This is a copy of regalloc_code2_BRANCH from Netscape's private repository,

as it existed in January of 1998.


git-svn-id: svn://10.0.0.236/branches/regalloc_code2_BRANCH@22571 18797224-902f-48f8-a5cc-f745e15eee43

mozilla/ef/Compiler/RegisterAllocator/BitSet.cpp

@@ -0,0 +1,134 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.0 (the "NPL"); you may not use this file except in
+ * compliance with the NPL.  You may obtain a copy of the NPL at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the NPL is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
+ * for the specific language governing rights and limitations under the
+ * NPL.
+ *
+ * The Initial Developer of this code under the NPL is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation.  All Rights
+ * Reserved.
+ */
+
+#include "Fundamentals.h"
+#include "BitSet.h"
+
+// Return the next bit after index set to true or -1 if none.
+//
+Int32 BitSet::nextOne(Int32 pos) const
+{
+	++pos;
+
+	if (pos < 0 || Uint32(pos) >= universeSize)
+		return -1;
+
+	Uint32 offset = getWordOffset(pos);
+	Uint8 index = getBitOffset(pos);
+	Word* ptr = &word[offset];
+	Word currentWord = *ptr++ >> index;
+	
+	if (currentWord != Word(0)) {
+		while ((currentWord & Word(1)) == 0) {
+			++index;
+			currentWord >>= 1;
+		}
+		return (offset << nBitsInWordLog2) + index;
+	}
+
+	Word* limit = &word[getSizeInWords(universeSize)];
+	while (ptr < limit) {
+		++offset;
+		currentWord = *ptr++;
+		if (currentWord != Word(0)) {
+			index = 0;
+			while ((currentWord & Word(1)) == 0) {
+				++index;
+				currentWord >>= 1;
+			}
+			return (offset << nBitsInWordLog2) + index;
+		}
+	}
+	return -1;
+}
+
+// Return the next bit after index set to false or -1 if none.
+//
+Int32 BitSet::nextZero(Int32 pos) const
+{
+	++pos;
+
+	if (pos < 0 || Uint32(pos) >= universeSize)
+		return -1;
+
+	Uint32 offset = getWordOffset(pos);
+	Uint8 index = getBitOffset(pos);
+	Word* ptr = &word[offset];
+	Word currentWord = *ptr++ >> index;
+	
+	if (currentWord != Word(~0)) {
+		for (; index < nBitsInWord; ++index) {
+			if ((currentWord & Word(1)) == 0) {
+				Int32 ret = (offset << nBitsInWordLog2) + index;
+				return (Uint32(ret) < universeSize) ? ret : -1;
+			}
+			currentWord >>= 1;
+		}
+	}
+
+	Word* limit = &word[getSizeInWords(universeSize)];
+	while (ptr < limit) {
+		++offset;
+		currentWord = *ptr++;
+		if (currentWord != Word(~0)) {
+			for (index = 0; index < nBitsInWord; ++index) {
+				if ((currentWord & Word(1)) == 0) {
+					Int32 ret = (offset << nBitsInWordLog2) + index;
+					return (Uint32(ret) < universeSize) ? ret : -1;
+				}
+				currentWord >>= 1;
+			}
+		}
+	}
+	return -1;
+}
+
+#ifdef DEBUG_LOG
+
+// Print the set.
+//
+void BitSet::printPretty(LogModuleObject log)
+{
+	UT_OBJECTLOG(log, PR_LOG_ALWAYS, ("[ "));
+
+	for (Int32 i = firstOne(); i != -1; i = nextOne(i)) {
+		Int32 currentBit = i;
+		UT_OBJECTLOG(log, PR_LOG_ALWAYS, ("%d", currentBit));
+
+		Int32 nextBit = nextOne(currentBit);
+		if (nextBit != currentBit + 1) {
+			UT_OBJECTLOG(log, PR_LOG_ALWAYS, (" "));
+			continue;
+		}
+		  
+		while ((nextBit != -1) && (nextBit == (currentBit + 1))) {
+			currentBit = nextBit;
+			nextBit = nextOne(nextBit);
+		}
+
+		if (currentBit > (i+1))
+			UT_OBJECTLOG(log, PR_LOG_ALWAYS, ("-%d ", currentBit));
+		else
+			UT_OBJECTLOG(log, PR_LOG_ALWAYS, (" %d ", currentBit));
+
+		i = currentBit;
+	}
+	UT_OBJECTLOG(log, PR_LOG_ALWAYS, ("]\n"));
+}
+
+#endif // DEBUG_LOG

mozilla/ef/Compiler/RegisterAllocator/BitSet.h

@@ -0,0 +1,195 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.0 (the "NPL"); you may not use this file except in
+ * compliance with the NPL.  You may obtain a copy of the NPL at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the NPL is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
+ * for the specific language governing rights and limitations under the
+ * NPL.
+ *
+ * The Initial Developer of this code under the NPL is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation.  All Rights
+ * Reserved.
+ */
+
+#ifndef _BITSET_H_
+#define _BITSET_H_
+
+#include "Fundamentals.h"
+#include "LogModule.h"
+#include "Pool.h"
+#include <string.h>
+
+//------------------------------------------------------------------------------
+// BitSet -
+
+class BitSet
+{
+private:
+
+#if (PR_BITS_PER_WORD == 64)
+	typedef Uint64 Word;
+#elif (PR_BITS_PER_WORD == 32)
+	typedef Uint32 Word;
+#endif
+
+	static const nBitsInWord = 		PR_BITS_PER_WORD;
+	static const nBytesInWord = 	PR_BYTES_PER_WORD;
+	static const nBitsInWordLog2 =	PR_BITS_PER_WORD_LOG2;
+	static const nBytesInWordLog2 = PR_BYTES_PER_WORD_LOG2;
+
+	// Return the number of Word need to store the universe.
+	static Uint32 getSizeInWords(Uint32 sizeOfUniverse) {return (sizeOfUniverse + (nBitsInWord - 1)) >> nBitsInWordLog2;}
+	// Return the given element offset in its containing Word.
+	static Uint32 getBitOffset(Uint32 element) {return element & (nBitsInWord - 1);}
+	// Return the Word offset for the given element int the universe.
+	static Uint32 getWordOffset(Uint32 element) {return element >> nBitsInWordLog2;}
+	// Return the mask for the given bit index.
+	static Word getMask(Uint8 index) {return Word(1) << index;}
+	
+private:
+
+	Uint32							universeSize;			// Size of the universe
+	Word*							word;					// universe memory.
+
+private:
+
+	// No copy constructor.
+	BitSet(const BitSet&);
+
+	// Check if the given set's universe is of the same size than this universe.
+	void checkUniverseCompatibility(const BitSet& set) const {assert(set.universeSize == universeSize);}
+	// Check if pos is valid for this set's universe.
+	void checkMember(Int32 pos) const {assert(pos >=0 && Uint32(pos) < universeSize);}
+
+public:
+
+	// Create a bitset of universeSize bits.
+	BitSet(Pool& pool, Uint32 universeSize) : universeSize(universeSize) {word = new(pool) Word[getSizeInWords(universeSize)]; clear();}
+
+	// Return the size of this bitset.
+	Uint32 getSize() const {return universeSize;}
+
+	// Clear the bitset.
+	void clear() {memset(word, 0x00, getSizeInWords(universeSize) << nBytesInWordLog2);}
+	// Clear the bit at index.
+	void clear(Uint32 index) {checkMember(index); word[getWordOffset(index)] &= ~getMask(index);}
+	// Set the bitset.
+	void set() {memset(word, 0xFF, getSizeInWords(universeSize) << nBytesInWordLog2);}
+	// Set the bit at index.
+	void set(Uint32 index) {checkMember(index); word[getWordOffset(index)] |= getMask(index);}
+	// Return true if the bit at index is set.
+	bool test(Uint32 index) const {checkMember(index); return (word[getWordOffset(index)] & getMask(index)) != 0;}
+	// Union with the given bitset.
+	inline void or(const BitSet& set);
+	// Intersection with the given bitset.
+	inline void and(const BitSet& set);
+	// Difference with the given bitset.
+	inline void difference(const BitSet& set);
+	// Copy set.
+	inline BitSet& operator = (const BitSet& set);
+	// Return true if the bitset are identical.
+	friend bool operator == (const BitSet& set1, const BitSet& set2);
+	// Return true if the bitset are different.
+	friend bool operator != (const BitSet& set1, const BitSet& set2);
+
+	// Logical operators.
+	BitSet& operator |= (const BitSet& set) {or(set); return *this;}
+	BitSet& operator &= (const BitSet& set) {and(set); return *this;}
+	BitSet& operator -= (const BitSet& set) {difference(set); return *this;}
+
+	// Return the first bit at set to true or -1 if none.
+	Int32 firstOne() const {return nextOne(-1);}
+	// Return the next bit after index set to true or -1 if none.
+	Int32 nextOne(Int32 pos) const;
+	// Return the first bit at set to false or -1 if none.
+	Int32 firstZero() const {return nextZero(-1);}
+	// Return the next bit after index set to false or -1 if none.
+	Int32 nextZero(Int32 pos) const;
+
+	// Iterator to conform with the set API.
+	typedef Int32 iterator;
+	// Return true if the walk is ordered.
+	static bool isOrdered() {return true;}
+	// Return the iterator for the first element of this set.
+	iterator begin() const {return firstOne();}
+	// Return the next iterator.
+	iterator advance(iterator pos) const {return nextOne(pos);}
+	// Return true if the iterator is at the end of the set.
+	bool done(iterator pos) const {return pos == -1;}
+	// Return the element corresponding to the given iterator.
+	Uint32 get(iterator pos) const {return pos;}
+
+#ifdef DEBUG_LOG
+	// Print the set.
+	void printPretty(LogModuleObject log);
+#endif // DEBUG_LOG
+};
+
+// Union with the given bitset.
+//
+inline void  BitSet::or(const BitSet& set)
+{
+	checkUniverseCompatibility(set);
+	Word* src = set.word;
+	Word* dst = word;
+	Word* limit = &src[getSizeInWords(universeSize)];
+
+	while (src < limit)
+		*dst++ |= *src++;
+}
+
+// Intersection with the given bitset.
+//
+inline void  BitSet::and(const BitSet& set)
+{
+	checkUniverseCompatibility(set);
+	Word* src = set.word;
+	Word* dst = word;
+	Word* limit = &src[getSizeInWords(universeSize)];
+
+	while (src < limit)
+		*dst++ &= *src++;
+}
+
+// Difference with the given bitset.
+//
+inline void BitSet::difference(const BitSet& set)
+{
+	checkUniverseCompatibility(set);
+	Word* src = set.word;
+	Word* dst = word;
+	Word* limit = &src[getSizeInWords(universeSize)];
+
+	while (src < limit)
+		*dst++ &= ~*src++;
+}
+
+// Copy the given set into this set.
+//
+inline BitSet& BitSet::operator = (const BitSet& set)
+{
+	checkUniverseCompatibility(set);
+	if (this != &set)
+		memcpy(word, set.word, getSizeInWords(universeSize) << nBytesInWordLog2);
+	return *this;
+}
+
+// Return true if the given set is identical to this set.
+inline bool operator == (const BitSet& set1, const BitSet& set2)
+{
+	set1.checkUniverseCompatibility(set2);
+
+	if (&set1 == &set2)
+		return true;
+
+	return memcmp(set1.word, set2.word, BitSet::getSizeInWords(set1.universeSize) << BitSet::nBytesInWordLog2) == 0;
+}
+
+inline bool operator != (const BitSet& set1, const BitSet& set2) {return !(set1 == set2);}
+
+#endif // _BITSET_H

mozilla/ef/Compiler/RegisterAllocator/Coalescing.h

@@ -0,0 +1,159 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.0 (the "NPL"); you may not use this file except in
+ * compliance with the NPL.  You may obtain a copy of the NPL at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the NPL is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
+ * for the specific language governing rights and limitations under the
+ * NPL.
+ *
+ * The Initial Developer of this code under the NPL is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation.  All Rights
+ * Reserved.
+ */
+
+#ifndef _COALESCING_H_
+#define _COALESCING_H_
+
+#include "Fundamentals.h"
+#include "Pool.h"
+#include "RegisterPressure.h"
+#include "InterferenceGraph.h"
+#include "ControlGraph.h"
+#include "ControlNodes.h"
+#include "Instruction.h"
+#include "SparseSet.h"
+#include "RegisterAllocator.h"
+#include "RegisterAllocatorTools.h"
+
+#if 1
+// Performing an ultra conservative coalescing meens that when we look at
+// candidates (source,destination) for coalescing we need to make sure
+// that the combined interference of the source and destination register
+// will not exceed the total number of register available for the register
+// class. 
+#define ULTRA_CONSERVATIVE_COALESCING
+#else
+// If we are not doing an ultra conservative coalescing we have to make sure 
+// that the total number of neighbor whose degree is greater than the total 
+// number of register is not greater than the total number of register.
+#undef ULTRA_CONSERVATIVE_COALESCING
+#endif
+
+template <class RegisterPressure>
+struct Coalescing
+{
+	static bool coalesce(RegisterAllocator& registerAllocator);
+};
+
+template <class RegisterPressure>
+bool Coalescing<RegisterPressure>::coalesce(RegisterAllocator& registerAllocator)
+{
+	Pool& pool = registerAllocator.pool;
+
+   	// Initialize the lookup table
+	//
+	Uint32 rangeCount = registerAllocator.rangeCount;
+	RegisterName* newRange = new RegisterName[2 * rangeCount];
+	RegisterName* coalescedRange = &newRange[rangeCount];
+	RegisterName* name2range = registerAllocator.name2range;
+
+	init(coalescedRange, rangeCount);
+
+	SparseSet interferences(pool, rangeCount);
+	InterferenceGraph<RegisterPressure>& iGraph = registerAllocator.iGraph;
+	bool removedInstructions = false;
+
+	ControlGraph& controlGraph = registerAllocator.controlGraph;
+	ControlNode** nodes = controlGraph.lndList;
+	Uint32 nNodes = controlGraph.nNodes;
+
+
+	// Walk the nodes in the loop nesting depth list.
+	for (Int32 n = nNodes - 1; n >= 0; n--) {
+		InstructionList& instructions = nodes[n]->getInstructions();
+
+		InstructionList::iterator it = instructions.begin();
+		while (!instructions.done(it)) {
+			Instruction& instruction = instructions.get(it);
+			it = instructions.advance(it);
+
+			if ((instruction.getFlags() & ifCopy) != 0) {
+				assert(instruction.getInstructionUseBegin() != instruction.getInstructionUseEnd() && instruction.getInstructionUseBegin()[0].isRegister());
+				assert(instruction.getInstructionDefineBegin() != instruction.getInstructionDefineEnd() && instruction.getInstructionDefineBegin()[0].isRegister());
+
+				RegisterName source = findRoot(name2range[instruction.getInstructionUseBegin()[0].getRegisterName()], coalescedRange);
+				RegisterName destination = findRoot(name2range[instruction.getInstructionDefineBegin()[0].getRegisterName()], coalescedRange);
+
+				if (source == destination) {
+					instruction.remove();
+				} else if (!iGraph.interfere(source, destination)) {
+					InterferenceVector* sourceVector = iGraph.getInterferenceVector(source);
+					InterferenceVector* destinationVector = iGraph.getInterferenceVector(destination);
+
+#ifdef ULTRA_CONSERVATIVE_COALESCING
+					interferences.clear();
+
+					InterferenceVector* vector;
+					for (vector = sourceVector; vector != NULL; vector = vector->next) {
+						RegisterName* neighbors = vector->neighbors;
+						for (Uint32 i = 0; i < vector->count; i++)
+							interferences.set(findRoot(neighbors[i], coalescedRange));
+					}
+					for (vector = destinationVector; vector != NULL; vector = vector->next) {
+						RegisterName* neighbors = vector->neighbors;
+						for (Uint32 i = 0; i < vector->count; i++)
+							interferences.set(findRoot(neighbors[i], coalescedRange));
+					}
+
+					Uint32 count = interferences.getSize();
+#else // ULTRA_CONSERVATIVE_COALESCING
+					trespass("not implemented");
+					Uint32 count = 0;
+#endif // ULTRA_CONSERVATIVE_COALESCING
+
+					if (count < 6 /* FIX: should get the number from the class */) {
+						// Update the interferences vector.
+						if (sourceVector == NULL) {
+							iGraph.setInterferenceVector(source, destinationVector);
+							sourceVector = destinationVector;
+						} else if (destinationVector == NULL)
+							iGraph.setInterferenceVector(destination, sourceVector);
+						else {
+							InterferenceVector* last = NULL;
+							for (InterferenceVector* v = sourceVector; v != NULL; v = v->next)
+								last = v;
+							assert(last);
+							last->next = destinationVector;
+							iGraph.setInterferenceVector(destination, sourceVector);
+						}
+						// Update the interference matrix.
+						for (InterferenceVector* v = sourceVector; v != NULL; v = v->next) {
+							RegisterName* neighbors = v->neighbors;
+							for (Uint32 i = 0; i < v->count; i++) {
+								RegisterName neighbor = findRoot(neighbors[i], coalescedRange);
+								iGraph.setInterference(neighbor, source);
+								iGraph.setInterference(neighbor, destination);
+							}
+						}
+
+						instruction.remove();
+						coalescedRange[source] = destination;
+						removedInstructions = true;
+					}
+				}
+			}
+		}
+	}
+
+	registerAllocator.rangeCount = compress(registerAllocator.name2range, coalescedRange, registerAllocator.nameCount, rangeCount);
+	delete newRange;
+
+	return removedInstructions;
+}
+
+#endif // _COALESCING_H_

mozilla/ef/Compiler/RegisterAllocator/Coloring.cpp

@@ -0,0 +1,283 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.0 (the "NPL"); you may not use this file except in
+ * compliance with the NPL.  You may obtain a copy of the NPL at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the NPL is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
+ * for the specific language governing rights and limitations under the
+ * NPL.
+ *
+ * The Initial Developer of this code under the NPL is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation.  All Rights
+ * Reserved.
+ */
+
+#ifndef NEW_LAURENTM_CODE
+
+#include "Coloring.h"
+#include "VirtualRegister.h"
+#include "FastBitSet.h"
+#include "FastBitMatrix.h"
+#include "CpuInfo.h"
+
+bool Coloring::
+assignRegisters(FastBitMatrix& interferenceMatrix)
+{
+  PRUint32 *stackPtr = new(pool) PRUint32[vRegManager.count()];
+
+  return select(interferenceMatrix, stackPtr, simplify(interferenceMatrix, stackPtr));
+}
+
+PRInt32 Coloring::
+getLowestSpillCostRegister(FastBitSet& bitset)
+{
+  PRInt32 lowest = bitset.firstOne();
+  if (lowest != -1)
+	{
+	  Flt32 cost = vRegManager.getVirtualRegister(lowest).spillInfo.spillCost;
+	  for (PRInt32 r = bitset.nextOne(lowest); r != -1; r = bitset.nextOne(r))
+		{
+		  VirtualRegister& vReg = vRegManager.getVirtualRegister(r);
+		  if (!vReg.spillInfo.infiniteSpillCost && (vReg.spillInfo.spillCost < cost))
+			{
+			  cost = vReg.spillInfo.spillCost;
+			  lowest = r;
+			}
+		}
+	}
+  return lowest;
+}
+
+PRUint32* Coloring::
+simplify(FastBitMatrix interferenceMatrix, PRUint32* stackPtr)
+{
+  // first we construct the sets low and high. low contains all nodes of degree
+  // inferior to the number of register available on the processor. All the
+  // nodes with an high degree and a finite spill cost are placed in high.
+  // Nodes of high degree and infinite spill cost are not included in either sets.
+
+  PRUint32 nRegisters = vRegManager.count();
+  FastBitSet low(pool, nRegisters);
+  FastBitSet high(pool, nRegisters);
+  FastBitSet stack(pool, nRegisters);
+
+  for (VirtualRegisterManager::iterator i = vRegManager.begin(); !vRegManager.done(i); i = vRegManager.advance(i))
+	{
+	  VirtualRegister& vReg = vRegManager.getVirtualRegister(i);
+	  
+	  if (vReg.getClass() == vrcStackSlot)
+		{
+		  stack.set(i);
+		  vReg.colorRegister(nRegisters);
+		}
+	  else
+		{
+		  if (vReg.colorInfo.interferenceDegree < NUMBER_OF_REGISTERS)
+			low.set(i);
+		  else // if (!vReg.spillInfo.infiniteSpillCost)
+			high.set(i);
+
+		  // Set coloring info.
+		  vReg.spillInfo.willSpill = false;
+
+		  switch(vReg.getClass())
+			{
+			case vrcInteger:
+			  vReg.colorRegister(LAST_GREGISTER + 1);
+			  break;
+			case vrcFloatingPoint:
+			case vrcFixedPoint:
+			  vReg.colorRegister(LAST_FPREGISTER + 1);
+			  break;
+			default:
+			  PR_ASSERT(false); // Cannot happen.
+			}
+		}
+	}
+
+  // push the stack registers
+  PRInt32 j;
+  for (j = stack.firstOne(); j != -1; j = stack.nextOne(j))
+	*stackPtr++ = j;
+
+  // simplify
+  while (true)
+	{
+	  PRInt32 r;
+	  while ((r = getLowestSpillCostRegister(low)) != -1)
+		{
+		  VirtualRegister& vReg = vRegManager.getVirtualRegister(r);
+
+		  /* update low and high */
+		  FastBitSet inter(interferenceMatrix.getRow(r), nRegisters);
+		  for (j = inter.firstOne(); j != -1; j = inter.nextOne(j))
+			{
+			  VirtualRegister& neighbor = vRegManager.getVirtualRegister(j);
+			  // if the new interference degree of one of his neighbor becomes
+			  // NUMBER_OF_REGISTERS - 1 then it is added to the set 'low'.
+			  
+			  PRUint32 maxInterference = 0;
+			  switch (neighbor.getClass())
+				{
+				case vrcInteger:
+				  maxInterference = NUMBER_OF_GREGISTERS;
+				  break;
+				case vrcFloatingPoint:
+				case vrcFixedPoint:
+				  maxInterference = NUMBER_OF_FPREGISTERS;
+				  break;
+				default:
+				  PR_ASSERT(false);
+				}
+			  if ((vRegManager.getVirtualRegister(j).colorInfo.interferenceDegree-- == maxInterference))
+				{
+				  high.clear(j);
+				  low.set(j);
+				}
+			  vReg.colorInfo.interferenceDegree--;
+			  interferenceMatrix.clear(r, j);
+			  interferenceMatrix.clear(j, r);
+			}
+		  low.clear(r);
+
+		  // Push this register.
+		  *stackPtr++ = r;
+		}
+	  if ((r = getLowestSpillCostRegister(high)) != -1)
+		{
+		  high.clear(r);
+		  low.set(r);
+		}
+	  else
+		break;
+	}
+
+  return stackPtr;
+}
+
+bool Coloring::
+select(FastBitMatrix& interferenceMatrix, PRUint32* stackBase, PRUint32* stackPtr)
+{
+  PRUint32 nRegisters = vRegManager.count();
+  FastBitSet usedRegisters(NUMBER_OF_REGISTERS + 1); // usedRegisters if used for both GR & FPR.
+  FastBitSet preColoredRegisters(NUMBER_OF_REGISTERS + 1);
+  FastBitSet usedStack(nRegisters + 1);
+  bool success = true;
+  Int32 lastUsedSSR = -1;
+
+  // select
+  while (stackPtr != stackBase)
+	{
+	  // Pop one register.
+	  PRUint32 r = *--stackPtr;
+	  VirtualRegister& vReg = vRegManager.getVirtualRegister(r);
+
+	  FastBitSet neighbors(interferenceMatrix.getRow(r), nRegisters);
+		  
+	  if (vReg.getClass() == vrcStackSlot)
+		// Stack slots coloring.
+		{
+		  usedStack.clear();
+
+		  for (PRInt32 i = neighbors.firstOne(); i != -1; i = neighbors.nextOne(i))
+			usedStack.set(vRegManager.getVirtualRegister(i).getColor());
+
+		  Int32 color = usedStack.firstZero();
+		  vReg.colorRegister(color);
+		  if (color > lastUsedSSR)
+			  lastUsedSSR = color;
+		}
+	  else
+		// Integer & Floating point register coloring.
+		{
+		  usedRegisters.clear();
+		  preColoredRegisters.clear();
+		  
+		  for (PRInt32 i = neighbors.firstOne(); i != -1; i = neighbors.nextOne(i))
+			{
+			  VirtualRegister& nvReg = vRegManager.getVirtualRegister(i);
+			  usedRegisters.set(nvReg.getColor());
+			  if (nvReg.isPreColored())
+				preColoredRegisters.set(nvReg.getPreColor());
+			}
+		  if (vReg.hasSpecialInterference)
+			usedRegisters |= vReg.specialInterference;
+
+		  PRInt8 c = -1;
+		  PRInt8 maxColor = 0;
+		  PRInt8 firstColor = 0;
+		  switch (vReg.getClass())
+			{
+			case vrcInteger:
+			  firstColor = FIRST_GREGISTER;
+			  maxColor = LAST_GREGISTER;
+			  break;
+			case vrcFloatingPoint:
+			case vrcFixedPoint:
+			  firstColor = FIRST_FPREGISTER;
+			  maxColor = LAST_FPREGISTER;
+			  break;
+			default:
+			  PR_ASSERT(false);
+			}
+
+		  if (vReg.isPreColored())
+			{
+			  c = vReg.getPreColor();
+			  if (usedRegisters.test(c))
+				c = -1;
+			}
+		  else
+			{
+			  for (c = usedRegisters.nextZero(firstColor - 1); (c >= 0) && (c <= maxColor) && (preColoredRegisters.test(c)); 
+				   c = usedRegisters.nextZero(c)) {}
+			}
+
+		  if ((c >= 0) && (c <= maxColor))
+			{
+			  vReg.colorRegister(c);
+			}
+		  else
+			{
+			  VirtualRegister& stackRegister = vRegManager.newVirtualRegister(vrcStackSlot);
+			  vReg.equivalentRegister[vrcStackSlot] = &stackRegister;	  
+			  vReg.spillInfo.willSpill = true;
+			  success = false;
+			}
+		}
+	}
+  
+#ifdef DEBUG
+  if (success)
+	{
+	  for (VirtualRegisterManager::iterator i = vRegManager.begin(); !vRegManager.done(i); i = vRegManager.advance(i))
+		{
+		  VirtualRegister& vReg = vRegManager.getVirtualRegister(i);
+		  switch (vReg.getClass())
+			{
+			case vrcInteger:
+			  if (vReg.getColor() > LAST_GREGISTER)
+				PR_ASSERT(false);
+			  break;
+			case vrcFloatingPoint:
+			case vrcFixedPoint:
+#if NUMBER_OF_FPREGISTERS != 0
+			  if (vReg.getColor() > LAST_FPREGISTER)
+				PR_ASSERT(false);
+#endif
+			  break;
+			default:
+			  break;
+			}
+		}
+	}
+#endif
+
+  vRegManager.nUsedStackSlots = lastUsedSSR + 1;
+  return success;
+}
+#endif // NEW_LAURENTM_CODE

