a[2]->data,
+ (CK_CHAR *)a[3]->data,
+ (CK_ULONG *)a[4]->data);
+ case F_C_SignUpdate:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_SignUpdate(*(CK_ULONG *)a[0]->data,
+ (CK_CHAR *)a[1]->data,
+ *(CK_ULONG *)a[2]->data);
+ case F_C_SignFinal:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_SignFinal(*(CK_ULONG *)a[0]->data,
+ (CK_CHAR *)a[1]->data,
+ (CK_ULONG *)a[2]->data);
+
+ case F_C_SignRecoverInit:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_SignRecoverInit(*(CK_ULONG *)a[0]->data,
+ (CK_MECHANISM *)a[1]->data,
+ *(CK_ULONG *)a[2]->data);
+ case F_C_SignRecover:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_SignRecover(*(CK_ULONG *)a[0]->data,
+ (CK_CHAR *)a[1]->data,
+ *(CK_ULONG *)a[2]->data,
+ (CK_CHAR *)a[3]->data,
+ (CK_ULONG *)a[4]->data);
+ case F_C_VerifyInit:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_VerifyInit(*(CK_ULONG *)a[0]->data,
+ (CK_MECHANISM *)a[1]->data,
+ *(CK_ULONG *)a[2]->data);
+ case F_C_Verify:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_Verify(*(CK_ULONG *)a[0]->data,
+ (CK_CHAR *)a[1]->data,
+ *(CK_ULONG *)a[2]->data,
+ (CK_CHAR *)a[3]->data,
+ *(CK_ULONG *)a[4]->data);
+ case F_C_VerifyUpdate:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_VerifyUpdate(*(CK_ULONG *)a[0]->data,
+ (CK_CHAR *)a[1]->data,
+ *(CK_ULONG *)a[2]->data);
+ case F_C_VerifyFinal:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_VerifyFinal(*(CK_ULONG *)a[0]->data,
+ (CK_CHAR *)a[1]->data,
+ *(CK_ULONG *)a[2]->data);
+
+ case F_C_VerifyRecoverInit:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_VerifyRecoverInit(*(CK_ULONG *)a[0]->data,
+ (CK_MECHANISM *)a[1]->data,
+ *(CK_ULONG *)a[2]->data);
+ case F_C_VerifyRecover:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_VerifyRecover(*(CK_ULONG *)a[0]->data,
+ (CK_CHAR *)a[1]->data,
+ *(CK_ULONG *)a[2]->data,
+ (CK_CHAR *)a[3]->data,
+ (CK_ULONG *)a[4]->data);
+ case F_C_DigestEncryptUpdate:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_DigestEncryptUpdate(*(CK_ULONG *)a[0]->data,
+ (CK_CHAR *)a[1]->data,
+ *(CK_ULONG *)a[2]->data,
+ (CK_CHAR *)a[3]->data,
+ (CK_ULONG *)a[4]->data);
+ case F_C_DecryptDigestUpdate:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_DecryptDigestUpdate(*(CK_ULONG *)a[0]->data,
+ (CK_CHAR *)a[1]->data,
+ *(CK_ULONG *)a[2]->data,
+ (CK_CHAR *)a[3]->data,
+ (CK_ULONG *)a[4]->data);
+ case F_C_SignEncryptUpdate:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_SignEncryptUpdate(*(CK_ULONG *)a[0]->data,
+ (CK_CHAR *)a[1]->data,
+ *(CK_ULONG *)a[2]->data,
+ (CK_CHAR *)a[3]->data,
+ (CK_ULONG *)a[4]->data);
+ case F_C_DecryptVerifyUpdate:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_DecryptVerifyUpdate(*(CK_ULONG *)a[0]->data,
+ (CK_CHAR *)a[1]->data,
+ *(CK_ULONG *)a[2]->data,
