1 files changed, 0 insertions, 561 deletions

diff --git a/security/nss/lib/ckfw/capi/cfind.c b/security/nss/lib/ckfw/capi/cfind.c
deleted file mode 100644
index 9c4d4f1e77..0000000000
--- a/security/nss/lib/ckfw/capi/cfind.c
+++ /dev/null
@@ -1,561 +0,0 @@
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-#ifndef CKCAPI_H
-#include "ckcapi.h"
-#endif /* CKCAPI_H */
-
-/*
- * ckcapi/cfind.c
- *
- * This file implements the NSSCKMDFindObjects object for the
- * "capi" cryptoki module.
- */
-
-struct ckcapiFOStr {
-    NSSArena *arena;
-    CK_ULONG n;
-    CK_ULONG i;
-    ckcapiInternalObject **objs;
-};
-
-static void
-ckcapi_mdFindObjects_Final(
-    NSSCKMDFindObjects *mdFindObjects,
-    NSSCKFWFindObjects *fwFindObjects,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance)
-{
-    struct ckcapiFOStr *fo = (struct ckcapiFOStr *)mdFindObjects->etc;
-    NSSArena *arena = fo->arena;
-    PRUint32 i;
-
-    /* walk down an free the unused 'objs' */
-    for (i = fo->i; i < fo->n; i++) {
-        nss_ckcapi_DestroyInternalObject(fo->objs[i]);
-    }
-
-    nss_ZFreeIf(fo->objs);
-    nss_ZFreeIf(fo);
-    nss_ZFreeIf(mdFindObjects);
-    if ((NSSArena *)NULL != arena) {
-        NSSArena_Destroy(arena);
-    }
-
-    return;
-}
-
-static NSSCKMDObject *
-ckcapi_mdFindObjects_Next(
-    NSSCKMDFindObjects *mdFindObjects,
-    NSSCKFWFindObjects *fwFindObjects,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    NSSArena *arena,
-    CK_RV *pError)
-{
-    struct ckcapiFOStr *fo = (struct ckcapiFOStr *)mdFindObjects->etc;
-    ckcapiInternalObject *io;
-
-    if (fo->i == fo->n) {
-        *pError = CKR_OK;
-        return (NSSCKMDObject *)NULL;
-    }
-
-    io = fo->objs[fo->i];
-    fo->i++;
-
-    return nss_ckcapi_CreateMDObject(arena, io, pError);
-}
-
-static CK_BBOOL
-ckcapi_attrmatch(
-    CK_ATTRIBUTE_PTR a,
-    ckcapiInternalObject *o)
-{
-    PRBool prb;
-    const NSSItem *b;
-
-    b = nss_ckcapi_FetchAttribute(o, a->type);
-    if (b == NULL) {
-        return CK_FALSE;
-    }
-
-    if (a->ulValueLen != b->size) {
-        /* match a decoded serial number */
-        if ((a->type == CKA_SERIAL_NUMBER) && (a->ulValueLen < b->size)) {
-            unsigned int len;
-            unsigned char *data;
-
-            data = nss_ckcapi_DERUnwrap(b->data, b->size, &len, NULL);
-            if ((len == a->ulValueLen) &&
-                nsslibc_memequal(a->pValue, data, len, (PRStatus *)NULL)) {
-                return CK_TRUE;
-            }
-        }
-        return CK_FALSE;
-    }
-
-    prb = nsslibc_memequal(a->pValue, b->data, b->size, (PRStatus *)NULL);
-
-    if (PR_TRUE == prb) {
-        return CK_TRUE;
-    } else {
-        return CK_FALSE;
-    }
-}
-
-static CK_BBOOL
-ckcapi_match(
-    CK_ATTRIBUTE_PTR pTemplate,
-    CK_ULONG ulAttributeCount,
-    ckcapiInternalObject *o)
-{
-    CK_ULONG i;
-
-    for (i = 0; i < ulAttributeCount; i++) {
-        if (CK_FALSE == ckcapi_attrmatch(&pTemplate[i], o)) {
-            return CK_FALSE;
-        }
-    }
-
-    /* Every attribute passed */
-    return CK_TRUE;
-}
-
-#define CKAPI_ITEM_CHUNK 20
-
-#define PUT_Object(obj, err)                                                    \
-    {                                                                           \
-        if (count >= size) {                                                    \
-            *listp = *listp ? nss_ZREALLOCARRAY(*listp, ckcapiInternalObject *, \
-                                                (size +                         \
-                                                 CKAPI_ITEM_CHUNK))             \
-                            : nss_ZNEWARRAY(NULL, ckcapiInternalObject *,       \
-                                            (size +                             \
-                                             CKAPI_ITEM_CHUNK));                \
-            if ((ckcapiInternalObject **)NULL == *listp) {                      \
-                err = CKR_HOST_MEMORY;                                          \
-                goto loser;                                                     \
-            }                                                                   \
-            size += CKAPI_ITEM_CHUNK;                                           \
-        }                                                                       \
-        (*listp)[count] = (obj);                                                \
-        count++;                                                                \
-    }
-
-/*
- * pass parameters back through the callback.