mozilla/ef/Compiler/RegisterAllocator/Coloring.h

@@ -0,0 +1,284 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.0 (the "NPL"); you may not use this file except in
+ * compliance with the NPL.  You may obtain a copy of the NPL at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the NPL is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
+ * for the specific language governing rights and limitations under the
+ * NPL.
+ *
+ * The Initial Developer of this code under the NPL is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation.  All Rights
+ * Reserved.
+ */
+
+#include "Fundamentals.h"
+#include "ControlGraph.h"
+#include "ControlNodes.h"
+#include "Instruction.h"
+#include "RegisterAllocator.h"
+#include "VirtualRegister.h"
+#include "InterferenceGraph.h"
+#include "SparseSet.h"
+#include "Spilling.h"
+#include "Splits.h"
+
+UT_EXTERN_LOG_MODULE(RegAlloc);
+
+template <class RegisterPressure>
+class Coloring
+{
+private:
+	static RegisterName* simplify(RegisterAllocator& registerAllocator, RegisterName* coloringStack);
+	static bool select(RegisterAllocator& registerAllocator, RegisterName* coloringStack, RegisterName* coloringStackPtr);
+
+public:
+	static bool color(RegisterAllocator& registerAllocator);
+	static void finalColoring(RegisterAllocator& registerAllocator);
+};
+
+
+template <class RegisterPressure>
+void Coloring<RegisterPressure>::finalColoring(RegisterAllocator& registerAllocator)
+{
+	RegisterName* color = registerAllocator.color;
+	RegisterName* name2range = registerAllocator.name2range;
+
+	ControlGraph& controlGraph = registerAllocator.controlGraph;
+	ControlNode** nodes = controlGraph.dfsList;
+	Uint32 nNodes = controlGraph.nNodes;
+
+	for (Uint32 n = 0; n < nNodes; n++) {
+		InstructionList& instructions = nodes[n]->getInstructions();
+
+		for (InstructionList::iterator i = instructions.begin(); !instructions.done(i); i = instructions.advance(i)) {
+			Instruction& instruction = instructions.get(i);
+
+			InstructionUse* useEnd = instruction.getInstructionUseEnd();
+			for (InstructionUse* usePtr = instruction.getInstructionUseBegin(); usePtr < useEnd; usePtr++)
+				if (usePtr->isRegister()) {
+					usePtr->setRegisterName(color[name2range[usePtr->getRegisterName()]]);
+#ifdef DEBUG
+					RegisterID rid = usePtr->getRegisterID();
+					setColoredRegister(rid);
+					usePtr->setRegisterID(rid);
+#endif // DEBUG
+				}
+
+			InstructionDefine* defineEnd = instruction.getInstructionDefineEnd();
+			for (InstructionDefine* definePtr = instruction.getInstructionDefineBegin(); definePtr < defineEnd; definePtr++)
+				if (definePtr->isRegister()) {
+					definePtr->setRegisterName(color[name2range[definePtr->getRegisterName()]]);
+#ifdef DEBUG
+					RegisterID rid = definePtr->getRegisterID();
+					setColoredRegister(rid);
+					definePtr->setRegisterID(rid);
+#endif // DEBUG
+				}
+		}
+	}
+}
+
+template <class RegisterPressure>
+bool Coloring<RegisterPressure>::select(RegisterAllocator& registerAllocator, RegisterName* coloringStack, RegisterName* coloringStackPtr)
+{
+	Uint32 rangeCount = registerAllocator.rangeCount;
+	RegisterName* color = new RegisterName[rangeCount];
+	registerAllocator.color = color;
+
+	for (Uint32 r = 1; r < rangeCount; r++)
+		color[r] = RegisterName(6); // FIX;
+
+	// Color the preColored registers.
+	//
+	VirtualRegisterManager& vrManager = registerAllocator.vrManager;
+	RegisterName* name2range = registerAllocator.name2range;
+	PreColoredRegister* machineEnd = vrManager.getMachineRegistersEnd();
+	for (PreColoredRegister* machinePtr = vrManager.getMachineRegistersBegin(); machinePtr < machineEnd; machinePtr++)
+		if (machinePtr->id != invalidID) {
+			color[name2range[getName(machinePtr->id)]] = machinePtr->color;
+			UT_OBJECTLOG(UT_LOG_MODULE(RegAlloc), PR_LOG_ALWAYS, ("\twill preColor range %d as %d\n", name2range[getName(machinePtr->id)], machinePtr->color));
+		}
+
+	SpillCost* cost = registerAllocator.spillCost;
+	Pool& pool = registerAllocator.pool;
+	SparseSet& spill = *new(pool) SparseSet(pool, rangeCount);
+	registerAllocator.willSpill = &spill;
+	SparseSet neighborColors(pool, 6); // FIX
+	InterferenceGraph<RegisterPressure>& iGraph = registerAllocator.iGraph;
+
+	bool coloringFailed = false;
+	while (coloringStackPtr > coloringStack) {
+		RegisterName range = *--coloringStackPtr;
+
+		if (!cost[range].infinite && cost[range].cost < 0) {
+			coloringFailed = true;
+			spill.set(range);
+			UT_OBJECTLOG(UT_LOG_MODULE(RegAlloc), PR_LOG_ALWAYS, ("\tfailed to color %d, will spill.\n", range));
+		} else {
+			neighborColors.clear();
+
+			for (InterferenceVector* vector = iGraph.getInterferenceVector(range); vector != NULL; vector = vector->next)
+				for (Int32 i = vector->count - 1; i >= 0; --i) {
+					RegisterName neighborColor = color[vector->neighbors[i]];
+					if (neighborColor < 6) // FIX
+						neighborColors.set(neighborColor);
+				}
+
+			if (neighborColors.getSize() == 6) { // FIX
+				coloringFailed = true;
+				UT_OBJECTLOG(UT_LOG_MODULE(RegAlloc), PR_LOG_ALWAYS, ("\tfailed to color %d, ", range));
+
+				if (!Splits<RegisterPressure>::findSplit(registerAllocator, color, range)) {
+					UT_OBJECTLOG(UT_LOG_MODULE(RegAlloc), PR_LOG_ALWAYS, ("will spill.\n"));
+					spill.set(range);
+				} else
+					UT_OBJECTLOG(UT_LOG_MODULE(RegAlloc), PR_LOG_ALWAYS, ("will split.\n"));
+			} else {
+				for (Uint32 i = 0; i < 6; i++) // FIX
+					if (!neighborColors.test(i)) {
+						fprintf(stdout, "\twill color %d as %d\n", range, i);
+						color[range] = RegisterName(i);
+						break;
+					}
+			}
+		}
+	}
+
+#ifdef DEBUG_LOG
+	if (coloringFailed) {
+		UT_OBJECTLOG(UT_LOG_MODULE(RegAlloc), PR_LOG_ALWAYS, ("Coloring failed:\n"));
+		UT_OBJECTLOG(UT_LOG_MODULE(RegAlloc), PR_LOG_ALWAYS, ("\twill spill: "));
+		spill.printPretty(UT_LOG_MODULE(RegAlloc));
+	} else {
+		UT_OBJECTLOG(UT_LOG_MODULE(RegAlloc), PR_LOG_ALWAYS, ("Coloring succeeded:\n"));
+		for (Uint32 i = 1; i < rangeCount; i++)
+			UT_OBJECTLOG(UT_LOG_MODULE(RegAlloc), PR_LOG_ALWAYS, ("\trange %d colored as %d\n", i, color[i]));
+	}
+#endif
+
+	return !coloringFailed;
+}
+
+template <class RegisterPressure>
+RegisterName* Coloring<RegisterPressure>::simplify(RegisterAllocator& registerAllocator, RegisterName* coloringStack)
+{
+	InterferenceGraph<RegisterPressure>& iGraph = registerAllocator.iGraph;
+	SpillCost* spillCost = registerAllocator.spillCost;
+	Uint32 rangeCount = registerAllocator.rangeCount;
+
+	Uint32* degree = new Uint32[rangeCount];
+	for (RegisterName i = RegisterName(1); i < rangeCount; i = RegisterName(i + 1)) {
+		InterferenceVector* vector = iGraph.getInterferenceVector(i);
+		degree[i] = (vector != NULL) ? vector->count : 0;
+	}
+
+	Pool& pool = registerAllocator.pool;
+	SparseSet low(pool, rangeCount);
+	SparseSet high(pool, rangeCount);
+	SparseSet highInfinite(pool, rangeCount);
+	SparseSet preColored(pool, rangeCount);
+
+	// Get the precolored registers.
+	//
+	VirtualRegisterManager& vrManager = registerAllocator.vrManager;
+	RegisterName* name2range = registerAllocator.name2range;
+	PreColoredRegister* machineEnd = vrManager.getMachineRegistersEnd();
+	for (PreColoredRegister* machinePtr = vrManager.getMachineRegistersBegin(); machinePtr < machineEnd; machinePtr++)
+		if (machinePtr->id != invalidID)
+			preColored.set(name2range[getName(machinePtr->id)]);
+
+	// Insert the live ranges in the sets.
+	//
+	for (Uint32 range = 1; range < rangeCount; range++)
+		if (!preColored.test(range))
+			if (degree[range] < 6) // FIX
+				low.set(range);
+			else if (!spillCost[range].infinite)
+				high.set(range);
+			else
+				highInfinite.set(range);
+
+#ifdef DEBUG_LOG
+	UT_OBJECTLOG(UT_LOG_MODULE(RegAlloc), PR_LOG_ALWAYS, ("Coloring sets:\n\tlow = "));
+	low.printPretty(UT_LOG_MODULE(RegAlloc));
+	UT_OBJECTLOG(UT_LOG_MODULE(RegAlloc), PR_LOG_ALWAYS, ("\thigh = "));
+	high.printPretty(UT_LOG_MODULE(RegAlloc));
+	UT_OBJECTLOG(UT_LOG_MODULE(RegAlloc), PR_LOG_ALWAYS, ("\thighInfinite = "));
+	highInfinite.printPretty(UT_LOG_MODULE(RegAlloc));
+	UT_OBJECTLOG(UT_LOG_MODULE(RegAlloc), PR_LOG_ALWAYS, ("\tpreColored = "));
+	preColored.printPretty(UT_LOG_MODULE(RegAlloc));
+#endif // DEBUG_LOG
+
+	RegisterName* coloringStackPtr = coloringStack;
+
+	while (low.getSize() != 0 || high.getSize() != 0) {
+		while (low.getSize() != 0) {
+			RegisterName range = RegisterName(low.getOne());
+			low.clear(range);
+			*coloringStackPtr++ = range;
+
+			for (InterferenceVector* vector = iGraph.getInterferenceVector(range); vector != NULL; vector = vector->next)
+				for (Int32 i = (vector->count - 1); i >= 0; --i) {
+					RegisterName neighbor = vector->neighbors[i];
+					degree[neighbor]--;
+
+					if (degree[neighbor] < 6) // FIX
+						if (high.test(neighbor)) {
+							high.clear(neighbor);
+							low.set(neighbor);
+						} else if (highInfinite.test(neighbor)) {
+							highInfinite.clear(neighbor);
+							low.set(neighbor);
+						}
+				}
+		}
+
+		if (high.getSize() != 0) {
+			RegisterName best = RegisterName(high.getOne());
+			double bestCost = spillCost[best].cost;
+			double bestDegree = degree[best];
+
+			// Choose the next best candidate.
+			//
+			for (SparseSet::iterator i = high.begin(); !high.done(i); i = high.advance(i)) {
+				RegisterName range = RegisterName(high.get(i));
+				double thisCost = spillCost[range].cost;
+				double thisDegree = degree[range];
+
+				if (thisCost * bestDegree < bestCost * thisDegree) {
+					best = range;
+					bestCost = thisCost;
+					bestDegree = thisDegree;
+				}
+			}
+			
+			high.clear(best);
+			low.set(best);
+		}
+ 	}
+	assert(highInfinite.getSize() == 0);
+
+	delete degree;
+
+#ifdef DEBUG_LOG
+	UT_OBJECTLOG(UT_LOG_MODULE(RegAlloc), PR_LOG_ALWAYS, ("Coloring stack:\n\t"));
+	for (RegisterName* sp = coloringStack; sp < coloringStackPtr; ++sp)
+		UT_OBJECTLOG(UT_LOG_MODULE(RegAlloc), PR_LOG_ALWAYS, ("%d ", *sp));
+	UT_OBJECTLOG(UT_LOG_MODULE(RegAlloc), PR_LOG_ALWAYS, ("\n"));
+#endif // DEBUG_LOG
+
+	return coloringStackPtr;
+}
+
+
+template <class RegisterPressure>
+bool Coloring<RegisterPressure>::color(RegisterAllocator& registerAllocator)
+{
+	RegisterName* coloringStack = new RegisterName[registerAllocator.rangeCount];
+	return select(registerAllocator, coloringStack, simplify(registerAllocator, coloringStack));
+}

mozilla/ef/Compiler/RegisterAllocator/DominatorGraph.cpp

@@ -0,0 +1,212 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.0 (the "NPL"); you may not use this file except in
+ * compliance with the NPL.  You may obtain a copy of the NPL at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the NPL is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
+ * for the specific language governing rights and limitations under the
+ * NPL.
+ *
+ * The Initial Developer of this code under the NPL is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation.  All Rights
+ * Reserved.
+ */
+
+#include "Fundamentals.h"
+#include <string.h>
+#include "ControlGraph.h"
+#include "ControlNodes.h"
+
+#include "DominatorGraph.h"
+
+DominatorGraph::DominatorGraph(ControlGraph& controlGraph) : controlGraph(controlGraph)
+{
+	Uint32 nNodes = controlGraph.nNodes;
+
+	GtoV = new Uint32[nNodes + 1];
+	VtoG = new Uint32[nNodes + 1];
+
+	Uint32 v = 1;
+	for (Uint32 n = 0; n < nNodes; n++) {
+		VtoG[v] = n;
+		GtoV[n] = v++;
+	}
+
+	// Initialize all the 1-based arrays.
+	//
+	parent =	new Uint32[v];
+	semi =		new Uint32[v];
+	vertex =	new Uint32[v];
+	label =		new Uint32[v];
+	size =		new Uint32[v];
+	ancestor =	new Uint32[v];
+	child =		new Uint32[v];
+	dom =		new Uint32[v];
+	bucket =	new DGLinkedList*[v];
+
+	memset(semi, '\0', v * sizeof(Uint32));
+	memset(bucket, '\0', v * sizeof(DGLinkedList*));
+
+	vCount = v;
+
+	build();
+
+	delete parent;
+	delete semi;
+	delete vertex;
+	delete label;
+	delete size;
+	delete ancestor;
+	delete child;
+	delete dom;
+	delete bucket;
+}
+
+Uint32 DominatorGraph::DFS(Uint32 vx, Uint32 n)
+{
+	semi[vx] = ++n;
+	vertex[n] = label[vx] = vx;
+	ancestor[vx] = child[vx] = 0;
+	size[vx] = 1;
+
+
+	ControlNode& node = *controlGraph.dfsList[VtoG[vx]];
+	ControlEdge* successorEnd = node.getSuccessorsEnd();
+	for (ControlEdge* successorPtr = node.getSuccessorsBegin(); successorPtr < successorEnd; successorPtr++) {
+		Uint32 w = GtoV[successorPtr->getTarget().dfsNum];
+		if (semi[w] == 0) {
+			parent[w] = vx;
+			n = DFS(w, n);
+		}
+	}
+	return n;
+}
+
+void DominatorGraph::LINK(Uint32 vx, Uint32 w)
+{
+    Uint32 s = w;
+
+	while (semi[label[w]] < semi[label[child[s]]]) {
+		if (size[s] + size[child[child[s]]] >= (size[child[s]] << 1)) {
+			ancestor[child[s]] = s;
+			child[s] = child[child[s]];
+		} else {
+			size[child[s]] = size[s];
+			s = ancestor[s] = child[s];
+		}
+	}
+	label[s] = label[w];
+	size[vx] += size[w];
+	if(size[vx] < (size[w] << 1)) {
+		Uint32 t = s;
+		s = child[vx]; 
+		child[vx] = t;
+	}
+	while( s != 0 ) {
+		ancestor[s] = vx;
+		s = child[s];
+	}
+}
+
+
+void DominatorGraph::COMPRESS(Uint32 vx)
+{
+	if(ancestor[ancestor[vx]] != 0) {
+		COMPRESS(ancestor[vx]);
+		if(semi[label[ancestor[vx]]] < semi[label[vx]])
+			label[vx] = label[ancestor[vx]];
+		ancestor[vx] = ancestor[ancestor[vx]];
+	}
+}
+
+Uint32 DominatorGraph::EVAL(Uint32 vx)
+{
+	if(ancestor[vx] == 0) 
+		return label[vx];
+	COMPRESS(vx);
+	return (semi[label[ancestor[vx]]] >= semi[label[vx]]) ? label[vx] : label[ancestor[vx]];
+}
+
+void DominatorGraph::build()
+{
+	Uint32 n = DFS(GtoV[0], 0);
+	size[0] = label[0] = semi[0];
+
+	for (Uint32 i = n; i >= 2; i--) {
+		Uint32 w = vertex[i];
+
+		ControlNode& node = *controlGraph.dfsList[VtoG[w]];
+		const DoublyLinkedList<ControlEdge>& predecessors = node.getPredecessors();
+		for (DoublyLinkedList<ControlEdge>::iterator p = predecessors.begin(); !predecessors.done(p); p = predecessors.advance(p)) {
+			Uint32 vx = GtoV[predecessors.get(p).getSource().dfsNum];
+			Uint32 u = EVAL(vx);
+
+			if(semi[u] < semi[w])
+				semi[w] = semi[u];
+		}
+
+		DGLinkedList* elem = new DGLinkedList();
+		elem->next = bucket[vertex[semi[w]]];
+		elem->index = w;
+		bucket[vertex[semi[w]]] = elem;
+
+		LINK(parent[w], w);
+
+		elem = bucket[parent[w]];
+		while(elem != NULL) {
+			Uint32 vx = elem->index;
+			Uint32 u = EVAL(vx);
+			dom[vx] = (semi[u] < semi[vx]) ? u : parent[w];
+			elem = elem->next;
+		}
+	}
+
+	memset(size, '\0', n * sizeof(Uint32));
+	Pool& pool = controlGraph.pool;
+	nodes = new(pool) DGNode[n];
+
+	for(Uint32 j = 2; j <= n; j++) {
+		Uint32 w = vertex[j];
+		Uint32 d = dom[w];
+		if(d != vertex[semi[w]]) {
+			d = dom[d];
+			dom[w] = d;
+		}
+		size[d]++;
+	}
+	dom[GtoV[0]] = 0;
+
+	for (Uint32 k = 1; k <= n; k++) {
+		DGNode& node = nodes[VtoG[k]];
+		Uint32 count = size[k];
+		node.successorsEnd = node.successorsBegin = (count) ? new(pool) Uint32[count] : (Uint32*) 0;
+	}
+
+	for (Uint32 l = 2; l <= n; l++)
+		*(nodes[VtoG[dom[l]]].successorsEnd)++ = VtoG[l];
+}
+
+#ifdef DEBUG_LOG
+void DominatorGraph::printPretty(LogModuleObject log)
+{
+	UT_OBJECTLOG(log, PR_LOG_ALWAYS, ("Dominator Graph:\n"));
+	Uint32 nNodes = controlGraph.nNodes;
+	for (Uint32 i = 0; i < nNodes; i++) {
+		DGNode& node = nodes[i];
+		if (node.successorsBegin !=  node.successorsEnd) {
+			UT_OBJECTLOG(log, PR_LOG_ALWAYS, ("\tN%d dominates ", i));
+			for (Uint32* successorsPtr = node.successorsBegin; successorsPtr < node.successorsEnd; successorsPtr++)
+				UT_OBJECTLOG(log, PR_LOG_ALWAYS, ("N%d ", *successorsPtr));
+			UT_OBJECTLOG(log, PR_LOG_ALWAYS, ("\n"));
+		}
+	}
+}
+
+#endif // DEBUG_LOG
+
+
+

mozilla/ef/Compiler/RegisterAllocator/DominatorGraph.h

@@ -0,0 +1,80 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.0 (the "NPL"); you may not use this file except in
+ * compliance with the NPL.  You may obtain a copy of the NPL at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the NPL is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
+ * for the specific language governing rights and limitations under the
+ * NPL.
+ *
+ * The Initial Developer of this code under the NPL is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation.  All Rights
+ * Reserved.
+ */
+
+#ifndef _DOMINATOR_GRAPH_H_
+#define _DOMINATOR_GRAPH_H_
+
+#include "LogModule.h"
+
+class ControlGraph;
+
+struct DGNode
+{
+	Uint32* successorsBegin;
+	Uint32* successorsEnd;
+};
+
+struct DGLinkedList
+{
+	DGLinkedList* next;
+	Uint32 index;
+};
+
+class DominatorGraph
+{
+private:
+
+	ControlGraph&	controlGraph;
+
+	Uint32			vCount;
+
+	Uint32*			VtoG;
+	Uint32*			GtoV;
+	Uint32*			parent;
+	Uint32*			semi;
+	Uint32*			vertex;
+	Uint32*			label;
+	Uint32*			size;
+	Uint32*			ancestor;
+	Uint32*			child;
+	Uint32*			dom;
+	DGLinkedList**	bucket;
+	DGNode*			nodes;
+	
+private:
+
+	void build();
+
+	Uint32 DFS(Uint32 vx, Uint32 n);
+	void LINK(Uint32 vx, Uint32 w);
+	void COMPRESS(Uint32 vx);
+	Uint32 EVAL(Uint32 vx);
+
+public:
+
+	DominatorGraph(ControlGraph& controlGraph);
+
+	Uint32* getSuccessorsBegin(Uint32 n) const {return nodes[n].successorsBegin;}
+	Uint32* getSuccessorsEnd(Uint32 n) const {return nodes[n].successorsEnd;}
+
+#ifdef DEBUG_LOG
+	void printPretty(LogModuleObject log);
+#endif // DEBUG_LOG
+};
+
+#endif // _DOMINATOR_GRAPH_H_

mozilla/ef/Compiler/RegisterAllocator/HashSet.cpp

@@ -0,0 +1,20 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.0 (the "NPL"); you may not use this file except in
+ * compliance with the NPL.  You may obtain a copy of the NPL at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the NPL is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
+ * for the specific language governing rights and limitations under the
+ * NPL.
+ *
+ * The Initial Developer of this code under the NPL is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation.  All Rights
+ * Reserved.
+ */
+
+#include "Fundamentals.h"
+#include "HashSet.h"

mozilla/ef/Compiler/RegisterAllocator/HashSet.h

@@ -0,0 +1,97 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.0 (the "NPL"); you may not use this file except in
+ * compliance with the NPL.  You may obtain a copy of the NPL at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the NPL is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
+ * for the specific language governing rights and limitations under the
+ * NPL.
+ *
+ * The Initial Developer of this code under the NPL is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation.  All Rights
+ * Reserved.
+ */
+
+#ifndef _HASH_SET_H_
+#define _HASH_SET_H_
+
+#include "Fundamentals.h"
+#include "Pool.h"
+#include <string.h>
+
+struct HashSetElement
+{
+	Uint32 index;
+	HashSetElement* next;
+};
+
+class HashSet
+{
+private:
+
+	static const hashSize = 64;
+
+	// Return the hash code for the given element index.
+	static Uint32 getHashCode(Uint32 index) {return index & (hashSize - 1);} // Could be better !
+
+private:
+
+	Pool&					allocationPool;
+	HashSetElement**		bucket;
+	HashSetElement*			free;
+
+private:
+
+	// No copy constructor.
+	HashSet(const HashSet&);
+	// No copy operator.
+	void operator = (const HashSet&);
+
+public:
+
+	// Create a new HashSet.
+	inline HashSet(Pool& pool, Uint32 universeSize);
+
+	// Clear the hashset.
+	void clear();
+	// Clear the element for the given index.
+	void clear(Uint32 index);
+	// Set the element for the given index.
+	void set(Uint32 index);
+	// Return true if the element at index is a member.
+	bool test(Uint32 index) const;
+	// Union with the given hashset.
+	inline void or(const HashSet& set);
+	// Intersection with the given hashset.
+	inline void and(const HashSet& set);
+	// Difference with the given hashset.
+	inline void difference(const HashSet& set);
+
+	// Logical operators.
+	HashSet& operator |= (const HashSet& set) {or(set); return *this;}
+	HashSet& operator &= (const HashSet& set) {and(set); return *this;}
+	HashSet& operator -= (const HashSet& set) {difference(set); return *this;}
+
+	// Iterator to conform with the set API.
+	typedef HashSetElement* iterator;
+	// Return the iterator for the first element of this set.
+	iterator begin() const;
+	// Return the next iterator.
+	iterator advance(iterator pos) const;
+	// Return true if the iterator is at the end of the set.
+	bool done(iterator pos) const {return pos == NULL;}
+};
+
+
+inline HashSet::HashSet(Pool& pool, Uint32 /*universeSize*/)
+	: allocationPool(pool), free(NULL)
+{
+	bucket = new(pool) HashSetElement*[hashSize];
+	memset(bucket, '\0', sizeof(HashSetElement*));
+}
+
+#endif // _HASH_SET_H_

mozilla/ef/Compiler/RegisterAllocator/IndexedPool.h

@@ -0,0 +1,213 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.0 (the "NPL"); you may not use this file except in
+ * compliance with the NPL.  You may obtain a copy of the NPL at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the NPL is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
+ * for the specific language governing rights and limitations under the
+ * NPL.
+ *
+ * The Initial Developer of this code under the NPL is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation.  All Rights
+ * Reserved.
+ */
+
+#ifndef _INDEXED_POOL_H_
+#define _INDEXED_POOL_H_
+
+#include "Fundamentals.h"
+#include <string.h>
+#include <stdlib.h>
+
+//------------------------------------------------------------------------------
+// IndexedPool<IndexedObjectSubclass> is an indexed pool of objects. The
+// template parameter 'IndexedObjectSubclass' must be a subclass of the struct
+// IndexedObject.
+// 
+// When the indexed pool is ask to allocate and initialize a new object (using
+// the operator new(anIndexedPool) it will zero the memory used to store the
+// object and initialize the field 'index' of this object to its position in
+// the pool.
+//
+// An object allocated by the indexed pool can be freed by calling the method
+// IndexedPool::release(IndexedElement& objectIndex).
+//
+// example:
+//
+//   IndexedPool<IndexedElement> elementPool;
+//
+//   IndexedElement& element1 = *new(elementPool) IndexedElement();
+//   IndexedElement& element2 = *new(elementPool) IndexedElement();
+//
+//   indexedPool.release(element1);
+//   IndexedElement& element3 = *new(elementPool) IndexedElement();
+//
+//  At this point element1 is no longer a valid object, element2 is at
+//  index 2 and element3 is at index 1.
+//
+
+//------------------------------------------------------------------------------
+// IndexedObject -
+//
+
+template<class Object>
+struct IndexedObject
+{
+	Uint32			index;				// Index in the pool.
+	Object*			next;				// Used to link IndexedObject together.
+
+	Uint32 getIndex() {return index;}
+};
+
+//------------------------------------------------------------------------------
+// IndexedPool<IndexedObject> -
+//
+
+template <class IndexedObject>
+class IndexedPool
+{
+private:
+
+	static const	blockSize = 4;		// Size of one block.
+
+	Uint32			nBlocks;			// Number of blocks in the pool.
+	IndexedObject**	block;				// Array of block pointers.
+	IndexedObject*  freeObjects;		// Chained list of free IndexedObjects.
+	Uint32			nextIndex;			// Index of the next free object in the last block. 
+
+private:
+
+	void allocateAnotherBlock();
+	IndexedObject& newObject();
+
+public:
+
+	IndexedPool() : nBlocks(0), block(NULL), freeObjects(NULL), nextIndex(1) {}
+	~IndexedPool();
+
+	IndexedObject& get(Uint32 index) const;
+	void release(IndexedObject& object);
+
+	void setSize(Uint32 size) {assert(size < nextIndex); nextIndex = size;}
+
+	// Return the universe size.
+	Uint32 getSize() {return nextIndex;}
+
+	friend void* operator new(size_t, IndexedPool<IndexedObject>& pool); // Needs to call newObject().
+};
+
+// Free all the memory allocated for this object.
+//
+template <class IndexedObject>
+IndexedPool<IndexedObject>::~IndexedPool()
+{
+	for (Uint32 n = 0; n < nBlocks; n++)
+		free(&((IndexedObject **) &block[n][n*blockSize])[-(n + 1)]);
+}
+
+// Release the given. This object will be iserted in the chained
+// list of free IndexedObjects. To minimize the fragmentation the chained list 
+// is ordered by ascending indexes.
+//
+template <class IndexedObject>
+void IndexedPool<IndexedObject>::release(IndexedObject& object)
+{
+	Uint32 index = object.index;
+	IndexedObject* list = freeObjects;
+
+	assert(&object == &get(index)); // Make sure that object is owned by this pool.
+
+	if (list == NULL) { // The list is empty.
+		freeObjects = &object;
+		object.next = NULL;
+	} else { // The list contains at least 1 element.
+		if (index < list->index) { // insert as first element.
+			freeObjects = &object;
+			object.next = list;
+		} else { // Find this object's place.
+			while ((list->next) != NULL && (list->next->index < index))
+				list = list->next;
+
+			object.next = list->next;
+			list->next = &object;
+		}
+	}
+
+#ifdef DEBUG
+	// Sanity check to be sure that the list is correctly ordered.
+	for (IndexedObject* obj = freeObjects; obj != NULL; obj = obj->next)
+		if (obj->next != NULL)
+			assert(obj->index < obj->next->index);
+#endif
+}
+
+// Create a new block of IndexedObjects. We will allocate the memory to
+// store IndexedPool::blockSize IndexedObject and the new Array of block
+// pointers.
+// The newly created IndexedObjects will not be initialized.
+//
+template <class IndexedObject>
+void IndexedPool<IndexedObject>::allocateAnotherBlock()
+{
+	void* memory = (void *) malloc((nBlocks + 1) * sizeof(Uint32) + blockSize * sizeof(IndexedObject));
+
+	memcpy(memory, block, nBlocks * sizeof(Uint32));
+
+	block = (IndexedObject **) memory;
+	IndexedObject* objects = (IndexedObject *) &block[nBlocks + 1];
+
+	block[nBlocks] = &objects[-(nBlocks * blockSize)];
+	nBlocks++;
+}
+
+// Return the IndexedObject at the position 'index' in the pool.
+//
+template <class IndexedObject>
+IndexedObject& IndexedPool<IndexedObject>::get(Uint32 index) const
+{
+	Uint32 blockIndex = index / blockSize;
+	assert(blockIndex < nBlocks);
+
+	return block[blockIndex][index];
+}
+
+// Return the reference of an unused object in the pool.
+//
+template <class IndexedObject>
+IndexedObject& IndexedPool<IndexedObject>::newObject()
+{
+	if (freeObjects != NULL) {
+		IndexedObject& newObject = *freeObjects;
+		freeObjects = newObject.next;
+		return newObject;
+	}
+	
+	Uint32 nextIndex = this->nextIndex++;
+	Uint32 blockIndex = nextIndex / blockSize;
+
+	while (blockIndex >= nBlocks)
+		allocateAnotherBlock();
+	
+	IndexedObject& newObject = block[blockIndex][nextIndex];
+	newObject.index = nextIndex;
+
+	return newObject;
+}
+
+// Return the address of the next unsused object in the given
+// indexed pool. The field index of the newly allocated object
+// will be initialized to the corresponding index of this object
+// in the pool.
+//
+template <class IndexedObject>
+void* operator new(size_t size, IndexedPool<IndexedObject>& pool)
+{
+	assert(size == sizeof(IndexedObject));
+	return (void *) &pool.newObject();
+}
+
+#endif // _INDEXED_POOL_H_