+ (CK_CHAR *)a[3]->data,
+ (CK_ULONG *)a[4]->data);
+ case F_C_GenerateKey:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_GenerateKey(*(CK_ULONG *)a[0]->data,
+ (CK_MECHANISM *)a[1]->data,
+ (CK_ATTRIBUTE *)a[2]->data,
+ *(CK_ULONG *)a[3]->data,
+ (CK_ULONG *)a[4]->data);
+ case F_C_GenerateKeyPair:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_GenerateKeyPair(*(CK_ULONG *)a[0]->data,
+ (CK_MECHANISM *)a[1]->data,
+ (CK_ATTRIBUTE *)a[2]->data,
+ *(CK_ULONG *)a[3]->data,
+ (CK_ATTRIBUTE *)a[4]->data,
+ *(CK_ULONG *)a[5]->data,
+ (CK_ULONG *)a[6]->data,
+ (CK_ULONG *)a[7]->data);
+ case F_C_WrapKey:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_WrapKey(*(CK_ULONG *)a[0]->data,
+ (CK_MECHANISM *)a[1]->data,
+ *(CK_ULONG *)a[2]->data,
+ *(CK_ULONG *)a[3]->data,
+ (CK_CHAR *)a[5]->data,
+ (CK_ULONG *)a[6]->data);
+ case F_C_UnwrapKey:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_UnwrapKey(*(CK_ULONG *)a[0]->data,
+ (CK_MECHANISM *)a[1]->data,
+ *(CK_ULONG *)a[2]->data,
+ (CK_CHAR *)a[3]->data,
+ *(CK_ULONG *)a[4]->data,
+ (CK_ATTRIBUTE *)a[5]->data,
+ *(CK_ULONG *)a[6]->data,
+ (CK_ULONG *)a[7]->data);
+ case F_C_DeriveKey:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_DeriveKey(*(CK_ULONG *)a[0]->data,
+ (CK_MECHANISM *)a[1]->data,
+ *(CK_ULONG *)a[2]->data,
+ (CK_ATTRIBUTE *)a[3]->data,
+ *(CK_ULONG *)a[4]->data,
+ (CK_ULONG *)a[5]->data);
+ case F_C_SeedRandom:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_SeedRandom(*(CK_ULONG *)a[0]->data,
+ (CK_CHAR *)a[1]->data,
+ *(CK_ULONG *)a[2]->data);
+ case F_C_GenerateRandom:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_GenerateRandom(*(CK_ULONG *)a[0]->data,
+ (CK_CHAR *)a[1]->data,
+ *(CK_ULONG *)a[2]->data);
+ case F_C_GetFunctionStatus:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_GetFunctionStatus(*(CK_ULONG *)a[0]->data);
+ case F_C_CancelFunction:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_CancelFunction(*(CK_ULONG *)a[0]->data);
+ case F_C_WaitForSlotEvent:
+ if (!func)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ return func->C_WaitForSlotEvent(*(CK_ULONG *)a[0]->data,
+ (CK_ULONG *)a[1]->data,
+ (void *)a[2]->data);
+ /* set a variable */
+ case F_SetVar:
+ case F_SetStringVar:
+ (void)DeleteVariable(a[0]->data);
+ (void)AddVariable(a[0]->data, &a[1]);
+ return CKR_OK;
+ /* print a value */
+ case F_Print:
+ return printArg(a[0], 0);
+ case F_SaveVar:
+ return save(a[0]->data, a[1]);
+ case F_RestoreVar:
+ return restore(a[0]->data, a[1]);
+ case F_Delete:
+ return DeleteVariable(a[0]->data);
+ case F_Increment:
+ return increment(a[0], *(CK_ULONG *)a[1]->data);
+ case F_Decrement:
+ return decrement(a[0], *(CK_ULONG *)a[1]->data);
+ case F_List:
+ return list();
+ case F_Run:
+ return run(a[0]->data);
+ case F_Time:
+ return timeCommand(a[0]->data);
+ case F_Load:
+ return loadModule(&module, a[0]->data);
+ case F_Unload:
+ return unloadModule(&module);
+ case F_NewArray:
+ (void)DeleteVariable(a[0]->data);
+ return ArrayVariable(a[0]->data, a[1]->data, *(CK_ULONG *)a[2]->data);
+ case F_NewTemplate:
+ (void)DeleteVariable(a[0]->data);
+ return ArrayTemplate(a[0]->data, a[1]->data);
+ case F_BuildTemplate:
+ return BuildTemplate(a[0]);
+ case F_SetTemplate:
+ return SetTemplate(a[0],
+ *(CK_ULONG *)a[1]->data,
+ *(CK_ULONG *)a[2]->data);
+ case F_NewMechanism:
+ (void)DeleteVariable(a[0]->data);
+ return NewMechanism(a[0]->data, *(CK_ULONG *)a[1]->data);
+ case F_NewInitializeArgs:
+ (void)DeleteVariable(a[0]->data);
+ return NewInitializeArgs(a[0]->data, *(CK_ULONG *)a[1]->data, a[2]->data);
+ case F_System:
+ value = *(int *)a[0]->data;
+ if (value & 0x80000000) {
+ systemFlags &= ~value;
+ } else {
+ systemFlags |= value;
+ }
+ return CKR_OK;
+ case F_Loop:
+ return loop(a[0]->data, a[1]->data, *(CK_ULONG *)a[2]->data,
+ *(CK_ULONG *)a[3]->data, *(CK_ULONG *)a[4]->data);
+ case F_Help:
+ if (a[0]) {
+ helpIndex = lookup(a[0]->data);
+ if (helpIndex < 0) {
+ return printTopicHelp(a[0]->data);
+ }
+ printHelp(helpIndex, 1);
+ return CKR_OK;
+ }
+ return printGeneralHelp();
+ case F_QuitIfString:
+ return quitIfString(a[0]->data, a[1]->data, a[2]->data);
+ case F_QuitIf:
+ return quitIf(*(CK_ULONG *)a[0]->data, a[1]->data, *(CK_ULONG *)a[2]->data);
+ case F_Quit:
+ return CKR_QUIT;
+ default:
+ fprintf(stderr,
+ "Function %s not yet supported\n", commands[index].fname);
+ return CKR_OK;
+ }
+ /* Not Reached */
+ return CKR_OK;
+}
+
+CK_RV
+processCommand(const char *buf)
+{
+ CK_RV error = CKR_OK;
+ int index;
+ const char *bp;
+ Value **arglist;
+
+ bp = strip(buf);
+ /* allow comments and blank lines in scripts */
+ if ((*bp == '#') || (*bp == 0) || (*bp == '\n')) {
+ return CKR_OK;
+ }
+
+ index = lookup(bp);
+
+ if (index < 0) {
+ return CKR_OK;
+ }
+
+ arglist = parseArgs(index, bp);
+ if (arglist == NULL) {
+ return CKR_OK;
+ }
+
+ error = do_func(index, arglist);
+ if (error == CKR_OK) {
+ putOutput(arglist);
+ } else if (error != CKR_QUIT) {
+ printf(">> Error : ");
+ printConst(error, ConstResult, 1);
+ }
+
+ parseFree(arglist);
+ return error;
+}
+
+CK_RV
+timeCommand(const char *command)
+{
+ CK_RV ckrv;
+ PRIntervalTime startTime = PR_IntervalNow();
+ PRIntervalTime endTime;
+ PRIntervalTime elapsedTime;
+
+ ckrv = processCommand(command);
+
+ endTime = PR_IntervalNow();
+ elapsedTime = endTime - startTime;
+ printf("Time -- %d msec \n",
+ PR_IntervalToMilliseconds(elapsedTime));
+
+ return ckrv;
+}
+
+CK_RV
+process(FILE *inFile, int user)
+{
+ char buf[2048];
+ CK_RV error;
+ CK_RV ckrv = CKR_OK;
+
+ if (user) {
+ printf("pkcs11> ");