- */
-typedef struct BareCollectParamsStr {
-    CK_OBJECT_CLASS objClass;
-    CK_ATTRIBUTE_PTR pTemplate;
-    CK_ULONG ulAttributeCount;
-    ckcapiInternalObject ***listp;
-    PRUint32 size;
-    PRUint32 count;
-} BareCollectParams;
-
-/* collect_bare's callback. Called for each object that
- * supposedly has a PROVINDER_INFO property */
-static BOOL WINAPI
-doBareCollect(
-    const CRYPT_HASH_BLOB *msKeyID,
-    DWORD flags,
-    void *reserved,
-    void *args,
-    DWORD cProp,
-    DWORD *propID,
-    void **propData,
-    DWORD *propSize)
-{
-    BareCollectParams *bcp = (BareCollectParams *)args;
-    PRUint32 size = bcp->size;
-    PRUint32 count = bcp->count;
-    ckcapiInternalObject ***listp = bcp->listp;
-    ckcapiInternalObject *io = NULL;
-    DWORD i;
-    CRYPT_KEY_PROV_INFO *keyProvInfo = NULL;
-    void *idData;
-    CK_RV error;
-
-    /* make sure there is a Key Provider Info property */
-    for (i = 0; i < cProp; i++) {
-        if (CERT_KEY_PROV_INFO_PROP_ID == propID[i]) {
-            keyProvInfo = (CRYPT_KEY_PROV_INFO *)propData[i];
-            break;
-        }
-    }
-    if ((CRYPT_KEY_PROV_INFO *)NULL == keyProvInfo) {
-        return 1;
-    }
-
-    /* copy the key ID */
-    idData = nss_ZNEWARRAY(NULL, char, msKeyID->cbData);
-    if ((void *)NULL == idData) {
-        goto loser;
-    }
-    nsslibc_memcpy(idData, msKeyID->pbData, msKeyID->cbData);
-
-    /* build a bare internal object */
-    io = nss_ZNEW(NULL, ckcapiInternalObject);
-    if ((ckcapiInternalObject *)NULL == io) {
-        goto loser;
-    }
-    io->type = ckcapiBareKey;
-    io->objClass = bcp->objClass;
-    io->u.key.provInfo = *keyProvInfo;
-    io->u.key.provInfo.pwszContainerName =
-        nss_ckcapi_WideDup(keyProvInfo->pwszContainerName);
-    io->u.key.provInfo.pwszProvName =
-        nss_ckcapi_WideDup(keyProvInfo->pwszProvName);
-    io->u.key.provName = nss_ckcapi_WideToUTF8(keyProvInfo->pwszProvName);
-    io->u.key.containerName =
-        nss_ckcapi_WideToUTF8(keyProvInfo->pwszContainerName);
-    io->u.key.hProv = 0;
-    io->idData = idData;
-    io->id.data = idData;
-    io->id.size = msKeyID->cbData;
-    idData = NULL;
-
-    /* see if it matches */
-    if (CK_FALSE == ckcapi_match(bcp->pTemplate, bcp->ulAttributeCount, io)) {
-        goto loser;
-    }
-    PUT_Object(io, error);
-    bcp->size = size;
-    bcp->count = count;
-    return 1;
-
-loser:
-    if (io) {
-        nss_ckcapi_DestroyInternalObject(io);
-    }
-    nss_ZFreeIf(idData);
-    return 1;
-}
-
-/*
- * collect the bare keys running around
- */
-static PRUint32
-collect_bare(
-    CK_OBJECT_CLASS objClass,
-    CK_ATTRIBUTE_PTR pTemplate,
-    CK_ULONG ulAttributeCount,
-    ckcapiInternalObject ***listp,
-    PRUint32 *sizep,
-    PRUint32 count,
-    CK_RV *pError)
-{
-    BOOL rc;
-    BareCollectParams bareCollectParams;
-
-    bareCollectParams.objClass = objClass;
-    bareCollectParams.pTemplate = pTemplate;
-    bareCollectParams.ulAttributeCount = ulAttributeCount;
-    bareCollectParams.listp = listp;
-    bareCollectParams.size = *sizep;
-    bareCollectParams.count = count;
-
-    rc = CryptEnumKeyIdentifierProperties(NULL, CERT_KEY_PROV_INFO_PROP_ID, 0,
-                                          NULL, NULL, &bareCollectParams, doBareCollect);
-
-    *sizep = bareCollectParams.size;
-    return bareCollectParams.count;
-}
-
-/* find all the certs that represent the appropriate object (cert, priv key, or
- *  pub key) in the cert store.