mozilla/ef/Compiler/RegisterAllocator/InterferenceGraph.h

@@ -0,0 +1,258 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.0 (the "NPL"); you may not use this file except in
+ * compliance with the NPL.  You may obtain a copy of the NPL at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the NPL is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
+ * for the specific language governing rights and limitations under the
+ * NPL.
+ *
+ * The Initial Developer of this code under the NPL is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation.  All Rights
+ * Reserved.
+ */
+
+#ifndef _INTERFERENCE_GRAPH_H_
+#define _INTERFERENCE_GRAPH_H_
+
+#include "Fundamentals.h"
+#include "ControlGraph.h"
+#include "Primitives.h"
+#include "Instruction.h"
+#include "VirtualRegister.h"
+#include "RegisterPressure.h"
+#include "SparseSet.h"
+#include <string.h>
+
+struct InterferenceVector
+{
+	Uint32				count;
+	InterferenceVector*	next;
+	RegisterName*		neighbors;
+
+	InterferenceVector() : count(0), next(NULL) {}
+};
+
+class RegisterAllocator;
+
+template <class RegisterPressure>
+class InterferenceGraph
+{
+private:
+
+	RegisterAllocator&			registerAllocator;
+
+	RegisterPressure::Set*		interferences;
+	InterferenceVector**		vector;
+	Uint32*						offset;
+	Uint32 						rangeCount;
+
+private:
+
+	// No copy constructor.
+	InterferenceGraph(const InterferenceGraph&);
+	// No copy operator.
+	void operator = (const InterferenceGraph&);
+
+	// Check if reg is a member of the universe.
+	void checkMember(RegisterName name) {assert(name < rangeCount);}
+	// Return the edge index for the interference between name1 and name2.
+	Uint32 getEdgeIndex(RegisterName name1, RegisterName name2);
+
+public:
+	InterferenceGraph(RegisterAllocator& registerAllocator) : registerAllocator(registerAllocator) {}
+
+	// Calculate the interferences.
+	void build();
+	// Return true if reg1 and reg2 interfere.
+	bool interfere(RegisterName name1, RegisterName name2);
+	// Return the interference vector for the given register or NULL if there is none.
+	InterferenceVector* getInterferenceVector(RegisterName name) {return vector[name];}
+	// Set the interference between name1 and name2.
+	void setInterference(RegisterName name1, RegisterName name2);
+	// Set the interference vector for the given register.
+	void setInterferenceVector(RegisterName name, InterferenceVector* v) {vector[name] = v;}
+
+
+#ifdef DEBUG_LOG
+	// Print the interferences.
+	void printPretty(LogModuleObject log);
+#endif // DEBUG_LOG
+};
+
+template <class RegisterPressure>
+void InterferenceGraph<RegisterPressure>::build()
+{
+	Pool& pool = registerAllocator.pool;
+	Uint32 rangeCount = registerAllocator.rangeCount;
+	this->rangeCount = rangeCount;
+
+	// Initialize the structures.
+	//
+	offset = new(pool) Uint32[rangeCount + 1];
+	vector = new(pool) InterferenceVector*[rangeCount];
+	memset(vector, '\0', sizeof(InterferenceVector*) * rangeCount);
+
+	Uint32 o = 0;
+	offset[0] = 0;
+	for (Uint32 i = 1; i <= rangeCount; ++i) {
+		offset[i] = o;
+		o += i;
+	}
+	
+	interferences = new(pool) RegisterPressure::Set(pool, (rangeCount * rangeCount) / 2);
+
+	ControlGraph& controlGraph = registerAllocator.controlGraph;
+	ControlNode** nodes = controlGraph.dfsList;
+	Uint32 nNodes = controlGraph.nNodes;
+
+	RegisterName* name2range = registerAllocator.name2range;
+	LivenessInfo<RegisterPressure> liveness = Liveness<RegisterPressure>::analysis(controlGraph, rangeCount, name2range);
+	registerAllocator.liveness = liveness;
+	SparseSet currentLive(pool, rangeCount);
+
+	for (Uint32 n = 0; n < nNodes; n++) {
+		ControlNode& node = *nodes[n];
+		currentLive = liveness.liveOut[n];
+
+		InstructionList& instructions = node.getInstructions();
+		for (InstructionList::iterator i = instructions.end(); !instructions.done(i); i = instructions.retreat(i)) {
+			Instruction& instruction = instructions.get(i);
+
+			InstructionUse* useBegin = instruction.getInstructionUseBegin();
+			InstructionUse* useEnd = instruction.getInstructionUseEnd();
+			InstructionUse* usePtr;
+			InstructionDefine* defineBegin = instruction.getInstructionDefineBegin();
+			InstructionDefine* defineEnd = instruction.getInstructionDefineEnd();
+			InstructionDefine* definePtr;
+
+			// Handle the copy instruction to avoid unnecessary interference between the 2 registers.
+			if ((instruction.getFlags() & ifCopy) != 0) {
+				assert(useBegin != useEnd && useBegin[0].isRegister());
+				currentLive.clear(name2range[useBegin[0].getRegisterName()]);
+			}
+
+			// Create the interferences.
+			for (definePtr = defineBegin; definePtr < defineEnd; definePtr++)
+				if (definePtr->isRegister()) {
+					RegisterName define = name2range[definePtr->getRegisterName()];
+
+					for (SparseSet::iterator e = currentLive.begin(); !currentLive.done(e); e = currentLive.advance(e)) {
+						RegisterName live = RegisterName(currentLive.get(e));
+
+						if ((live != define) && !interfere(live, define) && registerAllocator.canInterfere(live, define)) {
+
+							if (vector[define] == NULL)
+								vector[define] = new(pool) InterferenceVector();
+							vector[define]->count++;
+
+							if (vector[live] == NULL)
+								vector[live] = new(pool) InterferenceVector();
+							vector[live]->count++;
+
+							setInterference(live, define);
+						}
+					}
+				}
+
+			// Now update the liveness.
+			//
+			for (definePtr = defineBegin; definePtr < defineEnd; definePtr++)
+				if (definePtr->isRegister())
+					currentLive.clear(name2range[definePtr->getRegisterName()]);
+
+			for (usePtr = useBegin; usePtr < useEnd; usePtr++)
+				if (usePtr->isRegister())
+					currentLive.set(name2range[usePtr->getRegisterName()]);
+		}
+	}
+
+	// Allocate the memory to store the interferences.
+	//
+	for (Uint32 e = 0; e < rangeCount; e++)
+		if (vector[e] != NULL) {
+			InterferenceVector& v = *vector[e];
+			v.neighbors = new(pool) RegisterName[v.count];
+			v.count = 0;
+		}
+
+	// Initialize the edges.
+	//
+	if (RegisterPressure::Set::isOrdered()) {
+		RegisterName name1 = RegisterName(0);
+
+		for (RegisterPressure::Set::iterator i = interferences->begin(); !interferences->done(i); i = interferences->advance(i)) {
+			Uint32 interferenceIndex = interferences->get(i);
+
+			while(interferenceIndex >= offset[name1 + 1])
+				name1 = RegisterName(name1 + 1);
+
+			assert((interferenceIndex >= offset[name1]) && (interferenceIndex < offset[name1 + 1]));
+
+			RegisterName name2 = RegisterName(interferenceIndex - offset[name1]);
+
+			assert(interfere(name1, name2));
+
+			InterferenceVector& vector1 = *vector[name1];
+			vector1.neighbors[vector1.count++] = name2;
+		
+			InterferenceVector& vector2 = *vector[name2];
+			vector2.neighbors[vector2.count++] = name1;
+		}
+	} else {
+		trespass("not Implemented"); // FIX: need one more pass to initialize the vectors.
+	}
+}
+
+template <class RegisterPressure>
+Uint32 InterferenceGraph<RegisterPressure>::getEdgeIndex(RegisterName name1, RegisterName name2)
+{
+	checkMember(name1); checkMember(name2);
+	assert(name1 != name2); // This is not possible.
+	return (name1 < name2) ? offset[name2] + name1 : offset[name1] + name2;
+}
+
+template <class RegisterPressure>
+void InterferenceGraph<RegisterPressure>::setInterference(RegisterName name1, RegisterName name2)
+{
+	interferences->set(getEdgeIndex(name1, name2));
+}
+
+template <class RegisterPressure>
+bool InterferenceGraph<RegisterPressure>::interfere(RegisterName name1, RegisterName name2)
+{
+	return interferences->test(getEdgeIndex(name1, name2));
+}
+
+#ifdef DEBUG_LOG
+template <class RegisterPressure>
+void InterferenceGraph<RegisterPressure>::printPretty(LogModuleObject log)
+{
+	UT_OBJECTLOG(log, PR_LOG_ALWAYS, ("Interference Vectors:\n"));
+	for (Uint32 i = 1; i < rangeCount; i++) {
+		if (vector[i] != NULL) {
+			UT_OBJECTLOG(log, PR_LOG_ALWAYS, ("\tvr%d: (", i));
+			for (InterferenceVector* v = vector[i]; v != NULL; v = v->next)
+				for (Uint32 j = 0; j < v->count; j++) {
+					UT_OBJECTLOG(log, PR_LOG_ALWAYS, ("%d", v->neighbors[j]));
+					if (v->next != NULL || j != (v->count - 1))
+						UT_OBJECTLOG(log, PR_LOG_ALWAYS, (","));
+				}
+			UT_OBJECTLOG(log, PR_LOG_ALWAYS, (")\n"));
+		}
+	}
+	UT_OBJECTLOG(log, PR_LOG_ALWAYS, ("Interference Matrix:\n"));
+	for (RegisterName name1 = RegisterName(1); name1 < rangeCount; name1 = RegisterName(name1 + 1)) {
+		UT_OBJECTLOG(log, PR_LOG_ALWAYS, ("\t%d:\t", name1));
+		for (RegisterName name2 = RegisterName(1); name2 < rangeCount; name2 = RegisterName(name2 + 1))
+			UT_OBJECTLOG(log, PR_LOG_ALWAYS, ("%c", ((name1 != name2) && interfere(name1, name2)) ? '1' : '0'));
+		UT_OBJECTLOG(log, PR_LOG_ALWAYS, ("\n"));
+	}
+}
+#endif // DEBUG_LOG
+
+#endif // _INTERFERENCE_GRAPH_H_

mozilla/ef/Compiler/RegisterAllocator/LiveRange.h

@@ -0,0 +1,87 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.0 (the "NPL"); you may not use this file except in
+ * compliance with the NPL.  You may obtain a copy of the NPL at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the NPL is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
+ * for the specific language governing rights and limitations under the
+ * NPL.
+ *
+ * The Initial Developer of this code under the NPL is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation.  All Rights
+ * Reserved.
+ */
+
+#ifndef _LIVE_RANGE_H_
+#define _LIVE_RANGE_H_
+
+#include "Fundamentals.h"
+#include "ControlGraph.h"
+#include "ControlNodes.h"
+#include "Primitives.h"
+#include "Instruction.h"
+#include "RegisterAllocator.h"
+#include "RegisterAllocatorTools.h"
+
+template <class RegisterPressure>
+struct LiveRange
+{
+	static void build(RegisterAllocator& registerAllocator);
+};
+
+template <class RegisterPressure>
+void LiveRange<RegisterPressure>::build(RegisterAllocator& registerAllocator)
+{
+	// Intialize the lookup table.
+	//
+	Uint32 nameCount = registerAllocator.nameCount;
+	RegisterName* nameTable = new(registerAllocator.pool) RegisterName[2*nameCount];
+	RegisterName* rangeName = &nameTable[nameCount];
+
+	init(rangeName, nameCount);
+
+	// Walk the graph.
+	//
+	ControlGraph& controlGraph = registerAllocator.controlGraph;
+	ControlNode** nodes = controlGraph.dfsList;
+	Uint32 nNodes = controlGraph.nNodes;
+
+	SparseSet destination(registerAllocator.pool, nameCount);
+
+	for (Uint32 n = 0; n < nNodes; n++) {
+		InstructionList& phiNodes = nodes[n]->getPhiNodeInstructions();
+
+		destination.clear();
+		for (InstructionList::iterator i = phiNodes.begin(); !phiNodes.done(i); i = phiNodes.advance(i)) {
+			Instruction& phiNode = phiNodes.get(i);
+			assert(phiNode.getInstructionDefineBegin() != phiNode.getInstructionDefineEnd() && phiNode.getInstructionDefineBegin()[0].isRegister());
+			destination.set(findRoot(phiNode.getInstructionDefineBegin()[0].getRegisterName(), rangeName));
+		}
+
+		for (InstructionList::iterator p = phiNodes.begin(); !phiNodes.done(p); p = phiNodes.advance(p)) {
+			Instruction& phiNode = phiNodes.get(p);
+
+			assert(phiNode.getInstructionDefineBegin() != phiNode.getInstructionDefineEnd() && phiNode.getInstructionDefineBegin()[0].isRegister());
+			RegisterName destinationName = phiNode.getInstructionDefineBegin()[0].getRegisterName();
+			RegisterName destinationRoot = findRoot(destinationName, rangeName);
+
+			InstructionUse* useEnd = phiNode.getInstructionUseEnd();
+			for (InstructionUse* usePtr = phiNode.getInstructionUseBegin(); usePtr < useEnd; usePtr++) {
+				assert(usePtr->isRegister());
+				RegisterName sourceName = usePtr->getRegisterName();
+				RegisterName sourceRoot = findRoot(sourceName, rangeName);
+
+				if (sourceRoot != destinationRoot && !destination.test(sourceRoot))
+					rangeName[sourceRoot] = destinationRoot;
+			}
+		}
+	}
+
+	registerAllocator.rangeCount = compress(registerAllocator.name2range, rangeName, nameCount, nameCount);
+}
+
+#endif // _LIVE_RANGE_H_

mozilla/ef/Compiler/RegisterAllocator/LiveRangeGraph.h

@@ -0,0 +1,163 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.0 (the "NPL"); you may not use this file except in
+ * compliance with the NPL.  You may obtain a copy of the NPL at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the NPL is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
+ * for the specific language governing rights and limitations under the
+ * NPL.
+ *
+ * The Initial Developer of this code under the NPL is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation.  All Rights
+ * Reserved.
+ */
+
+#ifndef _LIVE_RANGE_GRAPH_
+#define _LIVE_RANGE_GRAPH_
+
+#include "Fundamentals.h"
+#include "Pool.h"
+#include "ControlGraph.h"
+#include "ControlNodes.h"
+#include "Instruction.h"
+#include "RegisterTypes.h"
+
+class RegisterAllocator;
+
+template <class RegisterPressure>
+class LiveRangeGraph
+{
+private:
+
+	RegisterAllocator&		registerAllocator;
+
+	RegisterPressure::Set*	edges;
+	Uint32					rangeCount;
+
+public:
+	//
+	//
+	LiveRangeGraph(RegisterAllocator& registerAllocator) : registerAllocator(registerAllocator) {}
+
+	//
+	//
+	void build();
+
+	//
+	//
+	void addEdge(RegisterName name1, RegisterName name2);
+
+	//
+	//
+	bool haveEdge(RegisterName name1, RegisterName name2);
+
+#ifdef DEBUG_LOG
+	//
+	//
+	void printPretty(LogModuleObject log);
+#endif // DEBUG_LOG
+};
+
+template <class RegisterPressure>
+void LiveRangeGraph<RegisterPressure>::build()
+{
+	Pool& pool = registerAllocator.pool;
+	Uint32 rangeCount = registerAllocator.rangeCount;
+	this->rangeCount = rangeCount;
+
+	edges = new(pool) RegisterPressure::Set(pool, rangeCount * rangeCount);
+
+	ControlGraph& controlGraph = registerAllocator.controlGraph;
+	ControlNode** nodes = controlGraph.dfsList;
+	Uint32 nNodes = controlGraph.nNodes;
+
+	RegisterName* name2range = registerAllocator.name2range;
+	LivenessInfo<RegisterPressure>& liveness = registerAllocator.liveness;
+	SparseSet currentLive(pool, rangeCount);
+
+	for (Uint32 n = 0; n < nNodes; n++) {
+		ControlNode& node = *nodes[n];
+		currentLive = liveness.liveOut[n];
+
+		InstructionList& instructions = node.getInstructions();
+		for (InstructionList::iterator i = instructions.end(); !instructions.done(i); i = instructions.retreat(i)) {
+			Instruction& instruction = instructions.get(i);
+
+			InstructionUse* useBegin = instruction.getInstructionUseBegin();
+			InstructionUse* useEnd = instruction.getInstructionUseEnd();
+			InstructionUse* usePtr;
+			InstructionDefine* defineBegin = instruction.getInstructionDefineBegin();
+			InstructionDefine* defineEnd = instruction.getInstructionDefineEnd();
+			InstructionDefine* definePtr;
+
+			if ((instruction.getFlags() & ifCopy) != 0) {
+				assert(useBegin != useEnd && useBegin[0].isRegister());
+				currentLive.clear(name2range[useBegin[0].getRegisterName()]);
+			}
+
+			for (definePtr = defineBegin; definePtr < defineEnd; definePtr++)
+				if (definePtr->isRegister()) {
+					RegisterName define = name2range[definePtr->getRegisterName()];
+
+					for (SparseSet::iterator l = currentLive.begin(); !currentLive.done(l); l = currentLive.advance(l)) {
+						RegisterName live = RegisterName(currentLive.get(l));
+						if (define != live && registerAllocator.canInterfere(define, live))
+							addEdge(define, live);
+					}
+				}
+
+			for (definePtr = defineBegin; definePtr < defineEnd; definePtr++)
+				if (definePtr->isRegister())
+					currentLive.clear(name2range[definePtr->getRegisterName()]);
+
+			for (usePtr = useBegin; usePtr < useEnd; usePtr++)
+				if (usePtr->isRegister())
+					currentLive.set(name2range[usePtr->getRegisterName()]);
+
+			for (usePtr = useBegin; usePtr < useEnd; usePtr++)
+				if (usePtr->isRegister()) {
+					RegisterName use = name2range[usePtr->getRegisterName()];
+
+					for (SparseSet::iterator l = currentLive.begin(); !currentLive.done(l); l = currentLive.advance(l)) {
+						RegisterName live = RegisterName(currentLive.get(l));
+						if (use != live && registerAllocator.canInterfere(use, live))
+							addEdge(use, live);
+					}
+				}
+		}
+	}
+}
+
+template <class RegisterPressure>
+void LiveRangeGraph<RegisterPressure>::addEdge(RegisterName name1, RegisterName name2)
+{
+	assert(name1 != name2);
+	edges->set(name1 * rangeCount + name2);
+}
+
+template <class RegisterPressure>
+bool LiveRangeGraph<RegisterPressure>::haveEdge(RegisterName name1, RegisterName name2)
+{
+	assert(name1 != name2);
+	return edges->test(name1 * rangeCount + name2);
+}
+
+#ifdef DEBUG_LOG
+template <class RegisterPressure>
+void LiveRangeGraph<RegisterPressure>::printPretty(LogModuleObject log)
+{
+	UT_OBJECTLOG(log, PR_LOG_ALWAYS, ("Live ranges graph:\n"));
+	for (RegisterName name1 = RegisterName(1); name1 < rangeCount; name1 = RegisterName(name1 + 1)) {
+		UT_OBJECTLOG(log, PR_LOG_ALWAYS, ("\t%d:\t", name1));
+		for (RegisterName name2 = RegisterName(1); name2 < rangeCount; name2 = RegisterName(name2 + 1))
+			UT_OBJECTLOG(log, PR_LOG_ALWAYS, ("%c", ((name1 != name2) && haveEdge(name1, name2)) ? '1' : '0'));
+		UT_OBJECTLOG(log, PR_LOG_ALWAYS, ("\n"));
+	}
+}
+#endif // DEBUG_LOG
+
+#endif // _LIVE_RANGE_GRAPH_

mozilla/ef/Compiler/RegisterAllocator/Liveness.cpp

@@ -0,0 +1,21 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.0 (the "NPL"); you may not use this file except in
+ * compliance with the NPL.  You may obtain a copy of the NPL at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the NPL is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
+ * for the specific language governing rights and limitations under the
+ * NPL.
+ *
+ * The Initial Developer of this code under the NPL is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation.  All Rights
+ * Reserved.
+ */
+
+#include "Fundamentals.h"
+#include "Liveness.h"
+

mozilla/ef/Compiler/RegisterAllocator/Liveness.h

@@ -0,0 +1,301 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.0 (the "NPL"); you may not use this file except in
+ * compliance with the NPL.  You may obtain a copy of the NPL at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the NPL is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
+ * for the specific language governing rights and limitations under the
+ * NPL.
+ *
+ * The Initial Developer of this code under the NPL is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation.  All Rights
+ * Reserved.
+ */
+
+#ifndef _LIVENESS_H_
+#define _LIVENESS_H_
+
+#include "Fundamentals.h"
+#include "ControlGraph.h"
+#include "ControlNodes.h"
+#include "Instruction.h"
+#include "RegisterTypes.h"
+
+// ----------------------------------------------------------------------------
+// LivenessInfo -
+
+template <class RegisterPressure>
+struct LivenessInfo
+{
+	RegisterPressure::Set*	liveIn;
+	RegisterPressure::Set*	liveOut;
+	DEBUG_LOG_ONLY(Uint32	size);
+
+#ifdef DEBUG_LOG
+	void printPretty(LogModuleObject log);
+#endif // DEBUG_LOG
+};
+
+// ----------------------------------------------------------------------------
+// Liveness
+//
+// The liveness is defined by the following data-flow equations:
+//
+//		LiveIn(n) = LocalLive(n) U (LiveOut(n) - Killed(n)).
+//		LiveOut(n) = U LiveIn(s) (s a successor of n).
+//
+//	where LocalLive(n) is the set of used registers in the block n, Killed(n)
+//  is the set of defined registers in the block n, LiveIn(n) is the set of
+//  live registers at the begining of the block n and LiveOut(n) is the set
+//  of live registers at the end of the block n.
+//
+//
+// We will compute the liveness analysis in two stages:
+//
+//	1- Build LocalLive(n) (wich is an approximation of LiveIn(n)) and Killed(n) 
+//     for each block n.
+//  2- Perform a backward data-flow analysis to propagate the liveness information
+//     through the entire control-flow graph.
+//
+
+template <class RegisterPressure>
+struct Liveness
+{
+	static LivenessInfo<RegisterPressure> analysis(ControlGraph& controlGraph, Uint32 rangeCount, const RegisterName* name2range);
+	static LivenessInfo<RegisterPressure> analysis(ControlGraph& controlGraph, Uint32 nameCount);
+};
+
+template <class RegisterPressure>
+LivenessInfo<RegisterPressure> Liveness<RegisterPressure>::analysis(ControlGraph& controlGraph, Uint32 rangeCount, const RegisterName* name2range)
+{
+	Pool& pool = controlGraph.pool;
+	ControlNode** nodes = controlGraph.dfsList;
+	Uint32 nNodes = controlGraph.nNodes;
+
+	// Allocate the temporary sets.
+	RegisterPressure::Set* killed = new(pool) RegisterPressure::Set[nNodes](pool, rangeCount);
+	
+	// Allocate the globals sets.
+	RegisterPressure::Set* liveIn = new(pool) RegisterPressure::Set[nNodes](pool, rangeCount);
+	RegisterPressure::Set* liveOut = new(pool) RegisterPressure::Set[nNodes](pool, rangeCount);
+
+	// First stage of the liveness analysis: Compute the sets LocalLive(stored in LiveIn) and Killed.
+	//
+	for (Uint32 n = 0; n < (nNodes - 1); n++) {
+		ControlNode& node = *nodes[n];
+
+		RegisterPressure::Set& currentLocalLive = liveIn[n];
+		RegisterPressure::Set& currentKilled = killed[n];
+		
+		// Find the instructions contributions to the sets LocalLive and Killed.
+		//
+		InstructionList& instructions = node.getInstructions();
+		for (InstructionList::iterator i = instructions.begin(); !instructions.done(i); i = instructions.advance(i)) {
+			Instruction& instruction = instructions.get(i);
+
+			// If a VirtualRegister is 'used' before being 'defined' then we add it to set LocalLive.
+
+			InstructionUse* useEnd = instruction.getInstructionUseEnd();
+			for (InstructionUse* usePtr = instruction.getInstructionUseBegin(); usePtr < useEnd; usePtr++)
+				if (usePtr->isRegister()) {
+					Uint32 index = name2range[usePtr->getRegisterName()];
+
+					if (!currentKilled.test(index))
+						currentLocalLive.set(index);
+				}
+
+			// If a Virtualregister is 'defined' then we add it to the set Killed.
+			InstructionDefine* defineEnd = instruction.getInstructionDefineEnd();
+			for (InstructionDefine* definePtr = instruction.getInstructionDefineBegin(); definePtr < defineEnd; definePtr++)
+				if (definePtr->isRegister())
+					currentKilled.set(name2range[definePtr->getRegisterName()]);
+		}
+	}
+
+	// Second stage of the liveness analysis: We propagate the LiveIn & LiveOut through the entire 
+	// control-flow graph.
+	//
+	RegisterPressure::Set temp(pool, rangeCount);
+
+	bool changed;
+	do {
+		changed = false;
+
+		// For all nodes is this graph except the endNode.
+		for (Int32 n = (nNodes - 2); n >= 0; n--) {
+			ControlNode& node = *nodes[n];
+
+			RegisterPressure::Set& currentLiveIn = liveIn[n];
+			RegisterPressure::Set& currentLiveOut = liveOut[n];
+
+			// Compute temp = Union of LiveIn(s) (s a successor of this node) | usedByPhiNodes(n).
+			// temp will be the new LiveOut(n).
+			Uint32 nSuccessors = node.nSuccessors();
+			if (nSuccessors != 0) {
+				temp = liveIn[node.nthSuccessor(0).getTarget().dfsNum];
+				for (Uint32 s = 1; s < nSuccessors; s++)
+					temp |= liveIn[node.nthSuccessor(s).getTarget().dfsNum];
+			} else 
+				temp.clear();
+
+			// If temp and LiveOut(n) differ then set LiveOut(n) = temp and recalculate the
+			// new LiveIn(n).
+			if (currentLiveOut != temp) {
+				currentLiveOut = temp;
+				temp -= killed[n]; // FIX: could be optimized with one call to unionDiff !
+				temp |= currentLiveIn;
+			
+				if (currentLiveIn != temp) {
+					currentLiveIn = temp;
+					changed = true;
+				}
+			}
+		}
+	} while(changed);
+
+	LivenessInfo<RegisterPressure> liveness;
+	liveness.liveIn = liveIn;
+	liveness.liveOut = liveOut;
+	DEBUG_LOG_ONLY(liveness.size = nNodes);
+	return liveness;
+}
+
+template <class RegisterPressure>
+LivenessInfo<RegisterPressure> Liveness<RegisterPressure>::analysis(ControlGraph& controlGraph, Uint32 nameCount)
+{
+	Pool& pool = controlGraph.pool;
+	ControlNode** nodes = controlGraph.dfsList;
+	Uint32 nNodes = controlGraph.nNodes;
+
+	// Allocate the temporary sets.
+	RegisterPressure::Set* killed = new(pool) RegisterPressure::Set[nNodes](pool, nameCount);
+	RegisterPressure::Set* usedByPhiNodes = NULL;
+	
+	// Allocate the globals sets.
+	RegisterPressure::Set* liveIn = new(pool) RegisterPressure::Set[nNodes](pool, nameCount);
+	RegisterPressure::Set* liveOut = new(pool) RegisterPressure::Set[nNodes](pool, nameCount);
+
+	// First stage of the liveness analysis: Compute the sets LocalLive(stored in LiveIn) and Killed.
+	//
+	for (Uint32 n = 0; n < (nNodes - 1); n++) {
+		ControlNode& node = *nodes[n];
+
+		RegisterPressure::Set& currentLocalLive = liveIn[n];
+		RegisterPressure::Set& currentKilled = killed[n];
+		
+		InstructionList& phiNodes = node.getPhiNodeInstructions();
+
+		if ((usedByPhiNodes == NULL) && !phiNodes.empty())
+			usedByPhiNodes = new(pool) RegisterPressure::Set[nNodes](pool, nameCount);
+
+		for (InstructionList::iterator p = phiNodes.begin(); !phiNodes.done(p); p = phiNodes.advance(p)) {
+			Instruction& phiNode = phiNodes.get(p);
+
+			InstructionDefine& define = phiNode.getInstructionDefineBegin()[0];
+			currentKilled.set(define.getRegisterName());
+
+			typedef DoublyLinkedList<ControlEdge> ControlEdgeList;
+			const ControlEdgeList& predecessors = node.getPredecessors();
+			ControlEdgeList::iterator p = predecessors.begin();
+			InstructionUse* useEnd = phiNode.getInstructionUseEnd();
+			for (InstructionUse* usePtr = phiNode.getInstructionUseBegin(); usePtr < useEnd; usePtr++, p = predecessors.advance(p))
+				if (usePtr->isRegister())
+					usedByPhiNodes[predecessors.get(p).getSource().dfsNum].set(usePtr->getRegisterName());
+		}
+
+		// Find the instructions contributions to the sets LocalLive and Killed.
+		//
+		InstructionList& instructions = node.getInstructions();
+		for (InstructionList::iterator i = instructions.begin(); !instructions.done(i); i = instructions.advance(i)) {
+			Instruction& instruction = instructions.get(i);
+
+			// If a VirtualRegister is 'used' before being 'defined' then we add it to set LocalLive.
+
+			InstructionUse* useEnd = instruction.getInstructionUseEnd();
+			for (InstructionUse* usePtr = instruction.getInstructionUseBegin(); usePtr < useEnd; usePtr++)
+				if (usePtr->isRegister()) {
+					Uint32 index = usePtr->getRegisterName();
+
+					if (!currentKilled.test(index))
+						currentLocalLive.set(index);
+				}
+
+			// If a Virtualregister is 'defined' then we add it to the set Killed.
+			InstructionDefine* defineEnd = instruction.getInstructionDefineEnd();
+			for (InstructionDefine* definePtr = instruction.getInstructionDefineBegin(); definePtr < defineEnd; definePtr++)
+				if (definePtr->isRegister())
+					currentKilled.set(definePtr->getRegisterName());
+		}
+	}
+
+	// Second stage of the liveness analysis: We propagate the LiveIn & LiveOut through the entire 
+	// control-flow graph.
+	//
+	RegisterPressure::Set temp(pool, nameCount);
+
+	bool changed;
+	do {
+		changed = false;
+
+		// For all nodes is this graph except the endNode.
+		for (Int32 n = (nNodes - 2); n >= 0; n--) {
+			ControlNode& node = *nodes[n];
+
+			RegisterPressure::Set& currentLiveIn = liveIn[n];
+			RegisterPressure::Set& currentLiveOut = liveOut[n];
+
+			// Compute temp = Union of LiveIn(s) (s a successor of this node) | usedByPhiNodes(n).
+			// temp will be the new LiveOut(n).
+			Uint32 nSuccessors = node.nSuccessors();
+			if (nSuccessors != 0) {
+				temp = liveIn[node.nthSuccessor(0).getTarget().dfsNum];
+				for (Uint32 s = 1; s < nSuccessors; s++)
+					temp |= liveIn[node.nthSuccessor(s).getTarget().dfsNum];
+			} else 
+				temp.clear();
+
+			// Insert the phiNodes contribution.
+			if (usedByPhiNodes != NULL)
+				temp |= usedByPhiNodes[n];
+
+			// If temp and LiveOut(n) differ then set LiveOut(n) = temp and recalculate the
+			// new LiveIn(n).
+			if (currentLiveOut != temp) {
+				currentLiveOut = temp;
+				temp -= killed[n]; // FIX: could be optimized with one call to unionDiff !
+				temp |= currentLiveIn;
+			
+				if (currentLiveIn != temp) {
+					currentLiveIn = temp;
+					changed = true;
+				}
+			}
+		}
+	} while(changed);
+
+	LivenessInfo<RegisterPressure> liveness;
+	liveness.liveIn = liveIn;
+	liveness.liveOut = liveOut;
+	DEBUG_LOG_ONLY(liveness.size = nNodes);
+	return liveness;
+}
+
+#ifdef DEBUG_LOG
+template <class RegisterPressure>
+void LivenessInfo<RegisterPressure>::printPretty(LogModuleObject log)
+{
+	for (Uint32 n = 0; n < size; n++) {
+		UT_OBJECTLOG(log, PR_LOG_ALWAYS, ("Node N%d:\n\tliveIn = ", n));
+		liveIn[n].printPretty(log);
+		UT_OBJECTLOG(log, PR_LOG_ALWAYS, ("\tliveOut = "));
+		liveOut[n].printPretty(log);
+		UT_OBJECTLOG(log, PR_LOG_ALWAYS, ("\n"));
+	}
+}
+#endif // DEBUG_LOG
+
+#endif // _LIVENESS_H_