+ fflush(stdout);
+ }
+
+ while (fgets(buf, 2048, inFile) != NULL) {
+
+ if (!user)
+ printf("* %s", buf);
+ error = processCommand(buf);
+ if (error == CKR_QUIT) {
+ break;
+ } else if (error != CKR_OK) {
+ ckrv = error;
+ }
+ if (user) {
+ printf("pkcs11> ");
+ fflush(stdout);
+ }
+ }
+ return ckrv;
+}
+
+CK_RV
+run(const char *filename)
+{
+ FILE *infile;
+ CK_RV ckrv;
+
+ infile = fopen(filename, "r");
+
+ if (infile == NULL) {
+ perror(filename);
+ return CKR_FUNCTION_FAILED;
+ }
+
+ ckrv = process(infile, 0);
+
+ fclose(infile);
+ return ckrv;
+}
+
+CK_RV
+loop(const char *filename, const char *var,
+ CK_ULONG start, CK_ULONG end, CK_ULONG step)
+{
+ CK_ULONG i = 0;
+ Value *value = 0;
+ CK_RV ckrv;
+
+ for (i = start; i < end; i += step) {
+ value = NewValue(ArgULong, 1);
+ *(CK_ULONG *)value->data = i;
+ DeleteVariable(var);
+ AddVariable(var, &value);
+ ckrv = run(filename);
+ argFree(value);
+ if (ckrv == CKR_QUIT) {
+ break;
+ }
+ }
+ return ckrv;
+}
+
+int
+main(int argc, char **argv)
+{
+ /* I suppose that some day we could parse some arguments */
+ (void)process(stdin, 1);
+ return 0;
+}
diff --git a/security/nss/cmd/pk11util/scripts/dosign b/security/nss/cmd/pk11util/scripts/dosign
new file mode 100644
index 0000000000..33e761f0b6
--- /dev/null
+++ b/security/nss/cmd/pk11util/scripts/dosign
@@ -0,0 +1,162 @@
+Load nsscapi.dll
+C_Initialize NULL
+C_GetSlotList false NULL slotCount
+NewArray slotList CK_ULONG slotCount
+C_GetSlotList false slotList slotCount
+#change the following to the appropriate slot id
+set slotID 1
+#set slotID slotList[0]
+C_GetSlotInfo slotID slotInfo
+C_GetTokenInfo slotID tokenInfo
+C_OpenSession slotID CKF_SERIAL_SESSION session
+#
+#uncomment the following line and include the correct password
+#C_Login session CKU_USER 0000 4
+#
+# build the search template
+#
+NewTemplate search CKA_CLASS
+SetTemplate search 0 CKO_CERTIFICATE
+NewArray certID CK_ULONG 10
+C_FindObjectsInit session search 1
+C_FindObjects session certID sizeA(certID) count
+C_FindObjectsFinal session
+#
+# now read the cert out
+#
+#NewTemplate derCert CKA_VALUE
+#NewTemplate certName CKA_LABEL,CKA_VALUE
+#C_GetAttributeValue session certID[0] certName sizeA(certName)
+#BuildTemplate certName
+#C_GetAttributeValue session certID[0] certName sizeA(certName)
+#print certName[0]
+Set countm1 count
+Decrement countm1 1
+LoopRun pLabel1 i 0 countm1 1
+Set i 1
+run pLabel1
+NewTemplate id CKA_CLASS,CKA_ID
+C_GetAttributeValue session certID[i] id sizeA(id)
+BuildTemplate id
+C_GetAttributeValue session certID[i] id sizeA(id)
+SetTemplate id 0 CKO_PRIVATE_KEY
+NewArray keyID CK_ULONG 10
+C_FindObjectsInit session id sizeA(id)
+C_FindObjects session keyID sizeA(keyID) count
+C_FindObjectsFinal session
+
+NewMechanism rsaParams CKM_RSA_PKCS