- */
-static PRUint32
-collect_class(
-    CK_OBJECT_CLASS objClass,
-    LPCSTR storeStr,
-    PRBool hasID,
-    CK_ATTRIBUTE_PTR pTemplate,
-    CK_ULONG ulAttributeCount,
-    ckcapiInternalObject ***listp,
-    PRUint32 *sizep,
-    PRUint32 count,
-    CK_RV *pError)
-{
-    PRUint32 size = *sizep;
-    ckcapiInternalObject *next = NULL;
-    HCERTSTORE hStore;
-    PCCERT_CONTEXT certContext = NULL;
-    PRBool isKey =
-        (objClass == CKO_PUBLIC_KEY) | (objClass == CKO_PRIVATE_KEY);
-
-    hStore = CertOpenSystemStore((HCRYPTPROV)NULL, storeStr);
-    if (NULL == hStore) {
-        return count; /* none found does not imply an error */
-    }
-
-    /* FUTURE: use CertFindCertificateInStore to filter better -- so we don't
-   * have to enumerate all the certificates */
-    while ((PCERT_CONTEXT)NULL !=
-           (certContext = CertEnumCertificatesInStore(hStore, certContext))) {
-        /* first filter out non user certs if we are looking for keys */
-        if (isKey) {
-            /* make sure there is a Key Provider Info property */
-            CRYPT_KEY_PROV_INFO *keyProvInfo;
-            DWORD size = 0;
-            BOOL rv;
-            rv = CertGetCertificateContextProperty(certContext,
-                                                   CERT_KEY_PROV_INFO_PROP_ID, NULL, &size);
-            if (!rv) {
-                int reason = GetLastError();
-                /* we only care if it exists, we don't really need to fetch it yet */
-                if (reason == CRYPT_E_NOT_FOUND) {
-                    continue;
-                }
-            }
-            /* filter out the non-microsoft providers */
-            keyProvInfo = (CRYPT_KEY_PROV_INFO *)nss_ZAlloc(NULL, size);
-            if (keyProvInfo) {
-                rv = CertGetCertificateContextProperty(certContext,
-                                                       CERT_KEY_PROV_INFO_PROP_ID, keyProvInfo, &size);
-                if (rv) {
-                    char *provName =
-                        nss_ckcapi_WideToUTF8(keyProvInfo->pwszProvName);
-                    nss_ZFreeIf(keyProvInfo);
-
-                    if (provName &&
-                        (strncmp(provName, "Microsoft", sizeof("Microsoft") - 1) != 0)) {
-                        continue;
-                    }
-                } else {
-                    int reason =
-                        GetLastError();
-                    /* we only care if it exists, we don't really need to fetch it yet */
-                    nss_ZFreeIf(keyProvInfo);
-                    if (reason ==
-                        CRYPT_E_NOT_FOUND) {
-                        continue;
-                    }
-                }
-            }
-        }
-
-        if ((ckcapiInternalObject *)NULL == next) {
-            next = nss_ZNEW(NULL, ckcapiInternalObject);
-            if ((ckcapiInternalObject *)NULL == next) {
-                *pError = CKR_HOST_MEMORY;
-                goto loser;
-            }
-        }
-        next->type = ckcapiCert;
-        next->objClass = objClass;
-        next->u.cert.certContext = certContext;
-        next->u.cert.hasID = hasID;
-        next->u.cert.certStore = storeStr;
-        if (CK_TRUE == ckcapi_match(pTemplate, ulAttributeCount, next)) {
-            /* clear cached values that may be dependent on our old certContext */
-            memset(&next->u.cert, 0, sizeof(next->u.cert));
-            /* get a 'permanent' context */