mozilla/ef/Compiler/RegisterAllocator/Makefile

@@ -0,0 +1,40 @@
+#! gmake
+
+DEPTH			= ../..
+
+MODULE_NAME		= RegisterAllocator
+
+include $(DEPTH)/config/config.mk
+
+INCLUDES		+=										\
+	-I$(DEPTH)/Utilities/General						\
+	-I$(DEPTH)/Utilities/zlib							\
+	-I$(DEPTH)/Runtime/ClassReader						\
+	-I$(DEPTH)/Runtime/NativeMethods					\
+	-I$(DEPTH)/Runtime/System							\
+	-I$(DEPTH)/Runtime/ClassInfo						\
+	-I$(DEPTH)/Runtime/FileReader						\
+	-I$(DEPTH)/Compiler/PrimitiveGraph					\
+	-I$(DEPTH)/Compiler/FrontEnd						\
+	-I$(DEPTH)/Compiler/Optimizer						\
+	-I$(DEPTH)/Compiler/CodeGenerator					\
+	-I$(DEPTH)/Compiler/CodeGenerator/md				\
+	-I$(DEPTH)/Compiler/CodeGenerator/md/$(CPU_ARCH)	\
+	-I$(DEPTH)/Compiler/RegisterAllocator				\
+	-I$(DEPTH)/Driver/StandAloneJava					\
+	-I$(DEPTH)/Debugger									\
+	$(NULL)
+
+CXXSRCS 		=										\
+	RegisterAllocator.cpp								\
+	RegisterAllocatorTools.cpp							\
+	DominatorGraph.cpp									\
+	VirtualRegister.cpp									\
+	BitSet.cpp											\
+	SparseSet.cpp										\
+	$(NULL)
+
+
+include $(DEPTH)/config/rules.mk
+
+libs:: $(MODULE)

mozilla/ef/Compiler/RegisterAllocator/PhiNodeRemover.h

@@ -0,0 +1,392 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.0 (the "NPL"); you may not use this file except in
+ * compliance with the NPL.  You may obtain a copy of the NPL at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the NPL is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
+ * for the specific language governing rights and limitations under the
+ * NPL.
+ *
+ * The Initial Developer of this code under the NPL is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation.  All Rights
+ * Reserved.
+ */
+
+#ifndef _PHI_NODE_REMOVER_H_
+#define _PHI_NODE_REMOVER_H_
+
+#include "Fundamentals.h"
+#include "Pool.h"
+#include "ControlGraph.h"
+#include "DominatorGraph.h"
+#include "VirtualRegister.h"
+#include "RegisterPressure.h"
+#include "Liveness.h"
+#include "Instruction.h"
+#include "InstructionEmitter.h"
+#include "SparseSet.h"
+#include <string.h>
+
+//------------------------------------------------------------------------------
+// RegisterNameNode -
+
+struct RegisterNameNode 
+{
+	RegisterNameNode*	next;
+	RegisterName		newName;
+	Uint32				nextPushed;
+};
+
+//------------------------------------------------------------------------------
+// CopyData -
+
+struct CopyData
+{
+	RegisterName		source;
+	RegisterClassKind	classKind;
+	Uint32				useCount;
+	bool				isLiveOut;
+	RegisterName		sourceNameToUse;
+	RegisterName		temporaryName;
+	RegisterNameNode*	newName;
+};
+
+//------------------------------------------------------------------------------
+// PhiNodeRemover<RegisterPressure> -
+
+template <class RegisterPressure>
+struct PhiNodeRemover
+{
+	// Replace the phi nodes by copy instructions.
+	static void replacePhiNodes(ControlGraph& controlGraph, VirtualRegisterManager& vrManager, InstructionEmitter& emitter);
+};
+
+// Split some of the critical edges and return true if there are still some
+// in the graph after that.
+//
+static bool splitCriticalEdges(ControlGraph& /*cg*/)
+{
+	// FIX: not implemented.
+	return true;
+}
+
+inline void pushName(Pool& pool, RegisterNameNode** stack, SparseSet& pushed, Uint32* nodeListPointer, RegisterName oldName, RegisterName newName)
+{
+	RegisterNameNode& newNode = *new(pool) RegisterNameNode();
+
+	if (pushed.test(oldName))
+		(*stack)->newName = newName;
+	else {
+		newNode.newName = newName;
+		newNode.nextPushed = *nodeListPointer;
+		*nodeListPointer = oldName;
+		newNode.next = *stack;
+		*stack = &newNode;
+		pushed.set(oldName);
+	}
+}
+
+template <class RegisterPressure>
+void PhiNodeRemover<RegisterPressure>::replacePhiNodes(ControlGraph& controlGraph, VirtualRegisterManager& vrManager, InstructionEmitter& emitter)
+{
+	Pool& pool = controlGraph.pool;
+	ControlNode** nodes = controlGraph.dfsList;
+	Uint32 nNodes = controlGraph.nNodes;
+
+	// Initialize the local variables.
+	//
+
+	// When we insert the copies we will also need to create new VirtualRegisters for
+	// the insertion of temporaries. The maximum number of temporary register will not
+	// exceed the number of phiNodes in the primitive graph.
+	Uint32 nameCount = vrManager.getSize();
+	Uint32 maxNameCount = nameCount;
+	for (Uint32 n = 0; n < nNodes; n++)
+		maxNameCount += nodes[n]->getPhiNodes().length();
+
+	// If the CFG contains some critical edges (backward edge which source has more than one
+	// outgoing edge and destination has more than one incomimg edge) then we need the liveness
+	// information to be able to insert temporary copies.
+	RegisterPressure::Set* liveOut = NULL;
+	if (splitCriticalEdges(controlGraph))
+		liveOut = Liveness<LowRegisterPressure>::analysis(controlGraph, nameCount).liveOut;
+
+	DominatorGraph dGraph(controlGraph);
+
+	SparseSet pushed(pool, maxNameCount);
+	SparseSet destinationList(pool, maxNameCount);
+	SparseSet workList(pool, maxNameCount);
+
+	CopyData* copyStats = new(pool) CopyData[maxNameCount];
+	memset(copyStats, '\0', maxNameCount*sizeof(CopyData));
+
+	struct NodeStack {
+		Uint32* next;
+		Uint32* limit;
+		Uint32 pushedList;
+	};
+
+	// Allocate the node stack and initialize the node stack pointer.
+	NodeStack* nodeStack = new(pool) NodeStack[nNodes + 1];
+	NodeStack* nodeStackPtr = nodeStack;
+
+	// We start by the begin node. 
+	Uint32 startNode = 0;
+	Uint32* next = &startNode;
+	Uint32* limit = &startNode + 1;
+
+	while (true) {
+
+		if (next == limit) {
+			// If there are no more node in the sibling, we have to pop the current
+			// frame from the stack and update the copyStats of the pushed nodes.
+			//
+			if (nodeStackPtr == nodeStack)
+				// We are at the bottom of the stack and there are no more nodes
+				// to look at. We are done !
+				break;
+
+			--nodeStackPtr;
+			// We are done with all the children of this node in the dominator tree.
+			// We need to update the copy information of all the new names pushed
+			// during the walk over this node.
+			Uint32 pushedList = nodeStackPtr->pushedList;
+			while (pushedList != 0) {
+				Uint32 nextName = copyStats[pushedList].newName->nextPushed;
+				copyStats[pushedList].newName = copyStats[pushedList].newName->next;
+				pushedList = nextName;
+			}
+
+			// restore the previous frame.
+			next = nodeStackPtr->next;
+			limit = nodeStackPtr->limit;
+		} else {
+			Uint32 currentNode = *next++;
+			Uint32 pushedList = 0;
+
+
+			// Initialize the sets.
+			pushed.clear();
+			destinationList.clear();
+
+			// STEP1:
+			//  Walk the instruction list and to replace all the instruction uses with their new name. 
+			//  If the instruction is a phi node and its defined register is alive at the end of this 
+			//  block then we push the defined register into the stack.
+			//
+			ControlNode& node = *nodes[currentNode];
+			RegisterPressure::Set* currentLiveOut = (liveOut != NULL) ? &liveOut[currentNode] : (RegisterPressure::Set*) 0;
+
+			InstructionList& phiNodes = node.getPhiNodeInstructions();
+			for (InstructionList::iterator p = phiNodes.begin(); !phiNodes.done(p); p = phiNodes.advance(p)) {
+				Instruction& phiNode = phiNodes.get(p);
+
+				InstructionUse* useEnd = phiNode.getInstructionUseEnd();
+				for (InstructionUse* usePtr = phiNode.getInstructionUseBegin(); usePtr < useEnd; usePtr++) {
+					assert(usePtr->isRegister());
+					RegisterName name = usePtr->getRegisterName();
+
+					if (copyStats[name].newName != NULL && copyStats[name].newName->newName != name)
+						usePtr->setRegisterName(copyStats[name].newName->newName);
+				}
+
+				if (currentLiveOut != NULL) {
+					// This is a phi node and we have to push its defined name if it is live
+					// at the end of the node. We only need to do this if the CFG has critical edges.
+					assert(phiNode.getInstructionDefineBegin() != phiNode.getInstructionDefineEnd() && phiNode.getInstructionDefineBegin()[0].isRegister());
+					RegisterName name = phiNode.getInstructionDefineBegin()[0].getRegisterName();
+
+					if (currentLiveOut->test(name))
+						pushName(pool, &(copyStats[name].newName), pushed, &pushedList, name, name);
+				}
+				
+			}
+
+			InstructionList& instructions = node.getInstructions();
+			for (InstructionList::iterator i = instructions.begin(); !instructions.done(i); i = instructions.advance(i)) {
+				Instruction& instruction = instructions.get(i);
+
+				InstructionUse* useEnd = instruction.getInstructionUseEnd();
+				for (InstructionUse* usePtr = instruction.getInstructionUseBegin(); usePtr < useEnd; usePtr++)
+					if (usePtr->isRegister()) {
+						RegisterName name = usePtr->getRegisterName();
+
+						if (copyStats[name].newName != NULL && copyStats[name].newName->newName != name)
+							usePtr->setRegisterName(copyStats[name].newName->newName);
+					}
+			}
+
+			// STEP2:
+			//  Look at this node's successors' phiNodes. We keep track of the number of time
+			//  a VR will be used by another copy instruction and insert each definition into the 
+			//  destinationList. This is the only pass over this node's successors as we will
+			//  get all the information we need in the CopyData structures.
+			//
+			ControlEdge* successorEdgeEnd = node.getSuccessorsEnd();
+			for (ControlEdge* successorEdgePtr = node.getSuccessorsBegin(); successorEdgePtr < successorEdgeEnd; successorEdgePtr++) {
+				Uint32 useIndex = successorEdgePtr->getIndex();
+				ControlNode& successor = successorEdgePtr->getTarget();
+
+				// Look at its phi nodes. The phi nodes are at the top of the instruction list. We exit
+				// as soon as we find an instruction which is not a phi node
+				InstructionList& phiNodes = successor.getPhiNodeInstructions();
+				for (InstructionList::iterator p = phiNodes.begin(); !phiNodes.done(p); p = phiNodes.advance(p)) {
+					Instruction& phiNode = phiNodes.get(p);
+					
+					assert((phiNode.getInstructionUseBegin() + useIndex) < phiNode.getInstructionUseEnd());
+					assert(phiNode.getInstructionDefineBegin() != phiNode.getInstructionDefineEnd());
+
+					InstructionUse& source = phiNode.getInstructionUseBegin()[useIndex];
+					InstructionDefine& destination = phiNode.getInstructionDefineBegin()[0];
+
+					assert(source.isRegister() && destination.isRegister());
+
+					RegisterName sourceName = source.getRegisterName();
+					RegisterName destinationName = destination.getRegisterName();
+
+					// Get the correct name for the source.
+					if (copyStats[sourceName].newName != NULL)
+						sourceName = copyStats[sourceName].newName->newName;
+
+					// Update the CopyData structures.
+					if ((sourceName != rnInvalid) && (sourceName != destinationName)) {
+						copyStats[destinationName].source = sourceName;
+						copyStats[destinationName].classKind = destination.getRegisterClass();
+						copyStats[destinationName].isLiveOut = (currentLiveOut != NULL) ? currentLiveOut->test(destinationName) : false;
+						copyStats[destinationName].sourceNameToUse = destinationName;
+						copyStats[sourceName].sourceNameToUse = sourceName;
+						copyStats[sourceName].useCount++;
+						destinationList.set(destinationName);
+					}
+				}
+			}
+
+			// STEP3:
+			//  Insert into the worklist only the destination registers that will be not used in 
+			//  another copy instruction in this block.
+			//
+			assert(workList.getSize() == 0);
+			for (SparseSet::iterator d = destinationList.begin(); !destinationList.done(d); d = destinationList.advance(d)) {
+				Uint32 dest = destinationList.get(d);
+				if (copyStats[dest].useCount == 0)
+					workList.set(dest);
+			}
+
+			// STEP4:
+			//  Insert the copy instructions.
+			//
+			Uint32 destinationListSize = destinationList.getSize();
+			InstructionList::iterator endOfTheNode = instructions.end();
+
+			// Find the right place to insert the copy instructions.
+			if (destinationListSize != 0)
+				while (instructions.get(endOfTheNode).getFlags() & ifControl)
+					endOfTheNode = instructions.retreat(endOfTheNode);
+
+			while (destinationListSize != 0) {
+				while(workList.getSize()) {
+					RegisterName destinationName = RegisterName(workList.getOne());
+					RegisterName sourceName = copyStats[destinationName].source;
+
+					workList.clear(destinationName);
+					if (copyStats[destinationName].isLiveOut && !copyStats[destinationName].temporaryName) {
+						// Lost copy problem.
+						copyStats[destinationName].isLiveOut = false;
+
+						RegisterName sourceName = destinationName;
+						RegisterClassKind classKind = copyStats[sourceName].classKind;
+						RegisterName destinationName = getName(vrManager.newVirtualRegister(classKind));
+						assert(destinationName < maxNameCount);
+
+						copyStats[destinationName].classKind = classKind;
+						copyStats[sourceName].useCount = 0;
+				
+						// We need to insert a copy to a temporary register to keep the
+						// source register valid at the end of the node defining it.
+						// This copy will be inserted right after the phi node defining it.
+						RegisterName from = copyStats[sourceName].sourceNameToUse;
+						Instruction* definingPhiNode = vrManager.getVirtualRegister(from).getDefiningInstruction();
+						assert(definingPhiNode && (definingPhiNode->getFlags() & ifPhiNode) != 0);
+
+						RegisterID fromID = buildRegisterID(from, classKind);
+						RegisterID toID = buildRegisterID(destinationName, classKind);
+						Instruction& copy = emitter.newCopy(*definingPhiNode->getPrimitive(), fromID, toID);
+						vrManager.getVirtualRegister(destinationName).setDefiningInstruction(copy);
+						definingPhiNode->getPrimitive()->getContainer()->getInstructions().addFirst(copy);
+
+						copyStats[sourceName].temporaryName = destinationName;
+						copyStats[sourceName].sourceNameToUse = destinationName;
+						pushName(pool, &(copyStats[sourceName].newName), pushed, &pushedList, sourceName, destinationName);
+					}
+
+					// Insert the copy instruction at the end of the current node.
+					RegisterName from = copyStats[sourceName].sourceNameToUse;
+
+					RegisterClassKind classKind = copyStats[destinationName].classKind;
+					RegisterID fromID = buildRegisterID(from, classKind);
+					RegisterID toID = buildRegisterID(destinationName, classKind);
+					Instruction& copy = emitter.newCopy(*vrManager.getVirtualRegister(from).getDefiningInstruction()->getPrimitive(), fromID, toID);
+					instructions.insertAfter(copy, endOfTheNode);
+					endOfTheNode = instructions.advance(endOfTheNode);
+
+					copyStats[sourceName].useCount = 0;
+					if (destinationList.test(sourceName) && copyStats[sourceName].isLiveOut)
+						pushName(pool, &(copyStats[sourceName].newName), pushed, &pushedList, sourceName, destinationName);
+					copyStats[sourceName].isLiveOut = false;
+					copyStats[sourceName].sourceNameToUse = destinationName;
+
+					if (destinationList.test(sourceName))
+						workList.set(sourceName);
+					destinationList.clear(destinationName);
+				}
+
+				destinationListSize = destinationList.getSize();
+				if (destinationListSize != 0) {
+					RegisterName sourceName = RegisterName(destinationList.getOne());
+					RegisterName destinationName;
+
+					if (!copyStats[sourceName].temporaryName) {
+						// Cycle problem.
+						RegisterClassKind classKind = copyStats[sourceName].classKind;
+						destinationName = getName(vrManager.newVirtualRegister(classKind));
+						assert(destinationName < maxNameCount);
+				
+						copyStats[destinationName].classKind = classKind;
+						copyStats[sourceName].temporaryName = destinationName;
+
+						// Insert the copy instruction at the end of the current node.
+						RegisterName from = copyStats[sourceName].sourceNameToUse;
+
+						RegisterID fromID = buildRegisterID(from, classKind);
+						RegisterID toID = buildRegisterID(destinationName, classKind);
+						Instruction& copy = emitter.newCopy(*vrManager.getVirtualRegister(from).getDefiningInstruction()->getPrimitive(), fromID, toID);
+						vrManager.getVirtualRegister(destinationName).setDefiningInstruction(copy);
+						instructions.insertAfter(copy, endOfTheNode);
+						endOfTheNode = instructions.advance(endOfTheNode);
+					} else 
+						destinationName = copyStats[sourceName].temporaryName;
+
+					copyStats[sourceName].useCount = 0;
+					copyStats[sourceName].isLiveOut = false;
+					copyStats[sourceName].sourceNameToUse = destinationName;
+					pushName(pool, &(copyStats[sourceName].newName), pushed, &pushedList, sourceName, destinationName);
+
+					workList.set(sourceName);
+				}
+			}
+
+			nodeStackPtr->pushedList = pushedList;
+			nodeStackPtr->next = next;
+			nodeStackPtr->limit = limit;
+			++nodeStackPtr;
+			next = dGraph.getSuccessorsBegin(currentNode);
+			limit = dGraph.getSuccessorsEnd(currentNode);
+		}
+	}
+}
+
+#endif // _PHI_NODE_REMOVER_H_

mozilla/ef/Compiler/RegisterAllocator/RegisterAllocator.cpp

@@ -0,0 +1,155 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.0 (the "NPL"); you may not use this file except in
+ * compliance with the NPL.  You may obtain a copy of the NPL at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the NPL is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
+ * for the specific language governing rights and limitations under the
+ * NPL.
+ *
+ * The Initial Developer of this code under the NPL is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation.  All Rights
+ * Reserved.
+ */
+
+#include "Fundamentals.h"
+#include "LogModule.h"
+#include "RegisterAllocator.h"
+#include "RegisterPressure.h"
+#include "RegisterAllocatorTools.h"
+#include "PhiNodeRemover.h"
+#include "LiveRange.h"
+#include "Liveness.h"
+#include "InterferenceGraph.h"
+#include "LiveRangeGraph.h"
+#include "Coalescing.h"
+#include "Spilling.h"
+#include "Coloring.h"
+#include "Splits.h"
+
+class Pool;
+class ControlGraph;
+class VirtualRegisterManager;
+class InstructionEmitter;
+
+UT_DEFINE_LOG_MODULE(RegAlloc);
+
+void RegisterAllocator::allocateRegisters(Pool& pool, ControlGraph& controlGraph, VirtualRegisterManager& vrManager, InstructionEmitter& emitter)
+{
+	// Insert the phi node instructions. We want to do this to have a single defined register per instruction.
+	// If we keep the PhiNode (as a DataNode) and a PhiNode is of DoubleWordKind then we have to execute
+	// some special code for the high word annotation.
+	//
+	RegisterAllocatorTools::insertPhiNodeInstructions(controlGraph, emitter);
+
+	// Perform some tests on the instruction graph.
+	//
+	DEBUG_ONLY(RegisterAllocatorTools::testTheInstructionGraph(controlGraph, vrManager));
+
+	// Replace the phi node instructions by their equivalent copy instructions.
+	//
+	PhiNodeRemover<LowRegisterPressure>::replacePhiNodes(controlGraph, vrManager, emitter);
+
+	// Do the register allocation.
+	//
+	RegisterAllocator registerAllocator(pool, controlGraph, vrManager, emitter);
+	registerAllocator.doGraphColoring();
+}
+
+void RegisterAllocator::doGraphColoring()
+{
+	// Initialize the liverange map.
+	//
+	initLiveRanges();
+
+	// Build the live ranges. We do this to compress the number of RegisterNames 
+	// used in the insterference graph.
+	//
+	LiveRange<LowRegisterPressure>::build(*this);
+
+	// Remove unnecessary copies.
+	//
+	RegisterAllocatorTools::removeUnnecessaryCopies(*this);
+
+	for (Uint8 loop = 0; loop < 10; loop++) {
+
+		UT_OBJECTLOG(UT_LOG_MODULE(RegAlloc), PR_LOG_ALWAYS, ("********* RegisterAllocator loop %d *********\n", loop));
+
+		while(true) {
+			// Build the interference graph.
+			//
+			iGraph.build();
+
+			// Coalesce the copy instructions.
+			//
+			if (!Coalescing<LowRegisterPressure>::coalesce(*this))
+				break;
+		}
+
+		// Print the interference graph.
+		//
+		DEBUG_LOG_ONLY(iGraph.printPretty(UT_LOG_MODULE(RegAlloc)));
+
+		// Calculate the spill costs.
+		//
+		Spilling<LowRegisterPressure>::calculateSpillCosts(*this);
+		DEBUG_LOG_ONLY(RegisterAllocatorTools::printSpillCosts(*this));
+
+		// Calculate the split costs.
+		//
+		Splits<LowRegisterPressure>::calculateSplitCosts(*this);
+		DEBUG_LOG_ONLY(RegisterAllocatorTools::printSplitCosts(*this));
+
+		// Build the live range graph.
+		//
+		lGraph.build();
+		DEBUG_LOG_ONLY(lGraph.printPretty(UT_LOG_MODULE(RegAlloc)));
+
+		// Color the graph. If it succeeds then we're done with the
+		// register allocation.
+		//
+		if (Coloring<LowRegisterPressure>::color(*this)) {
+			// Write the final colors in the instruction graph.
+			//
+			Coloring<LowRegisterPressure>::finalColoring(*this);
+
+			UT_OBJECTLOG(UT_LOG_MODULE(RegAlloc), PR_LOG_ALWAYS, ("********** RegisterAllocator  done **********\n"));
+			DEBUG_LOG_ONLY(RegisterAllocatorTools::printInstructions(*this));
+
+			return;
+		}
+
+		// We need to spill some registers.
+		//
+		Spilling<LowRegisterPressure>::insertSpillCode(*this);
+
+		// Insert the split instructions.
+		//
+		Splits<LowRegisterPressure>::insertSplitCode(*this);
+
+		// Update the live ranges.
+		// 
+		// FIX
+	}
+
+#ifdef DEBUG_LOG
+	RegisterAllocatorTools::updateInstructionGraph(*this);
+	RegisterAllocatorTools::printInstructions(*this);
+#endif
+	fprintf(stderr, "!!! Coloring failed after 10 loops !!!\n");
+	abort();
+}
+
+void RegisterAllocator::initLiveRanges()
+{
+	Uint32 count = this->nameCount;
+	RegisterName* name2range = new(pool) RegisterName[nameCount];
+	for (RegisterName r = RegisterName(1); r < count; r = RegisterName(r + 1))
+		name2range[r] = r;
+	this->name2range = name2range;
+	rangeCount = count;
+}

mozilla/ef/Compiler/RegisterAllocator/RegisterAllocator.h

@@ -0,0 +1,88 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.0 (the "NPL"); you may not use this file except in
+ * compliance with the NPL.  You may obtain a copy of the NPL at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the NPL is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
+ * for the specific language governing rights and limitations under the
+ * NPL.
+ *
+ * The Initial Developer of this code under the NPL is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation.  All Rights
+ * Reserved.
+ */
+
+#ifndef _REGISTER_ALLOCATOR_H_
+#define _REGISTER_ALLOCATOR_H_
+
+class Pool;
+class ControlGraph;
+class InstructionEmitter;
+struct SpillCost;
+struct SplitCost;
+
+#include "Liveness.h"
+#include "VirtualRegister.h"
+#include "RegisterPressure.h" // This should included by Backend.cpp
+#include "InterferenceGraph.h"
+#include "LiveRangeGraph.h"
+
+//template <class RegisterPressure>
+class RegisterAllocator
+{
+public:
+
+	Pool&									pool;			//
+	ControlGraph&							controlGraph;	//
+	VirtualRegisterManager&					vrManager;		//
+	InstructionEmitter&						emitter;		//
+
+	RegisterName*							name2range;		//
+	RegisterName*							color;			//
+	SpillCost*								spillCost;		//
+	SparseSet*								willSpill;		//
+	SplitCost*								splitCost;		//
+	NameLinkedList**						splitAround;	//
+	InterferenceGraph<LowRegisterPressure>	iGraph;			//
+	LiveRangeGraph<LowRegisterPressure>		lGraph;			//
+	LivenessInfo<LowRegisterPressure>		liveness;		//
+	Uint32									nameCount;		//
+	Uint32									rangeCount;		//
+	bool									splitFound;		//
+
+private:
+
+	//
+	//
+	void doGraphColoring();
+
+public:
+
+	//
+	//
+	inline RegisterAllocator(Pool& pool, ControlGraph& controlGraph, VirtualRegisterManager& vrManager, InstructionEmitter& emitter);
+
+	//
+	//
+	bool canInterfere(RegisterName /*name1*/, RegisterName /*name2*/) const {return true;}
+
+	//
+	//
+	void initLiveRanges();
+
+	//
+	//
+	static void allocateRegisters(Pool& pool, ControlGraph& controlGraph, VirtualRegisterManager& vrManager, InstructionEmitter& emitter);
+};
+
+//
+//
+inline RegisterAllocator::RegisterAllocator(Pool& pool, ControlGraph& controlGraph, VirtualRegisterManager& vrManager, InstructionEmitter& emitter)
+	: pool(pool), controlGraph(controlGraph), vrManager(vrManager), emitter(emitter), iGraph(*this), lGraph(*this), nameCount(vrManager.getSize()) {}
+
+#endif // _REGISTER_ALLOCATOR_H_
+