+NewArray sign data 256
+NewArray sdata data 36
+C_SignInit session rsaParams keyID[0]
+print sdata
+C_Sign session sdata sizeof(sdata) sign sizeof(sign)
+save signature sign
+save hash sdata
+NewTemplate privValue CKA_MODULUS,CKA_PUBLIC_EXPONENT
+C_GetAttributeValue session keyID[0] privValue sizeA(privValue)
+BuildTemplate privValue
+C_GetAttributeValue session keyID[0] privValue sizeA(privValue)
+print privValue[0]
+print privValue[1]
+
+# save the public key
+SetTemplate id 0 CKO_PUBLIC_KEY
+NewArray pubkeyID CK_ULONG 10
+C_FindObjectsInit session id sizeA(id)
+C_FindObjects session pubkeyID sizeA(pubkeyID) count
+C_FindObjectsFinal session
+NewTemplate pubkeyValue CKA_MODULUS,CKA_PUBLIC_EXPONENT
+C_GetAttributeValue session pubkeyID[0] pubkeyValue sizeA(pubkeyValue)
+BuildTemplate pubkeyValue
+C_GetAttributeValue session pubkeyID[0] pubkeyValue sizeA(pubkeyValue)
+print pubkeyValue[0]
+print pubkeyValue[1]
+
+
+C_Finalize null
+unload
+
+#
+# Now do the same for using softoken
+#
+load softokn3.dll
+NewInitArg init CKF_OS_LOCKING_OK configdir=./db
+C_Initialize init
+C_GetSlotList false NULL slotCount
+NewArray slotList CK_ULONG slotCount
+C_GetSlotList false slotList slotCount
+#change the following to the appropriate slot id
+set slotID slotList[1]
+#set slotID slotList[0]
+C_GetSlotInfo slotID slotInfo
+C_GetTokenInfo slotID tokenInfo
+C_OpenSession slotID CKF_SERIAL_SESSION session
+NewTemplate search CKA_CLASS
+SetTemplate search 0 CKO_CERTIFICATE
+NewArray certID CK_ULONG 10
+C_FindObjectsInit session search 1
+C_FindObjects session certID sizeA(certID) count
+C_FindObjectsFinal session
+#
+# now read the cert out
+#
+#NewTemplate derCert CKA_VALUE
+#NewTemplate certName CKA_LABEL,CKA_VALUE
+#C_GetAttributeValue session certID[0] certName sizeA(certName)
+#BuildTemplate certName
+#C_GetAttributeValue session certID[0] certName sizeA(certName)
+#print certName[0]
+#Set countm1 count
+#Decrement countm1 1
+#LoopRun pLabel1 i 0 countm1 1
+Set i 0
+run pLabel1
+NewTemplate id CKA_CLASS,CKA_ID
+C_GetAttributeValue session certID[i] id sizeA(id)
+BuildTemplate id
+C_GetAttributeValue session certID[i] id sizeA(id)
+SetTemplate id 0 CKO_PRIVATE_KEY
+NewArray keyID CK_ULONG 10
+C_FindObjectsInit session id sizeA(id)
+C_FindObjects session keyID sizeA(keyID) count
+C_FindObjectsFinal session
+
+NewMechanism rsaParams CKM_RSA_PKCS
+NewArray sign data 256
+NewArray sdata data 36
+C_SignInit session rsaParams keyID[0]
+C_Sign session sdata sizeof(sdata) sign sizeof(sign)
+save signature2 sign
+save hash2 sdata
+
+SetTemplate id 0 CKO_PUBLIC_KEY
+NewArray pubkeyID CK_ULONG 10
+C_FindObjectsInit session id sizeA(id)
+C_FindObjects session pubkeyID sizeA(pubkeyID) count
+C_FindObjectsFinal session
+
+#
+# OK now we use raw unwrap and see what we have...