-            next->u.cert.certContext = CertDuplicateCertificateContext(certContext);
-            next->objClass = objClass;
-            next->u.cert.certContext = certContext;
-            next->u.cert.hasID = hasID;
-            next->u.cert.certStore = storeStr;
-            PUT_Object(next, *pError);
-            next = NULL; /* need to allocate a new one now */
-        } else {
-            /* don't cache the values we just loaded */
-            memset(&next->u.cert, 0, sizeof(next->u.cert));
-        }
-    }
-loser:
-    CertCloseStore(hStore, 0);
-    nss_ZFreeIf(next);
-    *sizep = size;
-    return count;
-}
-
-NSS_IMPLEMENT PRUint32
-nss_ckcapi_collect_all_certs(
-    CK_ATTRIBUTE_PTR pTemplate,
-    CK_ULONG ulAttributeCount,
-    ckcapiInternalObject ***listp,
-    PRUint32 *sizep,
-    PRUint32 count,
-    CK_RV *pError)
-{
-    count = collect_class(CKO_CERTIFICATE, "My", PR_TRUE, pTemplate,
-                          ulAttributeCount, listp, sizep, count, pError);
-    /*count = collect_class(CKO_CERTIFICATE, "AddressBook", PR_FALSE, pTemplate,
-                        ulAttributeCount, listp, sizep, count, pError); */
-    count = collect_class(CKO_CERTIFICATE, "CA", PR_FALSE, pTemplate,
-                          ulAttributeCount, listp, sizep, count, pError);
-    count = collect_class(CKO_CERTIFICATE, "Root", PR_FALSE, pTemplate,
-                          ulAttributeCount, listp, sizep, count, pError);
-    count = collect_class(CKO_CERTIFICATE, "Trust", PR_FALSE, pTemplate,
-                          ulAttributeCount, listp, sizep, count, pError);
-    count = collect_class(CKO_CERTIFICATE, "TrustedPeople", PR_FALSE, pTemplate,
-                          ulAttributeCount, listp, sizep, count, pError);
-    count = collect_class(CKO_CERTIFICATE, "AuthRoot", PR_FALSE, pTemplate,
-                          ulAttributeCount, listp, sizep, count, pError);
-    return count;
-}
-
-CK_OBJECT_CLASS
-ckcapi_GetObjectClass(CK_ATTRIBUTE_PTR pTemplate,
-                      CK_ULONG ulAttributeCount)
-{
-    CK_ULONG i;
-
-    for (i = 0; i < ulAttributeCount; i++) {
-        if (pTemplate[i].type == CKA_CLASS) {
-            return *(CK_OBJECT_CLASS *)pTemplate[i].pValue;
-        }
-    }
-    /* need to return a value that says 'fetch them all' */
-    return CK_INVALID_HANDLE;
-}
-
-static PRUint32
-collect_objects(
-    CK_ATTRIBUTE_PTR pTemplate,
-    CK_ULONG ulAttributeCount,
-    ckcapiInternalObject ***listp,
-    CK_RV *pError)
-{
-    PRUint32 i;
-    PRUint32 count = 0;
-    PRUint32 size = 0;
-    CK_OBJECT_CLASS objClass;
-
-    /*
-     * first handle the static build in objects (if any)
-     */
-    for (i = 0; i < nss_ckcapi_nObjects; i++) {
-        ckcapiInternalObject *o = (ckcapiInternalObject *)&nss_ckcapi_data[i];
-
-        if (CK_TRUE == ckcapi_match(pTemplate, ulAttributeCount, o)) {
-            PUT_Object(o, *pError);
-        }
-    }
-
-    /*
-     * now handle the various object types
-     */
-    objClass = ckcapi_GetObjectClass(pTemplate, ulAttributeCount);
-    *pError = CKR_OK;
-    switch (objClass) {
-        case CKO_CERTIFICATE:
-            count = nss_ckcapi_collect_all_certs(pTemplate, ulAttributeCount, listp,
-                                                 &size, count, pError);
-            break;
-        case CKO_PUBLIC_KEY:
-            count = collect_class(objClass, "My", PR_TRUE, pTemplate,