mozilla/ef/Compiler/RegisterAllocator/RegisterAllocatorTools.cpp

@@ -0,0 +1,355 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.0 (the "NPL"); you may not use this file except in
+ * compliance with the NPL.  You may obtain a copy of the NPL at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the NPL is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
+ * for the specific language governing rights and limitations under the
+ * NPL.
+ *
+ * The Initial Developer of this code under the NPL is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation.  All Rights
+ * Reserved.
+ */
+
+#include "Fundamentals.h"
+#include "LogModule.h"
+#include "RegisterAllocatorTools.h"
+#include "Pool.h"
+#include "ControlGraph.h"
+#include "ControlNodes.h"
+#include "Primitives.h"
+#include "InstructionEmitter.h"
+#include "Instruction.h"
+#include "RegisterAllocator.h"
+#include "Spilling.h"
+#include "Splits.h"
+#include "BitSet.h"
+
+UT_EXTERN_LOG_MODULE(RegAlloc);
+
+#ifdef DEBUG
+void RegisterAllocatorTools::testTheInstructionGraph(ControlGraph& controlGraph, VirtualRegisterManager& vrManager)
+{
+	// Test the declared VirtualRegisters. The register allocator tries to condense the register universe.
+	// Any gap in the VirtualRegister names will be a loss of efficiency !!!!
+
+	Uint32 nameCount = vrManager.getSize();
+	BitSet registerSeen(controlGraph.pool, nameCount);
+
+	ControlNode** nodes = controlGraph.dfsList;
+	Uint32 nNodes = controlGraph.nNodes;
+
+	for (Uint32 n = 0; n < nNodes; n++) {
+
+		InstructionList& instructions = nodes[n]->getInstructions();
+		for (InstructionList::iterator i = instructions.begin(); !instructions.done(i); i = instructions.advance(i)) {
+			Instruction& instruction = instructions.get(i);
+
+			InstructionUse* useEnd = instruction.getInstructionUseEnd();
+			for (InstructionUse* usePtr = instruction.getInstructionUseBegin(); usePtr < useEnd; usePtr++)
+				if (usePtr->isRegister())
+					registerSeen.set(usePtr->getRegisterName());
+
+			InstructionDefine* defineEnd = instruction.getInstructionDefineEnd();
+			for (InstructionDefine* definePtr = instruction.getInstructionDefineBegin(); definePtr < defineEnd; definePtr++)
+				if (definePtr->isRegister())
+					registerSeen.set(definePtr->getRegisterName());
+		}
+
+		InstructionList& phiNodes = nodes[n]->getPhiNodeInstructions();
+		for (InstructionList::iterator p = phiNodes.begin(); !phiNodes.done(p); p = phiNodes.advance(p)) {
+			Instruction& instruction = phiNodes.get(p);
+
+			InstructionUse* useEnd = instruction.getInstructionUseEnd();
+			for (InstructionUse* usePtr = instruction.getInstructionUseBegin(); usePtr < useEnd; usePtr++)
+				if (usePtr->isRegister())
+					registerSeen.set(usePtr->getRegisterName());
+
+			InstructionDefine* defineEnd = instruction.getInstructionDefineEnd();
+			for (InstructionDefine* definePtr = instruction.getInstructionDefineBegin(); definePtr < defineEnd; definePtr++)
+				if (definePtr->isRegister())
+					registerSeen.set(definePtr->getRegisterName());
+		}
+	}
+
+	bool renameRegisters = false;
+	for (BitSet::iterator i = registerSeen.nextZero(0); !registerSeen.done(i); i = registerSeen.nextZero(i)) {
+		renameRegisters = true;
+		fprintf(stderr, 
+				"WARNING: The VirtualRegister vr%d has been allocated during CodeGeneration but\n"
+				"         is never used nor defined by any instruction in the instruction graph\n"
+				"                                  PLEASE FIX                                  \n",
+				i);
+	}
+	if (renameRegisters) {
+		Instruction** definingInstruction = new Instruction*[nameCount];
+		memset(definingInstruction, '\0', nameCount * sizeof(Instruction*));
+		RegisterName* newName = new RegisterName[nameCount];
+		memset(newName, '\0', nameCount * sizeof(RegisterName));
+		RegisterName nextName = RegisterName(1);
+
+		for (Uint32 n = 0; n < nNodes; n++) {
+
+			InstructionList& instructions = nodes[n]->getInstructions();
+			for (InstructionList::iterator i = instructions.begin(); !instructions.done(i); i = instructions.advance(i)) {
+				Instruction& instruction = instructions.get(i);
+
+				InstructionUse* useEnd = instruction.getInstructionUseEnd();
+				for (InstructionUse* usePtr = instruction.getInstructionUseBegin(); usePtr < useEnd; usePtr++)
+					if (usePtr->isRegister()) {
+						RegisterName name = usePtr->getRegisterName();
+						if (newName[name] == rnInvalid) {
+							newName[name] = nextName;
+							definingInstruction[nextName] = vrManager.getVirtualRegister(name).getDefiningInstruction();
+							nextName = RegisterName(nextName + 1);
+						}
+						usePtr->setRegisterName(newName[name]);
+					}
+
+				InstructionDefine* defineEnd = instruction.getInstructionDefineEnd();
+				for (InstructionDefine* definePtr = instruction.getInstructionDefineBegin(); definePtr < defineEnd; definePtr++)
+					if (definePtr->isRegister()) {
+						RegisterName name = definePtr->getRegisterName();
+						if (newName[name] == rnInvalid) {
+							newName[name] = nextName;
+							definingInstruction[nextName] = vrManager.getVirtualRegister(name).getDefiningInstruction();
+							nextName = RegisterName(nextName + 1);
+						}
+						definePtr->setRegisterName(newName[name]);
+					}
+			}
+
+			InstructionList& phiNodes = nodes[n]->getPhiNodeInstructions();
+			for (InstructionList::iterator p = phiNodes.begin(); !phiNodes.done(p); p = phiNodes.advance(p)) {
+				Instruction& instruction = phiNodes.get(p);
+
+				InstructionUse* useEnd = instruction.getInstructionUseEnd();
+				for (InstructionUse* usePtr = instruction.getInstructionUseBegin(); usePtr < useEnd; usePtr++)
+					if (usePtr->isRegister()) {
+						RegisterName name = usePtr->getRegisterName();
+						if (newName[name] == rnInvalid) {
+							newName[name] = nextName;
+							definingInstruction[nextName] = vrManager.getVirtualRegister(name).getDefiningInstruction();
+							nextName = RegisterName(nextName + 1);
+						}
+						usePtr->setRegisterName(newName[name]);
+					}
+
+				InstructionDefine* defineEnd = instruction.getInstructionDefineEnd();
+				for (InstructionDefine* definePtr = instruction.getInstructionDefineBegin(); definePtr < defineEnd; definePtr++)
+					if (definePtr->isRegister()) {
+						RegisterName name = definePtr->getRegisterName();
+						if (newName[name] == rnInvalid) {
+							newName[name] = nextName;
+							definingInstruction[nextName] = vrManager.getVirtualRegister(name).getDefiningInstruction();
+							nextName = RegisterName(nextName + 1);
+						}
+						definePtr->setRegisterName(newName[name]);
+					}
+			}
+		}
+		
+		vrManager.setSize(nextName);
+
+		for (RegisterName r = RegisterName(1); r < nextName; r = RegisterName(r + 1))
+			vrManager.getVirtualRegister(r).definingInstruction = definingInstruction[r];
+
+		UT_OBJECTLOG(UT_LOG_MODULE(RegAlloc), PR_LOG_ALWAYS, ("RegisterMap:\n"));
+		for (Uint32 i = 1; i < nameCount; i++)
+			if (newName[i] != 0)
+				UT_OBJECTLOG(UT_LOG_MODULE(RegAlloc), PR_LOG_ALWAYS, ("\tvr%d becomes vr%d.\n", i, newName[i]));
+			else
+				UT_OBJECTLOG(UT_LOG_MODULE(RegAlloc), PR_LOG_ALWAYS, ("\tvr%d is dead.\n", i));
+
+
+		delete newName;
+		delete definingInstruction;
+	}
+
+}
+#endif // DEBUG
+
+void RegisterAllocatorTools::removeUnnecessaryCopies(RegisterAllocator& registerAllocator)
+{
+	ControlGraph& controlGraph = registerAllocator.controlGraph;
+	ControlNode** nodes = controlGraph.dfsList;
+	Uint32 nNodes = controlGraph.nNodes;
+	RegisterName* name2range = registerAllocator.name2range;
+
+	for (Uint32 n = 0; n < nNodes; n++) {
+		InstructionList& instructions = nodes[n]->getInstructions();
+		for (InstructionList::iterator i = instructions.begin(); !instructions.done(i);) {
+			Instruction& instruction = instructions.get(i);
+			i = instructions.advance(i);
+
+			if (instruction.getFlags() & ifCopy) {
+				assert(instruction.getInstructionUseBegin() != instruction.getInstructionUseEnd() && instruction.getInstructionUseBegin()[0].isRegister());
+				assert(instruction.getInstructionDefineBegin() != instruction.getInstructionDefineEnd() && instruction.getInstructionDefineBegin()[0].isRegister());
+				
+				RegisterName source = name2range[instruction.getInstructionUseBegin()[0].getRegisterName()];
+				RegisterName destination = name2range[instruction.getInstructionDefineBegin()[0].getRegisterName()];
+
+				if (source == destination)
+					instruction.remove();
+			}
+		}
+	}
+}
+
+
+void RegisterAllocatorTools::updateInstructionGraph(RegisterAllocator& registerAllocator)
+{
+	ControlGraph& controlGraph = registerAllocator.controlGraph;
+	ControlNode** nodes = controlGraph.dfsList;
+	Uint32 nNodes = controlGraph.nNodes;
+	RegisterName* name2range = registerAllocator.name2range;
+
+	for (Uint32 n = 0; n < nNodes; n++) {
+		InstructionList& instructions = nodes[n]->getInstructions();
+		for (InstructionList::iterator i = instructions.begin(); !instructions.done(i); i = instructions.advance(i)) {
+			Instruction& instruction = instructions.get(i);
+
+			InstructionUse* useEnd = instruction.getInstructionUseEnd();
+			for (InstructionUse* usePtr = instruction.getInstructionUseBegin(); usePtr < useEnd; usePtr++)
+				if (usePtr->isRegister())
+					usePtr->setRegisterName(name2range[usePtr->getRegisterName()]);
+
+			InstructionDefine* defineEnd = instruction.getInstructionDefineEnd();
+			for (InstructionDefine* definePtr = instruction.getInstructionDefineBegin(); definePtr < defineEnd; definePtr++)
+				if (definePtr->isRegister())
+					definePtr->setRegisterName(name2range[definePtr->getRegisterName()]);
+		}
+
+		InstructionList& phiNodes = nodes[n]->getPhiNodeInstructions();
+		for (InstructionList::iterator p = phiNodes.begin(); !phiNodes.done(p); p = phiNodes.advance(p)) {
+			Instruction& instruction = phiNodes.get(p);
+
+			InstructionUse* useEnd = instruction.getInstructionUseEnd();
+			for (InstructionUse* usePtr = instruction.getInstructionUseBegin(); usePtr < useEnd; usePtr++)
+				if (usePtr->isRegister())
+					usePtr->setRegisterName(name2range[usePtr->getRegisterName()]);
+
+			InstructionDefine* defineEnd = instruction.getInstructionDefineEnd();
+			for (InstructionDefine* definePtr = instruction.getInstructionDefineBegin(); definePtr < defineEnd; definePtr++)
+				if (definePtr->isRegister())
+					definePtr->setRegisterName(name2range[definePtr->getRegisterName()]);
+		}
+	}
+}
+
+
+void RegisterAllocatorTools::insertPhiNodeInstructions(ControlGraph& controlGraph, InstructionEmitter& emitter)
+{
+	Pool& pool = controlGraph.pool;
+	ControlNode** nodes = controlGraph.dfsList;
+	Uint32 nNodes = controlGraph.nNodes;
+	
+	for (Uint32 n = 0; n < nNodes; n++) {
+		ControlNode& node = *nodes[n];
+		DoublyLinkedList<PhiNode>& phiNodes = node.getPhiNodes();
+
+		if (!phiNodes.empty()) {
+
+			// Set the index of the incoming edges.
+			Uint32 index = 0;
+			const DoublyLinkedList<ControlEdge>& predecessors = node.getPredecessors();
+			for (DoublyLinkedList<ControlEdge>::iterator p = predecessors.begin(); !predecessors.done(p); p = predecessors.advance(p))
+				predecessors.get(p).setIndex(index++);
+
+			// Insert the phi node instruction in the instruction list.
+			for (DoublyLinkedList<PhiNode>::iterator i = phiNodes.begin(); !phiNodes.done(i); i = phiNodes.advance(i)) {
+				PhiNode& phiNode = phiNodes.get(i);
+				ValueKind kind = phiNode.getKind();
+
+				if (!isStorableKind(kind))
+					continue;
+
+				RegisterClassKind classKind = rckGeneral; // FIX: get class kind from phi node kind.
+				Uint32 nInputs = phiNode.nInputs();
+
+				PhiNodeInstruction& phiNodeInstruction = *new(pool) PhiNodeInstruction(&phiNode, pool, nInputs);
+
+				emitter.defineProducer(phiNode, phiNodeInstruction, 0, classKind, drLow);
+				for (Uint32 whichInput = 0; whichInput < nInputs; whichInput++)
+					emitter.useProducer(phiNode.nthInputVariable(whichInput), phiNodeInstruction, whichInput, classKind, drLow);
+
+				node.addPhiNodeInstruction(phiNodeInstruction);
+
+				if (isDoublewordKind(kind)) {
+					PhiNodeInstruction& phiNodeInstruction = *new(pool) PhiNodeInstruction(&phiNode, pool, nInputs);
+
+					emitter.defineProducer(phiNode, phiNodeInstruction, 0, classKind, drHigh);
+					for (Uint32 whichInput = 0; whichInput < nInputs; whichInput++)
+						emitter.useProducer(phiNode.nthInputVariable(whichInput), phiNodeInstruction, whichInput, classKind, drHigh);
+
+					node.addPhiNodeInstruction(phiNodeInstruction);
+				}
+			}
+		}
+	}
+}
+
+#ifdef DEBUG_LOG
+
+void RegisterAllocatorTools::printSpillCosts(RegisterAllocator& registerAllocator)
+{
+	LogModuleObject log = UT_LOG_MODULE(RegAlloc);
+	Uint32 rangeCount = registerAllocator.rangeCount;
+	SpillCost* cost = registerAllocator.spillCost;
+
+	UT_OBJECTLOG(log, PR_LOG_ALWAYS, ("Spill costs:\n"));
+	for (Uint32 i = 1; i < rangeCount; i++) {
+		UT_OBJECTLOG(log, PR_LOG_ALWAYS, ("\trange %d : ", i));
+		if (cost[i].infinite)
+			UT_OBJECTLOG(log, PR_LOG_ALWAYS, ("infinite\n"));
+		else
+			UT_OBJECTLOG(log, PR_LOG_ALWAYS, ("%f\n", cost[i].cost));
+	}
+}
+
+void RegisterAllocatorTools::printSplitCosts(RegisterAllocator& registerAllocator)
+{
+	LogModuleObject log = UT_LOG_MODULE(RegAlloc);
+	Uint32 rangeCount = registerAllocator.rangeCount;
+	SplitCost* cost = registerAllocator.splitCost;
+
+	UT_OBJECTLOG(log, PR_LOG_ALWAYS, ("Split costs:\n"));
+	for (Uint32 i = 1; i < rangeCount; i++) {
+		UT_OBJECTLOG(log, PR_LOG_ALWAYS, ("\trange %d : loads = %f stores = %f\n", i, cost[i].loads, cost[i].stores));
+	}
+}
+
+void RegisterAllocatorTools::printInstructions(RegisterAllocator& registerAllocator)
+{
+	LogModuleObject log = UT_LOG_MODULE(RegAlloc);
+	ControlNode** nodes = registerAllocator.controlGraph.dfsList;
+	Uint32 nNodes = registerAllocator.controlGraph.nNodes;
+
+	for (Uint32 n = 0; n < nNodes; n++) {
+		UT_OBJECTLOG(log, PR_LOG_ALWAYS, ("N%d:\n", n));
+
+		InstructionList& phiNodes = nodes[n]->getPhiNodeInstructions();
+		InstructionList& instructions = nodes[n]->getInstructions();
+
+		if (!phiNodes.empty()) {
+			UT_OBJECTLOG(log, PR_LOG_ALWAYS, (" PhiNodes:\n", n));
+			for(InstructionList::iterator i = phiNodes.begin(); !phiNodes.done(i); i = phiNodes.advance(i)) {
+				phiNodes.get(i).printPretty(log);
+				UT_OBJECTLOG(log, PR_LOG_ALWAYS, ("\n"));
+			}
+			if (!instructions.empty())
+				UT_OBJECTLOG(log, PR_LOG_ALWAYS, (" Instructions:\n", n));
+		}
+
+		for(InstructionList::iterator i = instructions.begin(); !instructions.done(i); i = instructions.advance(i)) {
+			instructions.get(i).printPretty(log);
+			UT_OBJECTLOG(log, PR_LOG_ALWAYS, ("\n"));
+		}
+	}
+}
+#endif // DEBUG_LOG

mozilla/ef/Compiler/RegisterAllocator/RegisterAllocatorTools.h

@@ -0,0 +1,117 @@
+//	-*- mode:C++; tab-width:4; truncate-lines:t -*-
+//
+//           CONFIDENTIAL AND PROPRIETARY SOURCE CODE OF
+//              NETSCAPE COMMUNICATIONS CORPORATION
+// Copyright © 1996, 1997 Netscape Communications Corporation.  All Rights
+// Reserved.  Use of this Source Code is subject to the terms of the
+// applicable license agreement from Netscape Communications Corporation.
+// The copyright notice(s) in this Source Code does not indicate actual or
+// intended publication of this Source Code.
+//
+// $Id: RegisterAllocatorTools.h,v 1.1.2.1 1999-03-02 16:12:05 fur%netscape.com Exp $
+//
+
+#ifndef _REGISTER_ALLOCATOR_TOOLS_H_
+#define _REGISTER_ALLOCATOR_TOOLS_H_
+
+#include "LogModule.h"
+#include "RegisterTypes.h"
+#include <string.h>
+
+class RegisterAllocator;
+class ControlGraph;
+class InstructionEmitter;
+class VirtualRegisterManager;
+
+struct RegisterAllocatorTools
+{
+	//
+	//
+	static void insertPhiNodeInstructions(ControlGraph& controlGraph, InstructionEmitter& emitter);
+
+	//
+	//
+	static void updateInstructionGraph(RegisterAllocator& registerAllocator);
+
+	//
+	//
+	static void removeUnnecessaryCopies(RegisterAllocator& registerAllocator);
+
+#ifdef DEBUG
+	//
+	//
+	static void testTheInstructionGraph(ControlGraph& controlGraph, VirtualRegisterManager& vrManager);
+#endif // DEBUG
+
+#ifdef DEBUG_LOG
+	//
+	//
+	static void printInstructions(RegisterAllocator& registerAllocator);
+
+	//
+	//
+	static void printSpillCosts(RegisterAllocator& registerAllocator);
+
+	//
+	//
+	static void printSplitCosts(RegisterAllocator& registerAllocator);
+#endif // DEBUG_LOG
+};
+
+//
+// FIX: this should go in a class (LookupTable ?)
+//
+
+inline RegisterName findRoot(RegisterName name, RegisterName* table)
+{
+	RegisterName* stack = table;
+	RegisterName* stackPtr = stack;
+
+	RegisterName newName;
+	while((newName = table[name]) != name) {
+		*--stackPtr = name;
+		name = newName;
+	}
+
+	while (stackPtr != stack)
+		table[*stackPtr++] = name;
+
+	return name;
+}
+
+inline void init(RegisterName* table, Uint32 nameCount)
+{
+	for (RegisterName r = RegisterName(0); r < nameCount; r = RegisterName(r + 1))
+		table[r] = r;
+}
+
+inline Uint32 compress(RegisterName* name2range, RegisterName* table, Uint32 nameCount, Uint32 tableSize)
+{
+	RegisterName* liveRange = new RegisterName[tableSize];
+	memset(liveRange, '\0', tableSize * sizeof(RegisterName));
+
+	// Update the lookup table.
+	for (RegisterName r = RegisterName(1); r < tableSize; r = RegisterName(r + 1))
+		findRoot(r, table);
+
+	// Count the liveranges.
+	Uint32 liveRangeCount = 1;
+	for (RegisterName s = RegisterName(1); s < tableSize; s = RegisterName(s + 1))
+		if (table[s] == s)
+			liveRange[s] = RegisterName(liveRangeCount++);
+
+	for (RegisterName t = RegisterName(1); t < nameCount; t = RegisterName(t + 1))
+		name2range[t] = liveRange[table[name2range[t]]];
+
+	return liveRangeCount;
+}
+
+inline double doLog10(Uint32 power)
+{
+	double log = 1.0;
+	while (power--)
+		log *= 10.0;
+	return log;
+}
+
+#endif // _REGISTER_ALLOCATOR_TOOLS_H_

mozilla/ef/Compiler/RegisterAllocator/RegisterAssigner.h

@@ -0,0 +1,38 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.0 (the "NPL"); you may not use this file except in
+ * compliance with the NPL.  You may obtain a copy of the NPL at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the NPL is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
+ * for the specific language governing rights and limitations under the
+ * NPL.
+ *
+ * The Initial Developer of this code under the NPL is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation.  All Rights
+ * Reserved.
+ */
+
+#ifndef _REGISTER_ASSIGNER_H_
+#define _REGISTER_ASSIGNER_H_
+
+#include "Fundamentals.h"
+#include "VirtualRegister.h"
+
+class FastBitMatrix;
+
+class RegisterAssigner
+{
+protected:
+  VirtualRegisterManager& vRegManager;
+  
+public:
+  RegisterAssigner(VirtualRegisterManager& vrMan) : vRegManager(vrMan) {}
+  
+  virtual bool assignRegisters(FastBitMatrix& interferenceMatrix) = 0;
+};
+
+#endif /* _REGISTER_ASSIGNER_H_ */

mozilla/ef/Compiler/RegisterAllocator/RegisterClass.h

@@ -0,0 +1,25 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.0 (the "NPL"); you may not use this file except in
+ * compliance with the NPL.  You may obtain a copy of the NPL at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the NPL is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
+ * for the specific language governing rights and limitations under the
+ * NPL.
+ *
+ * The Initial Developer of this code under the NPL is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation.  All Rights
+ * Reserved.
+ */
+
+#ifndef _REGISTER_CLASS_H_
+#define _REGISTER_CLASS_H_
+
+#include "Fundamentals.h"
+#include "RegisterTypes.h"
+
+#endif // _REGISTER_CLASS_H_

mozilla/ef/Compiler/RegisterAllocator/RegisterPressure.h

@@ -0,0 +1,37 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.0 (the "NPL"); you may not use this file except in
+ * compliance with the NPL.  You may obtain a copy of the NPL at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the NPL is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
+ * for the specific language governing rights and limitations under the
+ * NPL.
+ *
+ * The Initial Developer of this code under the NPL is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation.  All Rights
+ * Reserved.
+ */
+
+#ifndef _REGISTER_PRESSURE_H_
+#define _REGISTER_PRESSURE_H_
+
+#include "BitSet.h"
+#include "HashSet.h"
+
+struct LowRegisterPressure
+{
+	typedef BitSet Set;
+	static const bool setIsOrdered = true;
+};
+
+struct HighRegisterPressure
+{
+	typedef HashSet Set;
+	static const bool setIsOrdered = false;
+};
+
+#endif // _REGISTER_PRESSURE_H_

mozilla/ef/Compiler/RegisterAllocator/RegisterTypes.h

@@ -0,0 +1,104 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.0 (the "NPL"); you may not use this file except in
+ * compliance with the NPL.  You may obtain a copy of the NPL at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the NPL is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
+ * for the specific language governing rights and limitations under the
+ * NPL.
+ *
+ * The Initial Developer of this code under the NPL is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation.  All Rights
+ * Reserved.
+ */
+
+#ifndef _REGISTER_TYPES_H_
+#define _REGISTER_TYPES_H_
+
+#include "Fundamentals.h"
+
+//------------------------------------------------------------------------------
+// RegisterName -
+//
+
+enum RegisterName {
+	rnInvalid = 0,
+};
+
+//------------------------------------------------------------------------------
+// RegisterClassKind -
+//
+
+enum RegisterClassKind {
+	rckInvalid = 0,
+	rckGeneral,
+	rckStackSlot,
+
+	nRegisterClassKind
+};
+
+//------------------------------------------------------------------------------
+// RegisterID -
+//
+
+enum RegisterID {
+	invalidID = 0
+};
+
+//------------------------------------------------------------------------------
+// RegisterKind -
+//
+
+enum RegisterKind {
+	rkCallerSave = 0,
+	rkCalleeSave,
+};
+
+struct NameLinkedList {
+	RegisterName name;
+	NameLinkedList* next;
+};
+
+#ifdef DEBUG
+
+const registerNameMask = 		0x03ffffff;
+const coloredRegisterMask = 	0x04000000;
+const machineRegisterMask = 	0x08000000;
+const registerClassMask = 		0xf0000000;
+
+const registerNameShift = 		0;
+const coloredRegisterShift = 	26;
+const machineRegisterShift = 	27;
+const registerClassShift = 		28;
+
+#else // DEBUG
+
+const registerNameMask = 		0x0fffffff;
+const registerClassMask = 		0xf0000000;
+
+const registerNameShift = 		0;
+const registerClassShift = 		28;
+
+#endif // DEBUG
+
+
+inline RegisterClassKind getClass(RegisterID registerID) {return RegisterClassKind((registerID & registerClassMask) >> registerClassShift);}
+inline RegisterName getName(RegisterID registerID) {return RegisterName((registerID & registerNameMask) >> registerNameShift);}
+inline void setClass(RegisterID& registerID, RegisterClassKind classKind) {registerID = RegisterID((registerID & ~registerClassMask) | ((classKind << registerClassShift) & registerClassMask));}
+inline void setName(RegisterID& registerID, RegisterName name) {assert((name & ~registerNameMask) == 0); registerID = RegisterID((registerID & ~registerNameMask) | ((name << registerNameShift) & registerNameMask));}
+inline RegisterID buildRegisterID(RegisterName name, RegisterClassKind classKind) {return RegisterID(((classKind << registerClassShift) & registerClassMask) | ((name << registerNameShift) & registerNameMask));}
+
+#ifdef DEBUG
+
+inline bool isMachineRegister(RegisterID rid) {return (rid & machineRegisterMask) != 0;}
+inline void setMachineRegister(RegisterID& rid) {rid = RegisterID(rid | machineRegisterMask);}
+inline bool isColoredRegister(RegisterID rid) {return (rid & coloredRegisterMask) != 0;}
+inline void setColoredRegister(RegisterID& rid) {rid = RegisterID(rid | coloredRegisterMask);}
+
+#endif // DEBUG
+
+#endif // _REGISTER_TYPES_H_

mozilla/ef/Compiler/RegisterAllocator/SSATools.cpp

@@ -0,0 +1,32 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.0 (the "NPL"); you may not use this file except in
+ * compliance with the NPL.  You may obtain a copy of the NPL at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the NPL is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
+ * for the specific language governing rights and limitations under the
+ * NPL.
+ *
+ * The Initial Developer of this code under the NPL is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation.  All Rights
+ * Reserved.
+ */
+
+#include "Fundamentals.h"
+#include "SSATools.h"
+#include "ControlGraph.h"
+#include "VirtualRegister.h"
+#include "Liveness.h"
+
+void replacePhiNodes(ControlGraph& controlGraph, VirtualRegisterManager& vrManager)
+{
+	if (!controlGraph.hasBackEdges)
+		return;
+
+	Liveness liveness(controlGraph.pool);
+	liveness.buildLivenessAnalysis(controlGraph, vrManager);
+}

mozilla/ef/Compiler/RegisterAllocator/SSATools.h

@@ -0,0 +1,29 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.0 (the "NPL"); you may not use this file except in
+ * compliance with the NPL.  You may obtain a copy of the NPL at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the NPL is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
+ * for the specific language governing rights and limitations under the
+ * NPL.
+ *
+ * The Initial Developer of this code under the NPL is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation.  All Rights
+ * Reserved.
+ */
+
+#ifndef _SSA_TOOLS_H_
+#define _SSA_TOOLS_H_
+
+#include "Fundamentals.h"
+
+class ControlGraph;
+class VirtualRegisterManager;
+
+extern void replacePhiNodes(ControlGraph& controlGraph, VirtualRegisterManager& vrManager);
+
+#endif // _SSA_TOOLS_H_

mozilla/ef/Compiler/RegisterAllocator/SparseSet.cpp

@@ -0,0 +1,37 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.0 (the "NPL"); you may not use this file except in
+ * compliance with the NPL.  You may obtain a copy of the NPL at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the NPL is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
+ * for the specific language governing rights and limitations under the
+ * NPL.
+ *
+ * The Initial Developer of this code under the NPL is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation.  All Rights
+ * Reserved.
+ */
+
+#include "Fundamentals.h"
+#include "SparseSet.h"
+#include "BitSet.h"
+#include "Pool.h"
+
+#ifdef DEBUG_LOG
+// Print the set.
+//
+void SparseSet::printPretty(LogModuleObject log)
+{
+	Pool pool;
+	BitSet set(pool, universeSize);
+
+	for (Uint32 i = 0; i < count; i++)
+	   set.set(node[i].element);
+
+	set.printPretty(log);
+}
+#endif // DEBUG_LOG