+#
+NewMechanism rawRsaParams CKM_RSA_X_509
+NewArray vdata data 256
+C_VerifyRecoverInit session rawRsaParams pubkeyID[0]
+C_VerifyRecover session sign sizeof(sign) vdata sizeof(vdata)
+save verify2 vdata
+restore signature sign
+C_VerifyRecoverInit session rawRsaParams pubkeyID[0]
+C_VerifyRecover session sign sizeof(sign) vdata sizeof(vdata)
+save verify vdata
+
+NewTemplate pubkeyValue CKA_MODULUS,CKA_PUBLIC_EXPONENT
+C_GetAttributeValue session pubkeyID[0] pubkeyValue sizeA(pubkeyValue)
+BuildTemplate pubkeyValue
+C_GetAttributeValue session pubkeyID[0] pubkeyValue sizeA(pubkeyValue)
+print pubkeyValue[0]
+print pubkeyValue[1]
+
+
+C_Finalize null
+
+unload
diff --git a/security/nss/cmd/pk11util/scripts/hssign b/security/nss/cmd/pk11util/scripts/hssign
new file mode 100644
index 0000000000..9bcf365cc4
--- /dev/null
+++ b/security/nss/cmd/pk11util/scripts/hssign
@@ -0,0 +1,48 @@
+Load aolkeypk11.dll
+C_Initialize NULL
+C_GetSlotList false NULL slotCount
+NewArray slotList CK_ULONG slotCount
+C_GetSlotList false slotList slotCount
+#change the following to the appropriate slot id
+#set slotID slotList[0]
+set slotID 1
+C_GetSlotInfo slotID slotInfo
+C_GetTokenInfo slotID tokenInfo
+C_OpenSession slotID CK_SESSION_SERIAL session
+#
+#uncomment the following line and include the correct password
+#for authenticated tokens
+#C_Login session CKU_USER 0000 4
+#
+# build the search template
+#
+#NewTemplate search CKA_CLASS
+#SetTemplate search 0 CKO_CERTIFICATE
+#NewArray certID CK_ULONG 1
+#C_FindObjectsInit session search 1
+#C_FindObjects session certID 1 count
+#C_FindObjectsFinal session
+#
+# now read the cert out
+#
+#NewTemplate derCert CKA_VALUE
+#C_GetAttributeValue session certID derCert 1
+#BuildTemplate derCert
+#C_GetAttributeValue session certID derCert 1
+#
+# Do a signature
+#
+NewTemplate search CKA_CLASS
+SetTemplate search 0 CKO_PRIVATE_KEY
+NewArray privateKey CK_ULONG 1
+C_FindObjectsInit session search 1
+C_FindObjects session privateKey 1 count
+C_FindObjectsFinal session
+# sign
+NewMechanism rsaParams CKM_RSA_PKCS
+NewArray sign data 128
+NewArray sdata data 20
+C_SignInit session rsaParams privateKey
+C_Sign session sdata sizeof(sdata) sign sizeof(sign)
+#C_Logout session
+
diff --git a/security/nss/cmd/pk11util/scripts/lcert b/security/nss/cmd/pk11util/scripts/lcert
new file mode 100644
index 0000000000..0f249c3b5e
--- /dev/null
+++ b/security/nss/cmd/pk11util/scripts/lcert
@@ -0,0 +1,35 @@
+Load nsscapi.dll
+C_Initialize NULL
+C_GetSlotList false NULL slotCount
+NewArray slotList CK_ULONG slotCount
+C_GetSlotList false slotList slotCount
+#change the following to the appropriate slot id
+set slotID 1
+#set slotID slotList[0]
+C_GetSlotInfo slotID slotInfo
+C_GetTokenInfo slotID tokenInfo
+C_OpenSession slotID CKF_SERIAL_SESSION session
+#
+#uncomment the following line and include the correct password
+#C_Login session CKU_USER 0000 4
+#
+# build the search template
+#
+NewTemplate search CKA_CLASS