-                                  ulAttributeCount, listp, &size, count, pError);
-            count = collect_bare(objClass, pTemplate, ulAttributeCount, listp,
-                                 &size, count, pError);
-            break;
-        case CKO_PRIVATE_KEY:
-            count = collect_class(objClass, "My", PR_TRUE, pTemplate,
-                                  ulAttributeCount, listp, &size, count, pError);
-            count = collect_bare(objClass, pTemplate, ulAttributeCount, listp,
-                                 &size, count, pError);
-            break;
-        /* all of them */
-        case CK_INVALID_HANDLE:
-            count = nss_ckcapi_collect_all_certs(pTemplate, ulAttributeCount, listp,
-                                                 &size, count, pError);
-            count = collect_class(CKO_PUBLIC_KEY, "My", PR_TRUE, pTemplate,
-                                  ulAttributeCount, listp, &size, count, pError);
-            count = collect_bare(CKO_PUBLIC_KEY, pTemplate, ulAttributeCount, listp,
-                                 &size, count, pError);
-            count = collect_class(CKO_PRIVATE_KEY, "My", PR_TRUE, pTemplate,
-                                  ulAttributeCount, listp, &size, count, pError);
-            count = collect_bare(CKO_PRIVATE_KEY, pTemplate, ulAttributeCount, listp,
-                                 &size, count, pError);
-            break;
-        default:
-            goto done; /* no other object types we understand in this module */
-    }
-    if (CKR_OK != *pError) {
-        goto loser;
-    }
-
-done:
-    return count;
-loser:
-    nss_ZFreeIf(*listp);
-    return 0;
-}
-
-NSS_IMPLEMENT NSSCKMDFindObjects *
-nss_ckcapi_FindObjectsInit(
-    NSSCKFWSession *fwSession,
-    CK_ATTRIBUTE_PTR pTemplate,
-    CK_ULONG ulAttributeCount,
-    CK_RV *pError)
-{
-    /* This could be made more efficient.  I'm rather rushed. */
-    NSSArena *arena;
-    NSSCKMDFindObjects *rv = (NSSCKMDFindObjects *)NULL;
-    struct ckcapiFOStr *fo = (struct ckcapiFOStr *)NULL;
-    ckcapiInternalObject **temp = (ckcapiInternalObject **)NULL;
-
-    arena = NSSArena_Create();
-    if ((NSSArena *)NULL == arena) {
-        goto loser;
-    }
-
-    rv = nss_ZNEW(arena, NSSCKMDFindObjects);
-    if ((NSSCKMDFindObjects *)NULL == rv) {
-        *pError = CKR_HOST_MEMORY;
-        goto loser;
-    }
-
-    fo = nss_ZNEW(arena, struct ckcapiFOStr);
-    if ((struct ckcapiFOStr *)NULL == fo) {
-        *pError = CKR_HOST_MEMORY;
-        goto loser;
-    }
-
-    fo->arena = arena;
-    /* fo->n and fo->i are already zero */
-
-    rv->etc = (void *)fo;
-    rv->Final = ckcapi_mdFindObjects_Final;
-    rv->Next = ckcapi_mdFindObjects_Next;
-    rv->null = (void *)NULL;
-
-    fo->n = collect_objects(pTemplate, ulAttributeCount, &temp, pError);
-    if (*pError != CKR_OK) {
-        goto loser;
-    }
-
-    fo->objs = nss_ZNEWARRAY(arena, ckcapiInternalObject *, fo->n);
-    if ((ckcapiInternalObject **)NULL == fo->objs) {
-        *pError = CKR_HOST_MEMORY;
-        goto loser;
-    }
-
-    (void)nsslibc_memcpy(fo->objs, temp, sizeof(ckcapiInternalObject *) * fo->n);
-    nss_ZFreeIf(temp);
-    temp = (ckcapiInternalObject **)NULL;
-
-    return rv;
-
-loser:
-    nss_ZFreeIf(temp);
-    nss_ZFreeIf(fo);
-    nss_ZFreeIf(rv);
-    if ((NSSArena *)NULL != arena) {
-        NSSArena_Destroy(arena);
-    }
-    return (NSSCKMDFindObjects *)NULL;
-}