mozilla/ef/Compiler/RegisterAllocator/SparseSet.h

@@ -0,0 +1,168 @@
+//	-*- mode:C++; tab-width:4; truncate-lines:t -*-
+//
+//           CONFIDENTIAL AND PROPRIETARY SOURCE CODE OF
+//              NETSCAPE COMMUNICATIONS CORPORATION
+// Copyright © 1996, 1997 Netscape Communications Corporation.  All Rights
+// Reserved.  Use of this Source Code is subject to the terms of the
+// applicable license agreement from Netscape Communications Corporation.
+// The copyright notice(s) in this Source Code does not indicate actual or
+// intended publication of this Source Code.
+//
+// $Id: SparseSet.h,v 1.1.2.1 1999-03-02 16:12:07 fur%netscape.com Exp $
+//
+
+#ifndef _SPARSE_SET_H_
+#define _SPARSE_SET_H_
+
+#include "Fundamentals.h"
+#include "Pool.h"
+#include "LogModule.h"
+#include "BitSet.h"
+
+class SparseSet
+{
+private:
+
+	struct Node {
+		Uint32		element;
+		Uint32		stackIndex;
+	};
+
+	Node*			node;
+	Uint32			count;
+	Uint32			universeSize;
+
+private:
+
+	// No copy constructor.
+	SparseSet(const SparseSet&);
+
+	// Check if the given set's universe is of the same size than this universe.
+	void checkUniverseCompatibility(const SparseSet& set) const {assert(set.universeSize == universeSize);}
+	// Check if pos is valid for this set's universe.
+	void checkMember(Int32 pos) const {assert(pos >=0 && Uint32(pos) < universeSize);}
+
+public:
+
+	SparseSet(Pool& pool, Uint32 universeSize) : universeSize(universeSize) {node = new(pool) Node[universeSize]; clear();}
+
+	// Clear the sparse set.
+	void clear() {count = 0;}
+	// Clear the element at index.
+	inline void clear(Uint32 index);
+	// Set the element at index.
+	inline void set(Uint32 index);
+	// Return true if the element at index is set.
+	inline bool test(Uint32 index) const;
+	// Union with the given sparse set.
+	inline void or(const SparseSet& set);
+	// Intersection with the given sparse set.
+	inline void and(const SparseSet& set);
+	// Difference with the given sparse set.
+	inline void difference(const SparseSet& set);
+	// Copy set.
+	inline SparseSet& operator = (const SparseSet& set);
+	inline SparseSet& operator = (const BitSet& set);
+	// Return true if the sparse sets are identical.
+	friend bool operator == (const SparseSet& set1, const SparseSet& set2);
+	// Return true if the sparse sets are different.
+	friend bool operator != (const SparseSet& set1, const SparseSet& set2);
+
+	// Logical operators.
+	SparseSet& operator |= (const SparseSet& set) {or(set); return *this;}
+	SparseSet& operator &= (const SparseSet& set) {and(set); return *this;}
+	SparseSet& operator -= (const SparseSet& set) {difference(set); return *this;}
+
+	// Iterator to conform with the set API.
+	typedef Int32 iterator;
+	// Return the iterator for the first element of this set.
+	iterator begin() const {return count - 1;}
+	// Return the next iterator.
+	iterator advance(iterator pos) const {return --pos;}
+	// Return true if the iterator is at the end of the set.
+	bool done(iterator pos) const {return pos < 0;}
+	// Return the element for the given iterator;
+	Uint32 get(iterator pos) const {return node[pos].element;}
+	// Return one element of this set.
+	Uint32 getOne() const {assert(count > 0); return node[0].element;}
+	// Return the size of this set.
+	Uint32 getSize() const {return count;}
+
+#ifdef DEBUG_LOG
+	// Print the set.
+	void printPretty(LogModuleObject log);
+#endif // DEBUG_LOG
+};
+
+inline void SparseSet::clear(Uint32 element)
+{
+	checkMember(element);
+	Uint32 count = this->count;
+	Node* node = this->node;
+
+	Uint32 stackIndex = node[element].stackIndex;
+
+	if ((stackIndex < count) && (node[stackIndex].element == element)) {
+		Uint32 stackTop = node[count - 1].element;
+
+		node[stackIndex].element = stackTop;
+		node[stackTop].stackIndex = stackIndex;
+		this->count = count - 1;
+	}
+}
+
+inline void SparseSet::set(Uint32 element)
+{
+	checkMember(element);
+  	Uint32 count = this->count;
+	Node* node = this->node;
+
+	Uint32 stackIndex = node[element].stackIndex;
+
+	if ((stackIndex >= count) || (node[stackIndex].element != element)) {
+		node[count].element = element;
+		node[element].stackIndex = count;
+		this->count = count + 1;
+	}
+}
+
+inline bool SparseSet::test(Uint32 element) const
+{
+	checkMember(element);
+	Node* node = this->node;
+
+	Uint32 stackIndex = node[element].stackIndex;
+	return ((stackIndex < count) && (node[stackIndex].element == element));
+}
+
+inline SparseSet& SparseSet::operator = (const SparseSet& set)
+{
+	checkUniverseCompatibility(set);
+	Uint32 sourceCount = set.getSize();
+	Node* node = this->node;
+
+	memcpy(node, set.node, sourceCount * sizeof(Node));
+
+	for (Uint32 i = 0; i < sourceCount; i++) {
+		Uint32 element = node[i].element;
+		node[element].stackIndex = i;
+	}
+
+	count = sourceCount;
+
+	return *this;
+}
+
+
+inline SparseSet& SparseSet::operator = (const BitSet& set)
+{
+	// FIX: there's room for optimization here.
+	assert(universeSize == set.getSize());
+
+	clear();
+	for (Int32 i = set.firstOne(); i != -1; i = set.nextOne(i))
+		this->set(i);
+	return *this;
+}
+
+#endif // _SPARSE_SET_H_

mozilla/ef/Compiler/RegisterAllocator/Spilling.cpp

@@ -0,0 +1,270 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.0 (the "NPL"); you may not use this file except in
+ * compliance with the NPL.  You may obtain a copy of the NPL at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the NPL is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
+ * for the specific language governing rights and limitations under the
+ * NPL.
+ *
+ * The Initial Developer of this code under the NPL is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation.  All Rights
+ * Reserved.
+ */
+
+#ifndef NEW_LAURENTM_CODE
+#define INCLUDE_EMITTER
+#include "CpuInfo.h"
+#include "Fundamentals.h"
+#include "ControlNodes.h"
+#include "Instruction.h"
+#include "InstructionEmitter.h"
+#include "Spilling.h"
+
+
+void Spilling::
+insertSpillCode(ControlNode** dfsList, Uint32 nNodes)
+{
+  PRUint32 nVirtualRegisters = vRegManager.count();
+  FastBitSet currentLive(vRegManager.pool, nVirtualRegisters);
+  FastBitSet usedInThisInstruction(vRegManager.pool, nVirtualRegisters);
+  RegisterFifo grNeedLoad(nVirtualRegisters);
+  RegisterFifo fpNeedLoad(nVirtualRegisters);
+
+  for (PRInt32 n = nNodes - 1; n >= 0; n--)
+	{
+	  PR_ASSERT(grNeedLoad.empty() & fpNeedLoad.empty());
+	  ControlNode& node = *dfsList[n];
+
+	  currentLive = node.liveAtEnd;
+
+	  PRUint32 nGeneralAlive = 0;
+	  PRUint32 nFloatingPointAlive = 0;
+
+	  // Get the number of registers alive at the end of this node.
+	  for (PRInt32 j = currentLive.firstOne(); j != -1; j = currentLive.nextOne(j))
+		{
+		  VirtualRegister& vReg = vRegManager.getVirtualRegister(j);
+		  if (vReg.spillInfo.willSpill)
+			{
+			  currentLive.clear(j);
+			}
+		  else
+			{
+			  switch (vReg.getClass())
+				{
+				case vrcInteger:
+				  nGeneralAlive++;
+				  break;
+				case vrcFloatingPoint:
+				case vrcFixedPoint:
+				  nFloatingPointAlive++;
+				  break;
+				default:
+				  break;
+				}
+			}
+		}
+	  
+//		  if(node.dfsNum == 8) printf("\n________Begin Node %d________\n", node.dfsNum);
+
+		InstructionList& instructions = node.getInstructions();
+	  for (InstructionList::iterator i = instructions.end(); !instructions.done(i); i = instructions.retreat(i))
+		{
+		  Instruction&       instruction = instructions.get(i);
+		  InstructionUse*    useBegin    = instruction.getInstructionUseBegin();
+		  InstructionUse*    useEnd      = instruction.getInstructionUseEnd();
+		  InstructionUse*    usePtr;
+		  InstructionDefine* defBegin    = instruction.getInstructionDefineBegin();
+		  InstructionDefine* defEnd      = instruction.getInstructionDefineEnd();
+		  InstructionDefine* defPtr;
+
+//		if(node.dfsNum == 8)  { printf("\n");
+//		instruction.printPretty(stdout);
+//		printf("\n"); }
+
+		  // Handle definitions
+		  for (defPtr = defBegin; defPtr < defEnd; defPtr++)
+			if (defPtr->isVirtualRegister())
+			  {
+				VirtualRegister& vReg = defPtr->getVirtualRegister();
+				currentLive.clear(vReg.getRegisterIndex());
+				switch (vReg.getClass())
+				  {
+				  case vrcInteger:
+					nGeneralAlive--;
+					break;
+				  case vrcFloatingPoint:
+				  case vrcFixedPoint:
+					nFloatingPointAlive--;
+					break;
+				  default:
+					break;
+				  }
+			  }
+
+		  // Check for deaths
+		  for (usePtr = useBegin; usePtr < useEnd; usePtr++)
+			if (usePtr->isVirtualRegister())
+			  {
+				VirtualRegister& vReg = usePtr->getVirtualRegister();
+				if (!currentLive.test(vReg.getRegisterIndex()))
+				  // This is the last use of this register.
+				  {
+					currentLive.set(vReg.getRegisterIndex());
+					switch (vReg.getClass())
+					  {
+					  case vrcInteger:
+						nGeneralAlive++;
+						while (/*(nGeneralAlive > NUMBER_OF_GREGISTERS) &&*/ !grNeedLoad.empty())
+						  {
+							PRUint32 toLoad = grNeedLoad.get();
+							currentLive.clear(toLoad);
+							nGeneralAlive--;
+							
+							VirtualRegister& nReg = vRegManager.getVirtualRegister(toLoad);
+							Instruction& lastUsingInstruction = *nReg.spillInfo.lastUsingInstruction;
+							emitter.emitLoadAfter(*lastUsingInstruction.getPrimitive(), lastUsingInstruction.getLinks().prev,
+												  nReg.getAlias(), *nReg.equivalentRegister[vrcStackSlot]);
+							nReg.releaseSelf();
+						  }
+						break;
+					  case vrcFloatingPoint:
+					  case vrcFixedPoint:
+						nFloatingPointAlive++;
+						while (/*(nFloatingPointAlive > NUMBER_OF_FPREGISTERS) &&*/ !fpNeedLoad.empty())
+						  {
+							PRUint32 toLoad = fpNeedLoad.get();
+							currentLive.clear(toLoad);
+							nFloatingPointAlive--;
+							
+							VirtualRegister& nReg = vRegManager.getVirtualRegister(toLoad);
+							Instruction& lastUsingInstruction = *nReg.spillInfo.lastUsingInstruction;
+							emitter.emitLoadAfter(*lastUsingInstruction.getPrimitive(), lastUsingInstruction.getLinks().prev,
+												  nReg.getAlias(), *nReg.equivalentRegister[vrcStackSlot]);
+							nReg.releaseSelf();
+						  }
+						break;
+					  default:
+						break;
+					  }
+				  }
+			  }
+
+		  // Handle uses
+		  for (usePtr = useBegin; usePtr < useEnd; usePtr++)
+			if (usePtr->isVirtualRegister())
+			  {
+				VirtualRegister& vReg = usePtr->getVirtualRegister();
+				PRUint32 registerIndex = vReg.getRegisterIndex();
+
+				if (vReg.spillInfo.willSpill) {
+#if defined(GENERATE_FOR_X86)
+				  if (!instruction.switchUseToSpill((usePtr - useBegin), *vReg.equivalentRegister[vrcStackSlot]))
+#endif
+					{
+					  switch (vReg.getClass())
+						{
+						case vrcInteger:
+						  if (!grNeedLoad.test(registerIndex))
+							{
+							  grNeedLoad.put(registerIndex);
+							  VirtualRegister& alias = vRegManager.newVirtualRegister(vrcInteger);
+							  if (vReg.isPreColored())
+								  alias.preColorRegister(vReg.getPreColor());
+							  /* if (vReg.hasSpecialInterference) {
+								  alias.specialInterference.sizeTo(NUMBER_OF_REGISTERS);
+								  alias.specialInterference = vReg.specialInterference;
+								  alias.hasSpecialInterference = true;
+							  } */
+							  vReg.setAlias(alias);
+							  vReg.retainSelf();
+							}
+						  break;
+						case vrcFloatingPoint:
+						case vrcFixedPoint:
+						  if (!fpNeedLoad.test(registerIndex))
+							{
+							  fpNeedLoad.put(registerIndex);
+							  VirtualRegister& alias = vRegManager.newVirtualRegister(vReg.getClass());
+							  if (vReg.isPreColored())
+								  alias.preColorRegister(vReg.getPreColor());
+							  /*if (vReg.hasSpecialInterference) {
+								  alias.specialInterference.sizeTo(NUMBER_OF_REGISTERS);
+								  alias.specialInterference = vReg.specialInterference;
+								  alias.hasSpecialInterference = true;
+							  } */
+							  vReg.setAlias(alias);
+							  vReg.retainSelf();
+							}
+						  break;
+						default:
+						  break;
+						}
+					  usePtr->getVirtualRegisterPtr().initialize(vReg.getAlias());
+					  usedInThisInstruction.set(registerIndex);
+					  vReg.spillInfo.lastUsingInstruction = &instruction;
+					}
+				  currentLive.clear(registerIndex);
+				} else { // will not spill
+				  currentLive.set(registerIndex);
+				}
+			  }
+		  
+		  // Handle definitions
+		  for (defPtr = defBegin; defPtr < defEnd; defPtr++)
+			if (defPtr->isVirtualRegister())
+			  {
+				VirtualRegister& vReg = defPtr->getVirtualRegister();
+				
+				if (vReg.spillInfo.willSpill)
+#if defined(GENERATE_FOR_X86)
+				  if (!instruction.switchDefineToSpill((defPtr - defBegin), *vReg.equivalentRegister[vrcStackSlot]))
+#endif
+					{
+					  if (usedInThisInstruction.test(vReg.getRegisterIndex()))
+						// this virtualRegister was used in this instruction and is also defined. We need to move 
+						// this virtual register to its alias first and then save it to memory.
+						{
+						  emitter.emitStoreAfter(*instruction.getPrimitive(), &instruction.getLinks(), 
+												 vReg.getAlias(), *vReg.equivalentRegister[vrcStackSlot]);
+						  defPtr->getVirtualRegisterPtr().initialize(vReg.getAlias());
+						}
+					  else
+						{
+						  emitter.emitStoreAfter(*instruction.getPrimitive(), &instruction.getLinks(), 
+												 vReg, *vReg.equivalentRegister[vrcStackSlot]);
+						}
+					}
+			  }
+		}
+	  while (!grNeedLoad.empty())
+		{
+		  PRUint32 nl = grNeedLoad.get();
+		  VirtualRegister& nlReg = vRegManager.getVirtualRegister(nl);
+		  Instruction& lastUse = *nlReg.spillInfo.lastUsingInstruction;
+		  
+		  emitter.emitLoadAfter(*lastUse.getPrimitive(), lastUse.getLinks().prev, 
+								nlReg.getAlias(), *nlReg.equivalentRegister[vrcStackSlot]);
+		  nlReg.releaseSelf();
+		}
+	  while (!fpNeedLoad.empty())
+		{
+		  PRUint32 nl = fpNeedLoad.get();
+		  VirtualRegister& nlReg = vRegManager.getVirtualRegister(nl);
+		  Instruction& lastUse = *nlReg.spillInfo.lastUsingInstruction;
+
+		  emitter.emitLoadAfter(*lastUse.getPrimitive(), lastUse.getLinks().prev, 
+								nlReg.getAlias(), *nlReg.equivalentRegister[vrcStackSlot]);
+		  nlReg.releaseSelf();
+		}
+
+//	  if(node.dfsNum == 8) printf("\n________End Node %d________\n", node.dfsNum);
+
+	}
+}
+#endif

mozilla/ef/Compiler/RegisterAllocator/Spilling.h

@@ -0,0 +1,269 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.0 (the "NPL"); you may not use this file except in
+ * compliance with the NPL.  You may obtain a copy of the NPL at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the NPL is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
+ * for the specific language governing rights and limitations under the
+ * NPL.
+ *
+ * The Initial Developer of this code under the NPL is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation.  All Rights
+ * Reserved.
+ */
+
+#ifndef _SPILLING_H_
+#define _SPILLING_H_
+
+#include "Fundamentals.h"
+#include <string.h>
+#include "RegisterAllocator.h"
+#include "RegisterAllocatorTools.h"
+#include "ControlGraph.h"
+#include "ControlNodes.h"
+#include "Instruction.h"
+#include "SparseSet.h"
+
+template <class RegisterPressure>
+class Spilling
+{
+private:
+	static void insertStoreAfter(Instruction& instruction, RegisterName name);
+	static void insertLoadBefore(Instruction& instruction, RegisterName name);
+
+public:
+	static void calculateSpillCosts(RegisterAllocator& registerAllocator);
+	static void insertSpillCode(RegisterAllocator& registerAllocator);
+};
+
+struct SpillCost
+{
+	double loads;
+	double stores;
+	double copies;
+	double cost;
+	bool infinite;
+};
+
+template <class RegisterPressure>
+void Spilling<RegisterPressure>::insertSpillCode(RegisterAllocator& registerAllocator)
+{
+	Uint32 rangeCount = registerAllocator.rangeCount;
+	RegisterName* name2range = registerAllocator.name2range;
+
+	Pool& pool = registerAllocator.pool;
+	SparseSet currentLive(pool, rangeCount);
+	SparseSet needLoad(pool, rangeCount);
+	SparseSet mustSpill(pool, rangeCount);
+	SparseSet& willSpill = *registerAllocator.willSpill;
+	
+	ControlGraph& controlGraph = registerAllocator.controlGraph;
+	RegisterPressure::Set* liveOut = registerAllocator.liveness.liveOut;
+	ControlNode** nodes = controlGraph.dfsList;
+	Uint32 nNodes = controlGraph.nNodes;
+
+	for (Uint32 n = 0; n < nNodes; n++) {
+
+		needLoad.clear();
+		currentLive = liveOut[n];
+		mustSpill = currentLive;
+
+		InstructionList& instructions = nodes[n]->getInstructions();
+		for (InstructionList::iterator i = instructions.end(); !instructions.done(i);) {
+			Instruction& instruction = instructions.get(i);
+			i = instructions.retreat(i);
+
+			InstructionUse* useBegin = instruction.getInstructionUseBegin();
+			InstructionUse* useEnd = instruction.getInstructionUseEnd();
+			InstructionUse* usePtr;
+			InstructionDefine* defineBegin = instruction.getInstructionDefineBegin();
+			InstructionDefine* defineEnd = instruction.getInstructionDefineEnd();
+			InstructionDefine* definePtr;
+
+			bool foundLiveDefine = false;
+			for (definePtr = defineBegin; definePtr < defineEnd; definePtr++) 
+				if (definePtr->isRegister()) {
+					if (currentLive.test(name2range[definePtr->getRegisterName()])) {
+						foundLiveDefine = true;
+						break;
+					}
+				} else {
+					foundLiveDefine = true;
+					break;
+				}
+			if (defineBegin != defineEnd && !foundLiveDefine) {
+				fprintf(stderr, "!!! Removed instruction because it was only defining unused registers !!!\n");
+				instruction.remove();
+			}
+
+ 			for (definePtr = defineBegin; definePtr < defineEnd; definePtr++) 
+				if (definePtr->isRegister()) {
+					RegisterName range = name2range[definePtr->getRegisterName()];
+#ifdef DEBUG
+					if (needLoad.test(range))
+						if (!mustSpill.test(range) && registerAllocator.spillCost[range].infinite && willSpill.test(range)) {
+							fprintf(stderr, "Tried to spill a register with infinite spill cost\n");
+							abort();
+						}
+#endif // DEBUG
+					if (willSpill.test(range))
+						insertStoreAfter(instruction, range);
+
+					needLoad.clear(range);
+				}
+
+			if (instruction.getFlags() & ifCopy)
+				for (usePtr = useBegin; usePtr < useEnd; usePtr++)
+					if (usePtr->isRegister()) {
+						RegisterName range = name2range[usePtr->getRegisterName()];
+						if (!currentLive.test(range))
+							for (SparseSet::iterator r = needLoad.begin(); !needLoad.done(r); r = needLoad.advance(r)) {
+								RegisterName load = RegisterName(needLoad.get(r));
+								if (willSpill.test(load))
+									insertLoadBefore(instruction, load);
+								mustSpill.set(load);
+							}
+						needLoad.clear();
+					}
+
+			for (definePtr = defineBegin; definePtr < defineEnd; definePtr++) 
+				if (definePtr->isRegister())
+					currentLive.clear(name2range[definePtr->getRegisterName()]);
+
+
+			for (usePtr = useBegin; usePtr < useEnd; usePtr++)
+				if (usePtr->isRegister()) {
+					RegisterName range = name2range[usePtr->getRegisterName()];
+					currentLive.set(range);
+					needLoad.set(range);
+				}
+		}
+
+		for (SparseSet::iterator l = needLoad.begin(); !needLoad.done(l); l = needLoad.advance(l)) {
+			RegisterName load = RegisterName(needLoad.get(l));
+			if (willSpill.test(load))
+				insertLoadBefore(instructions.first(), load);
+		}		
+	}
+}
+
+template <class RegisterPressure>
+void Spilling<RegisterPressure>::insertLoadBefore(Instruction& /*instruction*/, RegisterName name)
+{
+	fprintf(stdout, "will insert load for range %d\n", name);
+}
+
+template <class RegisterPressure>
+void Spilling<RegisterPressure>::insertStoreAfter(Instruction& /*instruction*/, RegisterName name)
+{
+	fprintf(stdout, "will insert store for range %d\n", name);
+}
+
+template <class RegisterPressure>
+void Spilling<RegisterPressure>::calculateSpillCosts(RegisterAllocator& registerAllocator)
+{
+	Uint32 rangeCount = registerAllocator.rangeCount;
+	RegisterName* name2range = registerAllocator.name2range;
+
+	Pool& pool = registerAllocator.pool;
+	SparseSet live(pool, rangeCount);
+	SparseSet needLoad(pool, rangeCount);
+	SparseSet mustSpill(pool, rangeCount);
+
+	SparseSet alreadyStored(pool, rangeCount); // FIX: should get this from previous spilling.
+
+	SpillCost* cost = new SpillCost[rangeCount];
+	memset(cost, '\0', rangeCount * sizeof(SpillCost));
+
+	ControlGraph& controlGraph = registerAllocator.controlGraph;
+	RegisterPressure::Set* liveOut = registerAllocator.liveness.liveOut;
+	ControlNode** nodes = controlGraph.dfsList;
+	Uint32 nNodes = controlGraph.nNodes;
+
+	for (Uint32 n = 0; n < nNodes; n++) {
+		ControlNode& node = *nodes[n];
+
+		double weight = doLog10(node.loopDepth);
+
+		needLoad.clear();
+		live = liveOut[n];
+		mustSpill = live;
+
+		InstructionList& instructions = nodes[n]->getInstructions();
+		for (InstructionList::iterator i = instructions.end(); !instructions.done(i); i = instructions.retreat(i)) {
+			Instruction& instruction = instructions.get(i);
+
+			InstructionUse* useBegin = instruction.getInstructionUseBegin();
+			InstructionUse* useEnd = instruction.getInstructionUseEnd();
+			InstructionUse* usePtr;
+			InstructionDefine* defineBegin = instruction.getInstructionDefineBegin();
+			InstructionDefine* defineEnd = instruction.getInstructionDefineEnd();
+			InstructionDefine* definePtr;
+
+			for (definePtr = defineBegin; definePtr < defineEnd; definePtr++) 
+				if (definePtr->isRegister()) {
+					RegisterName range = name2range[definePtr->getRegisterName()];
+
+					if (needLoad.test(range))
+						if (!mustSpill.test(range))
+							cost[range].infinite = true;
+
+					if ((false /* !rematerializable(range) */ || !needLoad.test(range)) && !alreadyStored.test(range))
+						cost[range].stores += weight;
+
+					needLoad.clear(range);
+				}
+
+			if (instruction.getFlags() & ifCopy)
+				for (usePtr = useBegin; usePtr < useEnd; usePtr++)
+					if (usePtr->isRegister())
+						if (!live.test(name2range[usePtr->getRegisterName()])) {
+							for (SparseSet::iterator l = needLoad.begin(); !needLoad.done(l); l = needLoad.advance(l)) {
+								Uint32 range = needLoad.get(l);
+								cost[range].loads += weight;
+								mustSpill.set(range);
+							}
+							needLoad.clear();
+						}
+
+			for (definePtr = defineBegin; definePtr < defineEnd; definePtr++) 
+				if (definePtr->isRegister())
+					live.clear(name2range[definePtr->getRegisterName()]);
+
+			for (usePtr = useBegin; usePtr < useEnd; usePtr++)
+				if (usePtr->isRegister()) {
+					RegisterName range = name2range[usePtr->getRegisterName()];
+
+					live.set(range);
+					needLoad.set(range);
+				}
+
+			if (instruction.getFlags() & ifCopy) {
+				assert(useBegin != useEnd && useBegin[0].isRegister());
+				assert(defineBegin != defineEnd && defineBegin[0].isRegister());
+
+				RegisterName source = name2range[useBegin[0].getRegisterName()];
+				RegisterName destination = name2range[defineBegin[0].getRegisterName()];
+
+				cost[source].copies += weight;
+				cost[destination].copies += weight;
+			}			
+		}
+
+		for (SparseSet::iterator s = needLoad.begin(); !needLoad.done(s); s = needLoad.advance(s))
+			cost[needLoad.get(s)].loads += weight;
+	}
+	
+	for (Uint32 r = 0; r < rangeCount; r++) {
+		SpillCost& c = cost[r];
+		c.cost = 2 * (c.loads + c.stores) - c.copies;
+	}
+
+	registerAllocator.spillCost = cost;
+}
+
+#endif // _SPILLING_H_