+SetTemplate search 0 CKO_CERTIFICATE
+NewArray certID CK_ULONG 10
+C_FindObjectsInit session search 1
+C_FindObjects session certID sizeA(certID) count
+C_FindObjectsFinal session
+#
+# now read the cert out
+#
+#NewTemplate derCert CKA_VALUE
+#NewTemplate certName CKA_LABEL,CKA_VALUE
+#C_GetAttributeValue session certID[0] certName sizeA(certName)
+#BuildTemplate certName
+#C_GetAttributeValue session certID[0] certName sizeA(certName)
+#print certName[0]
+Set countm1 count
+Decrement countm1 1
+LoopRun pLabel1 i 0 countm1 1
diff --git a/security/nss/cmd/pk11util/scripts/mechanisms b/security/nss/cmd/pk11util/scripts/mechanisms
new file mode 100644
index 0000000000..d103a9c4ff
--- /dev/null
+++ b/security/nss/cmd/pk11util/scripts/mechanisms
@@ -0,0 +1,11 @@
+Load nsscapi.dll
+C_Initialize NULL
+C_GetSlotList false NULL slotCount
+NewArray slotList CK_ULONG slotCount
+C_GetSlotList false slotList slotCount
+
+LoopRun pMechanisms i 0 slotCount 1
+
+#C_Finalize
+#Unload
+
diff --git a/security/nss/cmd/pk11util/scripts/pLabel1 b/security/nss/cmd/pk11util/scripts/pLabel1
new file mode 100644
index 0000000000..0be909bb4e
--- /dev/null
+++ b/security/nss/cmd/pk11util/scripts/pLabel1
@@ -0,0 +1,6 @@
+NewTemplate certName CKA_LABEL,CKA_VALUE
+C_GetAttributeValue session certID[i] certName sizeA(certName)
+BuildTemplate certName
+C_GetAttributeValue session certID[i] certName sizeA(certName)
+print i
+print certName[0]
diff --git a/security/nss/cmd/pk11util/scripts/pMechanisms b/security/nss/cmd/pk11util/scripts/pMechanisms
new file mode 100644
index 0000000000..82e860258e
--- /dev/null
+++ b/security/nss/cmd/pk11util/scripts/pMechanisms
@@ -0,0 +1,8 @@
+#
+# print the mechanism list for a given token
+#
+set slotID slotList[i]
+C_GetMechanismList slotID NULL mechCount
+NewArray mechanismList CK_ULONG mechcount
+C_GetMechanismList slotID mechanismList mechCount
+print mechanismList
diff --git a/security/nss/cmd/pk11util/scripts/pcert b/security/nss/cmd/pk11util/scripts/pcert
new file mode 100644
index 0000000000..c322a8bfe6
--- /dev/null
+++ b/security/nss/cmd/pk11util/scripts/pcert
@@ -0,0 +1,30 @@
+Load aolkeypk11.dll
+C_Initialize NULL
+C_GetSlotList false NULL slotCount
+NewArray slotList CK_ULONG slotCount
+C_GetSlotList false slotList slotCount
+#change the following to the appropriate slot id
+set slotID 1
+#set slotID slotList[0]
+C_GetSlotInfo slotID slotInfo
+C_GetTokenInfo slotID tokenInfo
+C_OpenSession slotID CK_SESSION_SERIAL session
+#
+#uncomment the following line and include the correct password
+#C_Login session CKU_USER 0000 4
+#
+# build the search template
+#
+NewTemplate search CKA_CLASS
+SetTemplate search 0 CKO_CERTIFICATE
+NewArray certID CK_ULONG 1
+C_FindObjectsInit session search 1
+C_FindObjects session certID 1 count
+C_FindObjectsFinal session
+#
+# now read the cert out
+#
+NewTemplate derCert CKA_VALUE
+C_GetAttributeValue session certID derCert 1
+BuildTemplate derCert
+C_GetAttributeValue session certID derCert 1