mozilla/ef/Compiler/RegisterAllocator/Splits.h

@@ -0,0 +1,239 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.0 (the "NPL"); you may not use this file except in
+ * compliance with the NPL.  You may obtain a copy of the NPL at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the NPL is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
+ * for the specific language governing rights and limitations under the
+ * NPL.
+ *
+ * The Initial Developer of this code under the NPL is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation.  All Rights
+ * Reserved.
+ */
+
+#ifndef _SPLITS_H_
+#define _SPLITS_H_
+
+#include "Fundamentals.h"
+#include <string.h>
+#include "Pool.h"
+#include "ControlGraph.h"
+#include "ControlNodes.h"
+#include "Instruction.h"
+#include "RegisterAllocator.h"
+#include "RegisterAllocatorTools.h"
+
+UT_EXTERN_LOG_MODULE(RegAlloc);
+
+template <class RegisterPressure>
+struct Splits
+{
+	static void calculateSplitCosts(RegisterAllocator& registerAllocator);
+	static bool findSplit(RegisterAllocator& registerAllocator, RegisterName* color, RegisterName range);
+	static void insertSplitCode(RegisterAllocator& registerAllocator);
+};
+
+struct SplitCost
+{
+	double loads;
+	double stores;
+};
+
+template <class RegisterPressure>
+void Splits<RegisterPressure>::insertSplitCode(RegisterAllocator& /*registerAllocator*/)
+{
+	// FIX
+}
+
+template <class RegisterPressure>
+bool Splits<RegisterPressure>::findSplit(RegisterAllocator& registerAllocator, RegisterName* color, RegisterName range)
+{
+	Pool& pool = registerAllocator.pool;
+	NameLinkedList** neighborsWithColor = new(pool) NameLinkedList*[6]; // FIX
+	memset(neighborsWithColor, '\0', 6 * sizeof(NameLinkedList*));
+
+	InterferenceGraph<RegisterPressure>& iGraph = registerAllocator.iGraph;
+
+	for (InterferenceVector* vector = iGraph.getInterferenceVector(range); vector != NULL; vector = vector->next)
+		for (Int32 i = vector->count - 1; i >=0; --i) {
+			RegisterName neighbor = vector->neighbors[i];
+			RegisterName c = color[neighbor];
+
+			if (c < 6) { // FIX
+				NameLinkedList* node = new(pool) NameLinkedList();
+				node->name = neighbor;
+				node->next = neighborsWithColor[c];
+				neighborsWithColor[c] = node;
+			}
+		}
+
+	bool splitAroundName = true;
+
+	LiveRangeGraph<RegisterPressure>& lGraph = registerAllocator.lGraph;
+	RegisterName bestColor = RegisterName(6); // FIX
+	double bestCost = registerAllocator.spillCost[range].cost;
+	SplitCost* splitCost = registerAllocator.splitCost;
+
+	for (RegisterName i = RegisterName(0); i < 6; i = RegisterName(i + 1)) { // FIX
+
+		double splitAroundNameCost = 0.0;
+		bool canSplitAroundName = true;
+
+		SplitCost& sCost = splitCost[range];
+		double addedCost = 2.0 * (sCost.stores + sCost.loads);
+
+		for (NameLinkedList* node = neighborsWithColor[i]; node != NULL; node = node->next) {
+			RegisterName neighbor = node->name;
+			if (lGraph.haveEdge(neighbor, range)) {
+				canSplitAroundName = false;
+				break;
+			} else
+				splitAroundNameCost += addedCost;
+		}
+		if (canSplitAroundName && splitAroundNameCost < bestCost) {
+			bestCost = splitAroundNameCost;
+			bestColor = i;
+			splitAroundName = true;
+		}
+
+		double splitAroundColorCost = 0.0;
+		bool canSplitAroundColor = true;
+
+		for (NameLinkedList* node = neighborsWithColor[i]; node != NULL; node = node->next) {
+			RegisterName neighbor = node->name;
+			if (lGraph.haveEdge(range, neighbor)) {
+				canSplitAroundColor = false;
+				break;
+			} else {
+				SplitCost& sCost = splitCost[neighbor];
+				double addedCost = 2.0 * (sCost.stores + sCost.loads);
+				splitAroundColorCost += addedCost;
+			}
+		}
+		if (canSplitAroundColor && splitAroundColorCost < bestCost) {
+			bestCost = splitAroundColorCost;
+			bestColor = i;
+			splitAroundName = false;
+		}
+ 	}
+	if (bestColor < RegisterName(6)) {
+		color[range] = bestColor;
+		registerAllocator.splitFound = true;
+
+		NameLinkedList** splitAround = registerAllocator.splitAround;
+
+		if (splitAroundName)
+			for (NameLinkedList* node = neighborsWithColor[bestColor]; node != NULL; node = node->next) {
+				NameLinkedList* newNode = new(pool) NameLinkedList();
+				newNode->name = node->name;
+				newNode->next = splitAround[range];
+				splitAround[range] = newNode;
+			}
+		else
+			for (NameLinkedList* node = neighborsWithColor[bestColor]; node != NULL; node = node->next) {
+				NameLinkedList* newNode = new(pool) NameLinkedList();
+				RegisterName neighbor = node->name;
+				newNode->name = range;
+				newNode->next = splitAround[neighbor];
+				splitAround[neighbor] = newNode;
+			}
+
+		trespass("Found a split");
+		return true;
+	}
+
+	return false;
+}
+
+template <class RegisterPressure>
+void Splits<RegisterPressure>::calculateSplitCosts(RegisterAllocator& registerAllocator)
+{
+	Pool& pool = registerAllocator.pool;
+	Uint32 rangeCount = registerAllocator.rangeCount;
+	RegisterName* name2range = registerAllocator.name2range;
+
+	SplitCost* splitCost = new(pool) SplitCost[rangeCount];
+	memset(splitCost, '\0', rangeCount * sizeof(SplitCost));
+
+	SparseSet live(pool, rangeCount);
+	RegisterPressure::Set* liveIn = registerAllocator.liveness.liveIn;
+	RegisterPressure::Set* liveOut = registerAllocator.liveness.liveOut;
+
+	ControlGraph& controlGraph = registerAllocator.controlGraph;
+	ControlNode** nodes = controlGraph.dfsList;
+	Uint32 nNodes = controlGraph.nNodes;
+
+	for (Uint32 n = 0; n < nNodes; n++) {
+		ControlNode& node = *nodes[n];
+		double weight = doLog10(node.loopDepth);
+
+		live = liveOut[n];
+
+		ControlEdge* successorsEnd = node.getSuccessorsEnd();
+		for (ControlEdge* successorsPtr = node.getSuccessorsBegin(); successorsPtr < successorsEnd; successorsPtr++) {
+			ControlNode& successor = successorsPtr->getTarget();
+
+			if (successor.getControlKind() != ckEnd) {
+				RegisterPressure::Set& successorLiveIn = liveIn[successor.dfsNum];
+
+				for (SparseSet::iterator i = live.begin(); !live.done(i); i = live.advance(i)) {
+					RegisterName name = RegisterName(live.get(i));
+					if (!successorLiveIn.test(name))
+						splitCost[name].loads += doLog10(successor.loopDepth);
+				}
+			}
+		}
+
+		InstructionList& instructions = node.getInstructions();
+		for (InstructionList::iterator i = instructions.end(); !instructions.done(i); i = instructions.retreat(i)) {
+			Instruction& instruction = instructions.get(i);
+
+			InstructionUse* useBegin = instruction.getInstructionUseBegin();
+			InstructionUse* useEnd = instruction.getInstructionUseEnd();
+			InstructionUse* usePtr;
+			InstructionDefine* defineBegin = instruction.getInstructionDefineBegin();
+			InstructionDefine* defineEnd = instruction.getInstructionDefineEnd();
+			InstructionDefine* definePtr;
+
+			for (definePtr = defineBegin; definePtr < defineEnd; definePtr++) 
+				if (definePtr->isRegister())
+					splitCost[name2range[definePtr->getRegisterName()]].stores += weight;
+
+			for (usePtr = useBegin; usePtr < useEnd; usePtr++)
+				if (usePtr->isRegister()) {
+					RegisterName range = name2range[usePtr->getRegisterName()];
+					if (!live.test(range)) {
+						if (&instruction != &instructions.last())
+							splitCost[range].loads += weight;
+						else {
+							ControlEdge* successorsEnd = node.getSuccessorsEnd();
+							for (ControlEdge* successorsPtr = node.getSuccessorsBegin(); successorsPtr < successorsEnd; successorsPtr++)
+								splitCost[range].loads += doLog10(successorsPtr->getTarget().loopDepth);
+						}
+					}
+				}
+
+			for (definePtr = defineBegin; definePtr < defineEnd; definePtr++) 
+				if (definePtr->isRegister())
+					live.clear(name2range[definePtr->getRegisterName()]);
+
+			for (usePtr = useBegin; usePtr < useEnd; usePtr++)
+				if (usePtr->isRegister())
+					live.set(name2range[usePtr->getRegisterName()]);
+		}
+	}
+
+	NameLinkedList** splitAround = new(pool) NameLinkedList*[rangeCount];
+	memset(splitAround, '\0', rangeCount * sizeof(NameLinkedList*));
+	registerAllocator.splitAround = splitAround;
+
+	registerAllocator.splitCost = splitCost;
+	registerAllocator.splitFound = false;
+}
+
+#endif // _SPLITS_H_

mozilla/ef/Compiler/RegisterAllocator/Timer.cpp

@@ -0,0 +1,186 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.0 (the "NPL"); you may not use this file except in
+ * compliance with the NPL.  You may obtain a copy of the NPL at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the NPL is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
+ * for the specific language governing rights and limitations under the
+ * NPL.
+ *
+ * The Initial Developer of this code under the NPL is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation.  All Rights
+ * Reserved.
+ */
+
+#include "Fundamentals.h"
+#include "HashTable.h"
+#include "Timer.h"
+#include "Pool.h"
+
+static Pool pool;											// Pool for the Timer class.
+static HashTable<TimerEntry*> timerEntries(pool);			// Timers hashtable.
+
+const nTimersInABlock = 128;								// Number of timers in a block.
+static PRTime *timers = new(pool) PRTime[nTimersInABlock];	// A block of timers.
+static Uint8 nextTimer = 0;									// nextAvailableTimer.
+
+//
+// Calibrate the call to PR_Now().
+//
+static PRTime calibrate()
+{
+	PRTime t = PR_Now();
+	PRTime& a = *new(pool) PRTime();
+
+	// Call 10 times the PR_Now() function.
+	a = PR_Now(); a = PR_Now(); a = PR_Now(); a = PR_Now(); a = PR_Now(); a = PR_Now(); 
+	a = PR_Now(); a = PR_Now(); a = PR_Now(); a = PR_Now(); a = PR_Now(); a = PR_Now(); 
+	t = (PR_Now() - t + 9) / 10;
+
+	return t;
+}
+
+static PRTime adjust = calibrate();
+
+//
+// Return the named timer..
+//
+TimerEntry& Timer::getTimerEntry(const char* name)
+{
+	if (!timerEntries.exists(name)) {
+		TimerEntry* newEntry = new(pool) TimerEntry();
+		newEntry->accumulator = 0;
+		newEntry->running = false;
+		timerEntries.add(name, newEntry);
+	}
+
+	return *timerEntries[name];
+}
+
+//
+// Return a reference to a new timer.
+//
+PRTime& Timer::getNewTimer()
+{
+	if (nextTimer >= nTimersInABlock) {
+		timers = new(pool) PRTime[nTimersInABlock];
+		nextTimer = 0;
+	}
+	return timers[nextTimer++];
+}
+
+static Uint32 timersAreFrozen = 0;
+
+//
+// Start the named timer.
+//
+void Timer::start(const char* name)
+{
+	if (timersAreFrozen)
+		return;
+
+	freezeTimers();
+
+	TimerEntry& timer = getTimerEntry(name);
+	PR_ASSERT(!timer.running);
+
+	timer.accumulator = 0;
+	timer.running = true;
+	timer.done = false;
+
+	unfreezeTimers();
+}
+
+//
+// Stop the named timer.
+//
+void Timer::stop(const char* name)
+{
+	if (timersAreFrozen)
+		return;
+
+	freezeTimers();
+
+	TimerEntry& timer = getTimerEntry(name);
+	PR_ASSERT(timer.running);
+	timer.running = false;
+	timer.done = true;
+
+	unfreezeTimers();
+}
+
+//
+// Freeze all the running timers.
+//
+void Timer::freezeTimers()
+{
+	PRTime when = PR_Now() - adjust;
+
+	if (timersAreFrozen == 0) {
+		Vector<TimerEntry*> entries = timerEntries;
+		Uint32 count = entries.size();
+
+		for (Uint32 i = 0; i < count; i++) {
+			TimerEntry& entry = *entries[i];
+			if (entry.running) {
+				entry.accumulator += (when - *entry.startTime);
+			}
+		}
+	}
+	timersAreFrozen++;
+}
+ 
+//
+// Unfreeze all the running timers.
+//
+void Timer::unfreezeTimers()
+{
+	PR_ASSERT(timersAreFrozen != 0);
+	timersAreFrozen--;
+
+	if (timersAreFrozen == 0) {
+		Vector<TimerEntry *> entries = timerEntries;
+		Uint32 count = entries.size();
+		
+		PRTime& newStart = getNewTimer();
+		
+		for (Uint32 i = 0; i < count; i++) {
+			TimerEntry& entry = *entries[i];
+			if (entry.running) {
+				entry.startTime = &newStart;
+			}
+		}
+		
+		newStart = PR_Now();
+	}
+}
+
+//
+// Print the named timer in the file f.
+//
+void Timer::print(FILE* f, const char *name)
+{
+	if (timersAreFrozen)
+		return;
+
+	freezeTimers();
+
+	TimerEntry& timer = getTimerEntry(name);
+  
+	PR_ASSERT(timer.done);
+	PRTime elapsed = timer.accumulator;
+
+	if (elapsed >> 32) {
+		fprintf(f, "[timer %s out of range]\n", name);
+	} else {
+		fprintf(f, "[%dus in %s]\n", Uint32(elapsed), name);
+	}
+	fflush(f);
+
+	unfreezeTimers();
+}
+

mozilla/ef/Compiler/RegisterAllocator/Timer.h

@@ -0,0 +1,80 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.0 (the "NPL"); you may not use this file except in
+ * compliance with the NPL.  You may obtain a copy of the NPL at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the NPL is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
+ * for the specific language governing rights and limitations under the
+ * NPL.
+ *
+ * The Initial Developer of this code under the NPL is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation.  All Rights
+ * Reserved.
+ */
+
+#ifndef _TIMER_H_
+#define _TIMER_H_
+
+#include "Fundamentals.h"
+#include "HashTable.h"
+#include "prtime.h"
+
+//
+// Naming convention:
+//  As the class Timer contains only static methods, the timer's name should start with the 
+//  module name. Otherwise starting 2 timers with the same name will assert.
+//
+
+#ifndef NO_TIMER
+
+struct TimerEntry
+{
+	PRTime *startTime;					// Current time when we start the timer.
+	PRTime accumulator;					// Time spent in this timer.
+	bool running;						// True if the timer is running.
+	bool done;							// True if the timer was running and was stopped. 
+};
+
+class Timer
+{
+private:
+
+	// Return the named timer.
+	static TimerEntry& getTimerEntry(const char* name);
+	// Return a reference to a new Timer.
+	static PRTime& getNewTimer();
+
+public:
+
+	// Start the timer.
+	static void start(const char* name);
+	// Stop the timer.
+	static void stop(const char* name);
+	// Freeze all the running timers.
+	static void freezeTimers();
+	// Unfreeze all the running timers.
+	static void unfreezeTimers();
+	// Print the timer.
+	static void print(FILE* f, const char *name);
+};
+
+inline void startTimer(const char* name) 		{Timer::start(name);}
+inline void stopTimer(const char* name) 		{Timer::stop(name); Timer::print(stdout, name);}
+#define START_TIMER_SAFE						Timer::freezeTimers();
+#define END_TIMER_SAFE							Timer::unfreezeTimers();
+#define TIMER_SAFE(x)							START_TIMER_SAFE x; END_TIMER_SAFE
+
+#else /* NO_TIMER */
+
+inline void startTimer(const char* /*name*/) 	{} 
+inline void stopTimer(const char* /*name*/) 	{} 
+#define START_TIMER_SAFE
+#define END_TIMER_SAFE
+#define TIMER_SAFE(x)							x;
+
+#endif /* NO_TIMER */
+#endif /* _TIMER_H_ */

mozilla/ef/Compiler/RegisterAllocator/VirtualRegister.cpp

@@ -0,0 +1,40 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.0 (the "NPL"); you may not use this file except in
+ * compliance with the NPL.  You may obtain a copy of the NPL at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the NPL is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
+ * for the specific language governing rights and limitations under the
+ * NPL.
+ *
+ * The Initial Developer of this code under the NPL is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation.  All Rights
+ * Reserved.
+ */
+
+#include "Fundamentals.h"
+#include "VirtualRegister.h"
+#include "Instruction.h"
+
+//------------------------------------------------------------------------------
+// VirtualRegister -
+
+#ifdef MANUAL_TEMPLATES
+template class IndexedPool<VirtualRegister>;
+#endif
+
+// Set the defining instruction.
+//
+void VirtualRegister::setDefiningInstruction(Instruction& instruction)
+{
+	if (definingInstruction != NULL) {
+		if ((instruction.getFlags() & ifCopy) && (definingInstruction->getFlags() & ifPhiNode))
+			return;
+	}
+	definingInstruction = &instruction;
+}
+

mozilla/ef/Compiler/RegisterAllocator/VirtualRegister.h

@@ -0,0 +1,116 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+ *
+ * The contents of this file are subject to the Netscape Public License
+ * Version 1.0 (the "NPL"); you may not use this file except in
+ * compliance with the NPL.  You may obtain a copy of the NPL at
+ * http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the NPL is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
+ * for the specific language governing rights and limitations under the
+ * NPL.
+ *
+ * The Initial Developer of this code under the NPL is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation.  All Rights
+ * Reserved.
+ */
+
+#ifndef _VIRTUAL_REGISTER_H_
+#define _VIRTUAL_REGISTER_H_
+
+#include "Fundamentals.h"
+#include "IndexedPool.h"
+#include <string.h>
+
+#include "RegisterTypes.h"
+#include "RegisterClass.h"
+
+
+//------------------------------------------------------------------------------
+// VirtualRegister - 24b
+
+class Instruction;
+
+class VirtualRegister : public IndexedObject<VirtualRegister>
+{
+public:
+
+	Instruction*					definingInstruction;	// Instruction defining this VR.
+
+	// Initialize a VR of the given classKind.
+	VirtualRegister(RegisterClassKind /*classKind*/) : definingInstruction(NULL) {}
+
+	// Return the defining instruction for this VR.
+	Instruction* getDefiningInstruction() const {return definingInstruction;}
+	// Set the defining instruction.
+	void setDefiningInstruction(Instruction& insn);
+};
+
+// Return true if the VirtualRegisters are equals. The only way 2 VRs can be equal is if
+// they have the same index. If they have the same index then they are at the same
+// address in the indexed pool.
+//
+inline bool operator == (const VirtualRegister& regA, const VirtualRegister& regB) {return &regA == &regB;}
+
+//------------------------------------------------------------------------------
+// VirtualRegisterManager -
+
+struct PreColoredRegister
+{
+	RegisterID id;
+	RegisterName color;
+};
+
+class VirtualRegisterManager
+{
+private:
+
+	IndexedPool<VirtualRegister> registerPool;
+	PreColoredRegister machineRegister[6];
+
+public:
+	VirtualRegisterManager()
+		{
+			for (Uint32 i = 0; i < 6; i++)
+				machineRegister[i].id = invalidID;
+		}
+
+	// Return the VirtualRegister at the given index.
+	VirtualRegister& getVirtualRegister(RegisterName name) const {return registerPool.get(name);}
+
+	// Return a new VirtualRegister.
+	RegisterID newVirtualRegister(RegisterClassKind classKind)
+		{
+			VirtualRegister& vReg = *new(registerPool) VirtualRegister(classKind);
+			RegisterID rid;
+
+			setName(rid, RegisterName(vReg.getIndex()));
+			setClass(rid, classKind);
+			return rid;
+		}
+
+	RegisterID newMachineRegister(RegisterName name, RegisterClassKind classKind)
+		{
+			RegisterID rid = machineRegister[name].id;
+
+			if (rid == invalidID) {
+				rid = newVirtualRegister(classKind);
+				DEBUG_ONLY(setMachineRegister(rid));
+				machineRegister[name].id = rid;
+				machineRegister[name].color = name;
+			}
+
+			return rid;
+		}
+
+	PreColoredRegister* getMachineRegistersBegin() const {return (PreColoredRegister*) machineRegister;} // FIX
+	PreColoredRegister* getMachineRegistersEnd() const {return (PreColoredRegister*) &machineRegister[6];} // FIX
+
+	// Return the VirtualRegister universe size.
+	Uint32 getSize() {return registerPool.getSize();}
+
+	void setSize(Uint32 size) {registerPool.setSize(size);}
+};
+
+#endif // _VIRTUAL_REGISTER_H_

mozilla/security/nss/lib/softoken/Makefile

@@ -1,95 +0,0 @@
-#! gmake
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-export:: private_export
-
-# On AIX 4.3, IBM xlC_r compiler (version 3.6.6) cannot compile
-# pkcs11c.c in 64-bit mode for unknown reasons.  A workaround is
-# to compile it with optimizations turned on.  (Bugzilla bug #63815)
-ifeq ($(OS_TARGET)$(OS_RELEASE),AIX4.3)
-ifeq ($(USE_64),1)
-ifndef BUILD_OPT
-$(OBJDIR)/pkcs11.o: pkcs11.c
-	@$(MAKE_OBJDIR)
-	$(CC) -o $@ -c -O2 $(CFLAGS) $<
-$(OBJDIR)/pkcs11c.o: pkcs11c.c
-	@$(MAKE_OBJDIR)
-	$(CC) -o $@ -c -O2 $(CFLAGS) $<
-endif
-endif
-endif

mozilla/security/nss/lib/softoken/config.mk

@@ -1,107 +0,0 @@
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-# $(PROGRAM) has explicit dependencies on $(EXTRA_LIBS)
-CRYPTOLIB=$(DIST)/lib/$(LIB_PREFIX)freebl.$(LIB_SUFFIX)
-CRYPTODIR=../freebl
-ifdef MOZILLA_SECURITY_BUILD
-	CRYPTOLIB=$(DIST)/lib/$(LIB_PREFIX)crypto.$(LIB_SUFFIX)
-	CRYPTODIR=../crypto
-endif
-
-SQLITE_LIB = $(DIST)/lib/$(LIB_PREFIX)sqlite3.$(LIB_SUFFIX) 
-ifdef NSS_USE_SYTEM_SQLITE
-	SQLITE_LIB = -lsqlite3
-endif
-
-EXTRA_LIBS += \
-	$(CRYPTOLIB) \
-	$(DIST)/lib/$(LIB_PREFIX)secutil.$(LIB_SUFFIX) \
-	$(SQLITE_LIB) \
-	$(NULL)
-
-# can't do this in manifest.mn because OS_TARGET isn't defined there.
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
-
-# don't want the 32 in the shared library name
-SHARED_LIBRARY = $(OBJDIR)/$(DLL_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION).$(DLL_SUFFIX)
-IMPORT_LIBRARY = $(OBJDIR)/$(IMPORT_LIB_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION)$(IMPORT_LIB_SUFFIX)
-
-RES = $(OBJDIR)/$(LIBRARY_NAME).res
-RESNAME = $(LIBRARY_NAME).rc
-
-ifdef NS_USE_GCC
-EXTRA_SHARED_LIBS += \
-	-L$(NSPR_LIB_DIR) \
-	-lplc4 \
-	-lplds4 \
-	-lnspr4 \
-	$(NULL)
-else # ! NS_USE_GCC
-
-EXTRA_SHARED_LIBS += \
-	$(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)plc4.lib \
-	$(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)plds4.lib \
-	$(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)nspr4.lib \
-	$(NULL)
-endif # NS_USE_GCC
-
-else
-
-# $(PROGRAM) has NO explicit dependencies on $(EXTRA_SHARED_LIBS)
-# $(EXTRA_SHARED_LIBS) come before $(OS_LIBS), except on AIX.
-EXTRA_SHARED_LIBS += \
-	-L$(NSPR_LIB_DIR) \
-	-lplc4 \
-	-lplds4 \
-	-lnspr4 \
-	$(NULL)
-endif
-
-ifeq ($(OS_TARGET),SunOS)
-# The -R '$ORIGIN' linker option instructs this library to search for its
-# dependencies in the same directory where it resides.
-MKSHLIB += -R '$$ORIGIN'
-OS_LIBS += -lbsm 
-endif
-
-ifeq ($(OS_TARGET),WINCE)
-DEFINES += -DDBM_USING_NSPR
-endif
-
-# indicates dependency on freebl static lib
-$(SHARED_LIBRARY): $(CRYPTOLIB)

mozilla/security/nss/lib/softoken/ecdecode.c

@@ -1,641 +0,0 @@
-/*
- * ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Elliptic Curve Cryptography library.
- *
- * The Initial Developer of the Original Code is
- * Sun Microsystems, Inc.
- * Portions created by the Initial Developer are Copyright (C) 2003
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *   Dr Vipul Gupta <vipul.gupta@sun.com> and
- *   Douglas Stebila <douglas@stebila.ca>, Sun Microsystems Laboratories
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-#ifdef NSS_ENABLE_ECC
-
-#include "blapi.h"
-#include "secoid.h"
-#include "secitem.h"
-#include "secerr.h"
-#include "ec.h"
-#include "ecl-curve.h"
-
-#define CHECK_OK(func) if (func == NULL) goto cleanup
-#define CHECK_SEC_OK(func) if (SECSuccess != (rv = func)) goto cleanup
-
-/*
- * Initializes a SECItem from a hexadecimal string
- *
- * Warning: This function ignores leading 00's, so any leading 00's
- * in the hexadecimal string must be optional.
- */
-static SECItem *
-hexString2SECItem(PRArenaPool *arena, SECItem *item, const char *str)
-{
-    int i = 0;
-    int byteval = 0;
-    int tmp = PORT_Strlen(str);
-
-    if ((tmp % 2) != 0) return NULL;
-    
-    /* skip leading 00's unless the hex string is "00" */
-    while ((tmp > 2) && (str[0] == '0') && (str[1] == '0')) {
-        str += 2;
-        tmp -= 2;
-    }
-
-    item->data = (unsigned char *) PORT_ArenaAlloc(arena, tmp/2);
-    if (item->data == NULL) return NULL;
-    item->len = tmp/2;
-
-    while (str[i]) {
-        if ((str[i] >= '0') && (str[i] <= '9'))
-	    tmp = str[i] - '0';
-	else if ((str[i] >= 'a') && (str[i] <= 'f'))
-	    tmp = str[i] - 'a' + 10;
-	else if ((str[i] >= 'A') && (str[i] <= 'F'))
-	    tmp = str[i] - 'A' + 10;
-	else
-	    return NULL;
-
-	byteval = byteval * 16 + tmp;
-	if ((i % 2) != 0) {
-	    item->data[i/2] = byteval;
-	    byteval = 0;
-	}
-	i++;
-    }
-
-    return item;
-}
-
-/* Copy all of the fields from srcParams into dstParams
- */
-SECStatus
-EC_CopyParams(PRArenaPool *arena, ECParams *dstParams,
-	      const ECParams *srcParams)
-{
-    SECStatus rv = SECFailure;
-
-    dstParams->arena = arena;
-    dstParams->type = srcParams->type;
-    dstParams->fieldID.size = srcParams->fieldID.size;
-    dstParams->fieldID.type = srcParams->fieldID.type;
-    if (srcParams->fieldID.type == ec_field_GFp) {
-	CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->fieldID.u.prime,
-	    &srcParams->fieldID.u.prime));
-    } else {
-	CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->fieldID.u.poly,
-	    &srcParams->fieldID.u.poly));
-    }
-    dstParams->fieldID.k1 = srcParams->fieldID.k1;
-    dstParams->fieldID.k2 = srcParams->fieldID.k2;
-    dstParams->fieldID.k3 = srcParams->fieldID.k3;
-    CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->curve.a,
-	&srcParams->curve.a));
-    CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->curve.b,
-	&srcParams->curve.b));
-    CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->curve.seed,
-	&srcParams->curve.seed));
-    CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->base,
-	&srcParams->base));
-    CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->order,
-	&srcParams->order));
-    CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->DEREncoding,
-	&srcParams->DEREncoding));
-	dstParams->name = srcParams->name;
-    CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->curveOID,
- 	&srcParams->curveOID));
-    dstParams->cofactor = srcParams->cofactor;
-
-    return SECSuccess;
-
-cleanup:
-    return SECFailure;
-}
-
-static SECStatus
-gf_populate_params(ECCurveName name, ECFieldType field_type, ECParams *params)
-{
-    SECStatus rv = SECFailure;
-    const ECCurveParams *curveParams;
-    /* 2 ['0'+'4'] + MAX_ECKEY_LEN * 2 [x,y] * 2 [hex string] + 1 ['\0'] */
-    char genenc[3 + 2 * 2 * MAX_ECKEY_LEN];
-
-    if ((name < ECCurve_noName) || (name > ECCurve_pastLastCurve)) goto cleanup;
-    params->name = name;
-    curveParams = ecCurve_map[params->name];
-    CHECK_OK(curveParams);
-    params->fieldID.size = curveParams->size;
-    params->fieldID.type = field_type;
-    if (field_type == ec_field_GFp) {
-	CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.prime, 
-	    curveParams->irr));
-    } else {
-	CHECK_OK(hexString2SECItem(params->arena, &params->fieldID.u.poly, 
-	    curveParams->irr));
-    }
-    CHECK_OK(hexString2SECItem(params->arena, &params->curve.a, 
-	curveParams->curvea));
-    CHECK_OK(hexString2SECItem(params->arena, &params->curve.b, 
-	curveParams->curveb));
-    genenc[0] = '0';
-    genenc[1] = '4';
-    genenc[2] = '\0';
-    strcat(genenc, curveParams->genx);
-    strcat(genenc, curveParams->geny);
-    CHECK_OK(hexString2SECItem(params->arena, &params->base, genenc));
-    CHECK_OK(hexString2SECItem(params->arena, &params->order, 
-    	curveParams->order));
-    params->cofactor = curveParams->cofactor;
-
-    rv = SECSuccess;
-
-cleanup:
-    return rv;
-}
-
-SECStatus
-EC_FillParams(PRArenaPool *arena, const SECItem *encodedParams, 
-    ECParams *params)
-{
-    SECStatus rv = SECFailure;
-    SECOidTag tag;
-    SECItem oid = { siBuffer, NULL, 0};
-
-#if EC_DEBUG
-    int i;
-
-    printf("Encoded params in EC_DecodeParams: ");
-    for (i = 0; i < encodedParams->len; i++) {
-	    printf("%02x:", encodedParams->data[i]);
-    }
-    printf("\n");
-#endif
-
-    if ((encodedParams->len != ANSI_X962_CURVE_OID_TOTAL_LEN) &&
-	(encodedParams->len != SECG_CURVE_OID_TOTAL_LEN)) {
-	    PORT_SetError(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE);
-	    return SECFailure;
-    };
-
-    oid.len = encodedParams->len - 2;
-    oid.data = encodedParams->data + 2;
-    if ((encodedParams->data[0] != SEC_ASN1_OBJECT_ID) ||
-	((tag = SECOID_FindOIDTag(&oid)) == SEC_OID_UNKNOWN)) { 
-	    PORT_SetError(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE);
-	    return SECFailure;
-    }
-
-    params->arena = arena;
-    params->cofactor = 0;
-    params->type = ec_params_named;
-    params->name = ECCurve_noName;
-
-    /* For named curves, fill out curveOID */
-    params->curveOID.len = oid.len;
-    params->curveOID.data = (unsigned char *) PORT_ArenaAlloc(arena, oid.len);
-    if (params->curveOID.data == NULL) goto cleanup;
-    memcpy(params->curveOID.data, oid.data, oid.len);
-
-#if EC_DEBUG
-    printf("Curve: %s\n", SECOID_FindOIDTagDescription(tag));
-#endif
-
-    switch (tag) {
-
-    /* Binary curves */
-
-    case SEC_OID_ANSIX962_EC_C2PNB163V1:
-	/* Populate params for c2pnb163v1 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB163V1, ec_field_GF2m,
-	    params) );
-	break;
-
-    case SEC_OID_ANSIX962_EC_C2PNB163V2:
-	/* Populate params for c2pnb163v2 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB163V2, ec_field_GF2m,
-	    params) );
-	break;
-
-    case SEC_OID_ANSIX962_EC_C2PNB163V3:
-	/* Populate params for c2pnb163v3 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB163V3, ec_field_GF2m,
-	    params) );
-	break;
-
-    case SEC_OID_ANSIX962_EC_C2PNB176V1:
-	/* Populate params for c2pnb176v1 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB176V1, ec_field_GF2m,
-	    params) );
-	break;
-
-    case SEC_OID_ANSIX962_EC_C2TNB191V1:
-	/* Populate params for c2tnb191v1 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB191V1, ec_field_GF2m,
-	    params) );
-	break;
-
-    case SEC_OID_ANSIX962_EC_C2TNB191V2:
-	/* Populate params for c2tnb191v2 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB191V2, ec_field_GF2m,
-	    params) );
-	break;
-
-    case SEC_OID_ANSIX962_EC_C2TNB191V3:
-	/* Populate params for c2tnb191v3 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB191V3, ec_field_GF2m,
-	    params) );
-	break;
-
-    case SEC_OID_ANSIX962_EC_C2PNB208W1:
-	/* Populate params for c2pnb208w1 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB208W1, ec_field_GF2m,
-	    params) );
-	break;
-
-    case SEC_OID_ANSIX962_EC_C2TNB239V1:
-	/* Populate params for c2tnb239v1 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB239V1, ec_field_GF2m,
-	    params) );
-	break;
-
-    case SEC_OID_ANSIX962_EC_C2TNB239V2:
-	/* Populate params for c2tnb239v2 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB239V2, ec_field_GF2m,
-	    params) );
-	break;
-
-    case SEC_OID_ANSIX962_EC_C2TNB239V3:
-	/* Populate params for c2tnb239v3 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB239V3, ec_field_GF2m,
-	    params) );
-	break;
-
-    case SEC_OID_ANSIX962_EC_C2PNB272W1:
-	/* Populate params for c2pnb272w1 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB272W1, ec_field_GF2m,
-	    params) );
-	break;
-
-    case SEC_OID_ANSIX962_EC_C2PNB304W1:
-	/* Populate params for c2pnb304w1 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB304W1, ec_field_GF2m,
-	    params) );
-	break;
-
-    case SEC_OID_ANSIX962_EC_C2TNB359V1:
-	/* Populate params for c2tnb359v1 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB359V1, ec_field_GF2m,
-	    params) );
-	break;
-
-    case SEC_OID_ANSIX962_EC_C2PNB368W1:
-	/* Populate params for c2pnb368w1 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB368W1, ec_field_GF2m,
-	    params) );
-	break;
-
-    case SEC_OID_ANSIX962_EC_C2TNB431R1:
-	/* Populate params for c2tnb431r1 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB431R1, ec_field_GF2m,
-	    params) );
-	break;
-	
-    case SEC_OID_SECG_EC_SECT113R1:
-	/* Populate params for sect113r1 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_113R1, ec_field_GF2m,
-	    params) );
-	break;
-
-    case SEC_OID_SECG_EC_SECT113R2:
-	/* Populate params for sect113r2 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_113R2, ec_field_GF2m,
-	    params) );
-	break;
-
-    case SEC_OID_SECG_EC_SECT131R1:
-	/* Populate params for sect131r1 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_131R1, ec_field_GF2m,
-	    params) );
-	break;
-
-    case SEC_OID_SECG_EC_SECT131R2:
-	/* Populate params for sect131r2 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_131R2, ec_field_GF2m,
-	    params) );
-	break;
-
-    case SEC_OID_SECG_EC_SECT163K1:
-	/* Populate params for sect163k1
-	 * (the NIST K-163 curve)
-	 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_163K1, ec_field_GF2m,
-	    params) );
-	break;
-
-    case SEC_OID_SECG_EC_SECT163R1:
-	/* Populate params for sect163r1 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_163R1, ec_field_GF2m,
-	    params) );
-	break;
-
-    case SEC_OID_SECG_EC_SECT163R2:
-	/* Populate params for sect163r2
-	 * (the NIST B-163 curve)
-	 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_163R2, ec_field_GF2m,
-	    params) );
-	break;
-
-    case SEC_OID_SECG_EC_SECT193R1:
-	/* Populate params for sect193r1 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_193R1, ec_field_GF2m,
-	    params) );
-	break;
-
-    case SEC_OID_SECG_EC_SECT193R2:
-	/* Populate params for sect193r2 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_193R2, ec_field_GF2m,
-	    params) );
-	break;
-
-    case SEC_OID_SECG_EC_SECT233K1:
-	/* Populate params for sect233k1
-	 * (the NIST K-233 curve)
-	 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_233K1, ec_field_GF2m,
-	    params) );
-	break;
-
-    case SEC_OID_SECG_EC_SECT233R1:
-	/* Populate params for sect233r1
-	 * (the NIST B-233 curve)
-	 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_233R1, ec_field_GF2m,
-	    params) );
-	break;
-
-    case SEC_OID_SECG_EC_SECT239K1:
-	/* Populate params for sect239k1 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_239K1, ec_field_GF2m,
-	    params) );
-	break;
-
-    case SEC_OID_SECG_EC_SECT283K1:
-        /* Populate params for sect283k1
-	 * (the NIST K-283 curve)
-	 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_283K1, ec_field_GF2m,
-	    params) );
-	break;
-
-    case SEC_OID_SECG_EC_SECT283R1:
-	/* Populate params for sect283r1
-	 * (the NIST B-283 curve)
-	 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_283R1, ec_field_GF2m,
-	    params) );
-	break;
-
-    case SEC_OID_SECG_EC_SECT409K1:
-	/* Populate params for sect409k1
-	 * (the NIST K-409 curve)
-	 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_409K1, ec_field_GF2m,
-	    params) );
-	break;
-
-    case SEC_OID_SECG_EC_SECT409R1:
-	/* Populate params for sect409r1
-	 * (the NIST B-409 curve)
-	 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_409R1, ec_field_GF2m,
-	    params) );
-	break;
-
-    case SEC_OID_SECG_EC_SECT571K1:
-	/* Populate params for sect571k1
-	 * (the NIST K-571 curve)
-	 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_571K1, ec_field_GF2m,
-	    params) );
-	break;
-
-    case SEC_OID_SECG_EC_SECT571R1:
-	/* Populate params for sect571r1
-	 * (the NIST B-571 curve)
-	 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_571R1, ec_field_GF2m,
-	    params) );
-	break;
-
-    /* Prime curves */
-
-    case SEC_OID_ANSIX962_EC_PRIME192V1:
-	/* Populate params for prime192v1 aka secp192r1 
-	 * (the NIST P-192 curve)
-	 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_PRIME_192V1, ec_field_GFp,
-	    params) );
-	break;
-
-    case SEC_OID_ANSIX962_EC_PRIME192V2:
-	/* Populate params for prime192v2 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_PRIME_192V2, ec_field_GFp,
-	    params) );
-	break;
-
-    case SEC_OID_ANSIX962_EC_PRIME192V3:
-	/* Populate params for prime192v3 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_PRIME_192V3, ec_field_GFp,
-	    params) );
-	break;
-	
-    case SEC_OID_ANSIX962_EC_PRIME239V1:
-	/* Populate params for prime239v1 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_PRIME_239V1, ec_field_GFp,
-	    params) );
-	break;
-
-    case SEC_OID_ANSIX962_EC_PRIME239V2:
-	/* Populate params for prime239v2 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_PRIME_239V2, ec_field_GFp,
-	    params) );
-	break;
-
-    case SEC_OID_ANSIX962_EC_PRIME239V3:
-	/* Populate params for prime239v3 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_PRIME_239V3, ec_field_GFp,
-	    params) );
-	break;
-
-    case SEC_OID_ANSIX962_EC_PRIME256V1:
-	/* Populate params for prime256v1 aka secp256r1
-	 * (the NIST P-256 curve)
-	 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_PRIME_256V1, ec_field_GFp,
-	    params) );
-	break;
-
-    case SEC_OID_SECG_EC_SECP112R1:
-        /* Populate params for secp112r1 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_112R1, ec_field_GFp,
-	    params) );
-	break;
-
-    case SEC_OID_SECG_EC_SECP112R2:
-        /* Populate params for secp112r2 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_112R2, ec_field_GFp,
-	    params) );
-	break;
-
-    case SEC_OID_SECG_EC_SECP128R1:
-        /* Populate params for secp128r1 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_128R1, ec_field_GFp,
-	    params) );
-	break;
-
-    case SEC_OID_SECG_EC_SECP128R2:
-        /* Populate params for secp128r2 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_128R2, ec_field_GFp,
-	    params) );
-	break;
-	
-    case SEC_OID_SECG_EC_SECP160K1:
-        /* Populate params for secp160k1 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_160K1, ec_field_GFp,
-	    params) );
-	break;
-
-    case SEC_OID_SECG_EC_SECP160R1:
-        /* Populate params for secp160r1 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_160R1, ec_field_GFp,
-	    params) );
-	break;
-
-    case SEC_OID_SECG_EC_SECP160R2:
-	/* Populate params for secp160r1 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_160R2, ec_field_GFp,
-	    params) );
-	break;
-
-    case SEC_OID_SECG_EC_SECP192K1:
-	/* Populate params for secp192k1 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_192K1, ec_field_GFp,
-	    params) );
-	break;
-
-    case SEC_OID_SECG_EC_SECP224K1:
-	/* Populate params for secp224k1 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_224K1, ec_field_GFp,
-	    params) );
-	break;
-
-    case SEC_OID_SECG_EC_SECP224R1:
-	/* Populate params for secp224r1 
-	 * (the NIST P-224 curve)
-	 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_224R1, ec_field_GFp,
-	    params) );
-	break;
-
-    case SEC_OID_SECG_EC_SECP256K1:
-	/* Populate params for secp256k1 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_256K1, ec_field_GFp,
-	    params) );
-	break;
-
-    case SEC_OID_SECG_EC_SECP384R1:
-	/* Populate params for secp384r1
-	 * (the NIST P-384 curve)
-	 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_384R1, ec_field_GFp,
-	    params) );
-	break;
-
-    case SEC_OID_SECG_EC_SECP521R1:
-	/* Populate params for secp521r1 
-	 * (the NIST P-521 curve)
-	 */
-	CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_521R1, ec_field_GFp,
-	    params) );
-	break;
-
-    default:
-	break;
-    };
-
-cleanup:
-    if (!params->cofactor) {
-	PORT_SetError(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE);
-#if EC_DEBUG
-	printf("Unrecognized curve, returning NULL params\n");
-#endif
-    }
-
-    return rv;
-}
-
-SECStatus
-EC_DecodeParams(const SECItem *encodedParams, ECParams **ecparams)
-{
-    PRArenaPool *arena;
-    ECParams *params;
-    SECStatus rv = SECFailure;
-
-    /* Initialize an arena for the ECParams structure */
-    if (!(arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE)))
-	return SECFailure;
-
-    params = (ECParams *)PORT_ArenaZAlloc(arena, sizeof(ECParams));
-    if (!params) {
-	PORT_FreeArena(arena, PR_TRUE);
-	return SECFailure;
-    }
-
-    /* Copy the encoded params */
-    SECITEM_AllocItem(arena, &(params->DEREncoding),
-	encodedParams->len);
-    memcpy(params->DEREncoding.data, encodedParams->data, encodedParams->len);
-
-    /* Fill out the rest of the ECParams structure based on 
-     * the encoded params 
-     */
-    rv = EC_FillParams(arena, encodedParams, params);
-    if (rv == SECFailure) {
-	PORT_FreeArena(arena, PR_TRUE);	
-	return SECFailure;
-    } else {
-	*ecparams = params;;
-	return SECSuccess;
-    }
-}
-
-#endif /* NSS_ENABLE_ECC */

mozilla/security/nss/lib/softoken/fipsaudt.c

@@ -1,351 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is Network Security Services (NSS).
- *
- * The Initial Developer of the Original Code is
- * Red Hat, Inc.
- * Portions created by the Initial Developer are Copyright (C) 2006
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-/*
- * This file implements audit logging required by FIPS 140-2 Security
- * Level 2.
- */
-
-#include "prprf.h"
-#include "softoken.h"
-
-/*
- * Print the value of the returned object handle in the output buffer
- * on a successful return of the PKCS #11 function.  If the PKCS #11
- * function failed or the pointer to object handle is NULL (which is
- * the case for C_DeriveKey with CKM_TLS_KEY_AND_MAC_DERIVE), an empty
- * string is stored in the output buffer.
- *
- * out: the output buffer
- * outlen: the length of the output buffer
- * argName: the name of the "pointer to object handle" argument
- * phObject: the pointer to object handle
- * rv: the return value of the PKCS #11 function
- */
-static void sftk_PrintReturnedObjectHandle(char *out, PRUint32 outlen,
-    const char *argName, CK_OBJECT_HANDLE_PTR phObject, CK_RV rv)
-{
-    if ((rv == CKR_OK) && phObject) {
-	PR_snprintf(out, outlen,
-	    " *%s=0x%08lX", argName, (PRUint32)*phObject);
-    } else {
-	PORT_Assert(outlen != 0);
-	out[0] = '\0';
-    }
-}
-
-/*
- * MECHANISM_BUFSIZE needs to be large enough for sftk_PrintMechanism,
- * which uses <= 49 bytes.
- */
-#define MECHANISM_BUFSIZE 64
-
-static void sftk_PrintMechanism(char *out, PRUint32 outlen,
-    CK_MECHANISM_PTR pMechanism)
-{
-    if (pMechanism) {
-	/*
-	 * If we change the format string, we need to make sure
-	 * MECHANISM_BUFSIZE is still large enough.  We allow
-	 * 20 bytes for %p on a 64-bit platform.
-	 */
-	PR_snprintf(out, outlen, "%p {mechanism=0x%08lX, ...}",
-	    pMechanism, (PRUint32)pMechanism->mechanism);
-    } else {
-	PR_snprintf(out, outlen, "%p", pMechanism);
-    }
-}
-
-void sftk_AuditCreateObject(CK_SESSION_HANDLE hSession,
-    CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
-    CK_OBJECT_HANDLE_PTR phObject, CK_RV rv)
-{
-    char msg[256];
-    char shObject[32];
-    NSSAuditSeverity severity = (rv == CKR_OK) ?
-	NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
-
-    sftk_PrintReturnedObjectHandle(shObject, sizeof shObject,
-	"phObject", phObject, rv);
-    PR_snprintf(msg, sizeof msg,
-	"C_CreateObject(hSession=0x%08lX, pTemplate=%p, ulCount=%lu, "
-	"phObject=%p)=0x%08lX%s",
-	(PRUint32)hSession, pTemplate, (PRUint32)ulCount,
-	phObject, (PRUint32)rv, shObject);
-    sftk_LogAuditMessage(severity, msg);
-}
-
-void sftk_AuditCopyObject(CK_SESSION_HANDLE hSession,
-    CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
-    CK_OBJECT_HANDLE_PTR phNewObject, CK_RV rv)
-{
-    char msg[256];
-    char shNewObject[32];
-    NSSAuditSeverity severity = (rv == CKR_OK) ?
-	NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
-
-    sftk_PrintReturnedObjectHandle(shNewObject, sizeof shNewObject,
-	"phNewObject", phNewObject, rv);
-    PR_snprintf(msg, sizeof msg,
-	"C_CopyObject(hSession=0x%08lX, hObject=0x%08lX, "
-	"pTemplate=%p, ulCount=%lu, phNewObject=%p)=0x%08lX%s",
-	(PRUint32)hSession, (PRUint32)hObject,
-	pTemplate, (PRUint32)ulCount, phNewObject, (PRUint32)rv, shNewObject);
-    sftk_LogAuditMessage(severity, msg);
-}
-
-/* WARNING: hObject has been destroyed and can only be printed. */
-void sftk_AuditDestroyObject(CK_SESSION_HANDLE hSession,
-    CK_OBJECT_HANDLE hObject, CK_RV rv)
-{
-    char msg[256];
-    NSSAuditSeverity severity = (rv == CKR_OK) ?
-	NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
-
-    PR_snprintf(msg, sizeof msg,
-	"C_DestroyObject(hSession=0x%08lX, hObject=0x%08lX)=0x%08lX",
-	(PRUint32)hSession, (PRUint32)hObject, (PRUint32)rv);
-    sftk_LogAuditMessage(severity, msg);
-}
-
-void sftk_AuditGetObjectSize(CK_SESSION_HANDLE hSession,
-    CK_OBJECT_HANDLE hObject, CK_ULONG_PTR pulSize, CK_RV rv)
-{
-    char msg[256];
-    NSSAuditSeverity severity = (rv == CKR_OK) ?
-	NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
-
-    PR_snprintf(msg, sizeof msg,
-	"C_GetObjectSize(hSession=0x%08lX, hObject=0x%08lX, "
-	"pulSize=%p)=0x%08lX",
-	(PRUint32)hSession, (PRUint32)hObject,
-	pulSize, (PRUint32)rv);
-    sftk_LogAuditMessage(severity, msg);
-}
-
-void sftk_AuditGetAttributeValue(CK_SESSION_HANDLE hSession,
-    CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate,
-    CK_ULONG ulCount, CK_RV rv)
-{
-    char msg[256];
-    NSSAuditSeverity severity = (rv == CKR_OK) ?
-	NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
-
-    PR_snprintf(msg, sizeof msg,
-	"C_GetAttributeValue(hSession=0x%08lX, hObject=0x%08lX, "
-	"pTemplate=%p, ulCount=%lu)=0x%08lX",
-	(PRUint32)hSession, (PRUint32)hObject,
-	pTemplate, (PRUint32)ulCount, (PRUint32)rv);
-    sftk_LogAuditMessage(severity, msg);
-}
-
-void sftk_AuditSetAttributeValue(CK_SESSION_HANDLE hSession,
-    CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate,
-    CK_ULONG ulCount, CK_RV rv)
-{
-    char msg[256];
-    NSSAuditSeverity severity = (rv == CKR_OK) ?
-	NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
-
-    PR_snprintf(msg, sizeof msg,
-	"C_SetAttributeValue(hSession=0x%08lX, hObject=0x%08lX, "
-	"pTemplate=%p, ulCount=%lu)=0x%08lX",
-	(PRUint32)hSession, (PRUint32)hObject,
-	pTemplate, (PRUint32)ulCount, (PRUint32)rv);
-    sftk_LogAuditMessage(severity, msg);
-}
-
-void sftk_AuditCryptInit(const char *opName, CK_SESSION_HANDLE hSession,
-    CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey, CK_RV rv)
-{
-    char msg[256];
-    char mech[MECHANISM_BUFSIZE];
-    NSSAuditSeverity severity = (rv == CKR_OK) ?
-	NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
-
-    sftk_PrintMechanism(mech, sizeof mech, pMechanism);
-    PR_snprintf(msg, sizeof msg,
-	"C_%sInit(hSession=0x%08lX, pMechanism=%s, "
-	"hKey=0x%08lX)=0x%08lX",
-	opName, (PRUint32)hSession, mech,
-	(PRUint32)hKey, (PRUint32)rv);
-    sftk_LogAuditMessage(severity, msg);
-}
-
-void sftk_AuditGenerateKey(CK_SESSION_HANDLE hSession,
-    CK_MECHANISM_PTR pMechanism, CK_ATTRIBUTE_PTR pTemplate,
-    CK_ULONG ulCount, CK_OBJECT_HANDLE_PTR phKey, CK_RV rv)
-{
-    char msg[256];
-    char mech[MECHANISM_BUFSIZE];
-    char shKey[32];
-    NSSAuditSeverity severity = (rv == CKR_OK) ?
-	NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
-
-    sftk_PrintMechanism(mech, sizeof mech, pMechanism);
-    sftk_PrintReturnedObjectHandle(shKey, sizeof shKey, "phKey", phKey, rv);
-    PR_snprintf(msg, sizeof msg,
-	"C_GenerateKey(hSession=0x%08lX, pMechanism=%s, "
-	"pTemplate=%p, ulCount=%lu, phKey=%p)=0x%08lX%s",
-	(PRUint32)hSession, mech,
-	pTemplate, (PRUint32)ulCount, phKey, (PRUint32)rv, shKey);
-    sftk_LogAuditMessage(severity, msg);
-}
-
-void sftk_AuditGenerateKeyPair(CK_SESSION_HANDLE hSession,
-    CK_MECHANISM_PTR pMechanism, CK_ATTRIBUTE_PTR pPublicKeyTemplate,
-    CK_ULONG ulPublicKeyAttributeCount, CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
-    CK_ULONG ulPrivateKeyAttributeCount, CK_OBJECT_HANDLE_PTR phPublicKey,
-    CK_OBJECT_HANDLE_PTR phPrivateKey, CK_RV rv)
-{
-    char msg[512];
-    char mech[MECHANISM_BUFSIZE];
-    char shPublicKey[32];
-    char shPrivateKey[32];
-    NSSAuditSeverity severity = (rv == CKR_OK) ?
-	NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
-
-    sftk_PrintMechanism(mech, sizeof mech, pMechanism);
-    sftk_PrintReturnedObjectHandle(shPublicKey, sizeof shPublicKey,
-	"phPublicKey", phPublicKey, rv);
-    sftk_PrintReturnedObjectHandle(shPrivateKey, sizeof shPrivateKey,
-	"phPrivateKey", phPrivateKey, rv);
-    PR_snprintf(msg, sizeof msg,
-	"C_GenerateKeyPair(hSession=0x%08lX, pMechanism=%s, "
-	"pPublicKeyTemplate=%p, ulPublicKeyAttributeCount=%lu, "
-	"pPrivateKeyTemplate=%p, ulPrivateKeyAttributeCount=%lu, "
-	"phPublicKey=%p, phPrivateKey=%p)=0x%08lX%s%s",
-	(PRUint32)hSession, mech,
-	pPublicKeyTemplate, (PRUint32)ulPublicKeyAttributeCount,
-	pPrivateKeyTemplate, (PRUint32)ulPrivateKeyAttributeCount,
-	phPublicKey, phPrivateKey, (PRUint32)rv, shPublicKey, shPrivateKey);
-    sftk_LogAuditMessage(severity, msg);
-}
-
-void sftk_AuditWrapKey(CK_SESSION_HANDLE hSession,
-    CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hWrappingKey,
-    CK_OBJECT_HANDLE hKey, CK_BYTE_PTR pWrappedKey,
-    CK_ULONG_PTR pulWrappedKeyLen, CK_RV rv)
-{
-    char msg[256];
-    char mech[MECHANISM_BUFSIZE];
-    NSSAuditSeverity severity = (rv == CKR_OK) ?
-	NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
-
-    sftk_PrintMechanism(mech, sizeof mech, pMechanism);
-    PR_snprintf(msg, sizeof msg,
-	"C_WrapKey(hSession=0x%08lX, pMechanism=%s, hWrappingKey=0x%08lX, "
-	"hKey=0x%08lX, pWrappedKey=%p, pulWrappedKeyLen=%p)=0x%08lX",
-	(PRUint32)hSession, mech, (PRUint32)hWrappingKey,
-	(PRUint32)hKey, pWrappedKey, pulWrappedKeyLen, (PRUint32)rv);
-    sftk_LogAuditMessage(severity, msg);
-}
-
-void sftk_AuditUnwrapKey(CK_SESSION_HANDLE hSession,
-    CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hUnwrappingKey,
-    CK_BYTE_PTR pWrappedKey, CK_ULONG ulWrappedKeyLen,
-    CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount,
-    CK_OBJECT_HANDLE_PTR phKey, CK_RV rv)
-{
-    char msg[256];
-    char mech[MECHANISM_BUFSIZE];
-    char shKey[32];
-    NSSAuditSeverity severity = (rv == CKR_OK) ?
-	NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
-
-    sftk_PrintMechanism(mech, sizeof mech, pMechanism);
-    sftk_PrintReturnedObjectHandle(shKey, sizeof shKey, "phKey", phKey, rv);
-    PR_snprintf(msg, sizeof msg,
-	"C_UnwrapKey(hSession=0x%08lX, pMechanism=%s, "
-	"hUnwrappingKey=0x%08lX, pWrappedKey=%p, ulWrappedKeyLen=%lu, "
-	"pTemplate=%p, ulAttributeCount=%lu, phKey=%p)=0x%08lX%s",
-	(PRUint32)hSession, mech,
-	(PRUint32)hUnwrappingKey, pWrappedKey, (PRUint32)ulWrappedKeyLen,
-	pTemplate, (PRUint32)ulAttributeCount, phKey, (PRUint32)rv, shKey);
-    sftk_LogAuditMessage(severity, msg);
-}
-
-void sftk_AuditDeriveKey(CK_SESSION_HANDLE hSession,
-    CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hBaseKey,
-    CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount,
-    CK_OBJECT_HANDLE_PTR phKey, CK_RV rv)
-{
-    char msg[512];
-    char mech[MECHANISM_BUFSIZE];
-    char shKey[32];
-    char sTlsKeys[128];
-    NSSAuditSeverity severity = (rv == CKR_OK) ?
-	NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
-
-    sftk_PrintMechanism(mech, sizeof mech, pMechanism);
-    sftk_PrintReturnedObjectHandle(shKey, sizeof shKey, "phKey", phKey, rv);
-    if ((rv == CKR_OK) &&
-	(pMechanism->mechanism == CKM_TLS_KEY_AND_MAC_DERIVE)) {
-	CK_SSL3_KEY_MAT_PARAMS *param =
-	    (CK_SSL3_KEY_MAT_PARAMS *)pMechanism->pParameter;
-	CK_SSL3_KEY_MAT_OUT *keymat = param->pReturnedKeyMaterial;
-	PR_snprintf(sTlsKeys, sizeof sTlsKeys,
-	    " hClientMacSecret=0x%08lX hServerMacSecret=0x%08lX"
-	    " hClientKey=0x%08lX hServerKey=0x%08lX",
-	    (PRUint32)keymat->hClientMacSecret,
-	    (PRUint32)keymat->hServerMacSecret,
-	    (PRUint32)keymat->hClientKey,
-	    (PRUint32)keymat->hServerKey);
-    } else {
-	sTlsKeys[0] = '\0';
-    }
-    PR_snprintf(msg, sizeof msg,
-	"C_DeriveKey(hSession=0x%08lX, pMechanism=%s, "
-	"hBaseKey=0x%08lX, pTemplate=%p, ulAttributeCount=%lu, "
-	"phKey=%p)=0x%08lX%s%s",
-	(PRUint32)hSession, mech,
-	(PRUint32)hBaseKey, pTemplate,(PRUint32)ulAttributeCount,
-	phKey, (PRUint32)rv, shKey, sTlsKeys);
-    sftk_LogAuditMessage(severity, msg);
-}
-
-void sftk_AuditDigestKey(CK_SESSION_HANDLE hSession,
-    CK_OBJECT_HANDLE hKey, CK_RV rv)
-{
-    char msg[256];
-    NSSAuditSeverity severity = (rv == CKR_OK) ?
-	NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
-
-    PR_snprintf(msg, sizeof msg,
-	"C_DigestKey(hSession=0x%08lX, hKey=0x%08lX)=0x%08lX",
-	(PRUint32)hSession, (PRUint32)hKey, (PRUint32)rv);
-    sftk_LogAuditMessage(severity, msg);
-}

mozilla/security/nss/lib/softoken/legacydb/Makefile

@@ -1,80 +0,0 @@
-#! gmake
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-export:: private_export
-

mozilla/security/nss/lib/softoken/legacydb/cdbhdl.h

@@ -1,85 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-/*
- * cdbhdl.h - certificate database handle
- *   private to the certdb module
- *
- * $Id: cdbhdl.h,v 1.1.2.1 2007-04-03 22:50:02 rrelyea%redhat.com Exp $
- */
-#ifndef _CDBHDL_H_
-#define _CDBHDL_H_
-
-#include "nspr.h"
-#include "mcom_db.h"
-#include "pcertt.h"
-#include "prtypes.h"
-
-/*
- * Handle structure for open certificate databases
- */
-struct NSSLOWCERTCertDBHandleStr {
-    DB *permCertDB;
-    PZMonitor *dbMon;
-    PRBool dbVerify;
-    PRInt32  ref; /* reference count */
-};
-
-#ifdef DBM_USING_NSPR
-#define NO_RDONLY	PR_RDONLY
-#define NO_RDWR		PR_RDWR
-#define NO_CREATE	(PR_RDWR | PR_CREATE_FILE | PR_TRUNCATE)
-#else
-#define NO_RDONLY	O_RDONLY
-#define NO_RDWR		O_RDWR
-#define NO_CREATE	(O_RDWR | O_CREAT | O_TRUNC)
-#endif
-
-typedef DB * (*rdbfunc)(const char *appName, const char *prefix, 
-				const char *type, int flags);
-typedef int (*rdbstatusfunc)(void);
-
-#define RDB_FAIL 1
-#define RDB_RETRY 2
-
-DB * rdbopen(const char *appName, const char *prefix, 
-				const char *type, int flags, int *status);
-
-DB *dbsopen (const char *dbname , int flags, int mode, DBTYPE type, 
-						const void * appData);
-SECStatus db_Copy(DB *dest,DB *src);
-int db_InitComplete(DB *db);
-
-#endif

mozilla/security/nss/lib/softoken/legacydb/config.mk

@@ -1,102 +0,0 @@
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-# $(PROGRAM) has explicit dependencies on $(EXTRA_LIBS)
-CRYPTOLIB=$(DIST)/lib/$(LIB_PREFIX)freebl.$(LIB_SUFFIX)
-CRYPTODIR=../freebl
-ifdef MOZILLA_SECURITY_BUILD
-	CRYPTOLIB=$(DIST)/lib/$(LIB_PREFIX)crypto.$(LIB_SUFFIX)
-	CRYPTODIR=../crypto
-endif
-
-EXTRA_LIBS += \
-	$(CRYPTOLIB) \
-	$(DIST)/lib/$(LIB_PREFIX)secutil.$(LIB_SUFFIX) \
-	$(DIST)/lib/$(LIB_PREFIX)dbm.$(LIB_SUFFIX) \
-	$(NULL)
-
-# can't do this in manifest.mn because OS_TARGET isn't defined there.
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
-
-# don't want the 32 in the shared library name
-SHARED_LIBRARY = $(OBJDIR)/$(DLL_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION).$(DLL_SUFFIX)
-IMPORT_LIBRARY = $(OBJDIR)/$(IMPORT_LIB_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION)$(IMPORT_LIB_SUFFIX)
-
-RES = $(OBJDIR)/$(LIBRARY_NAME).res
-RESNAME = $(LIBRARY_NAME).rc
-
-ifdef NS_USE_GCC
-EXTRA_SHARED_LIBS += \
-	-L$(NSPR_LIB_DIR) \
-	-lplc4 \
-	-lplds4 \
-	-lnspr4 \
-	$(NULL)
-else # ! NS_USE_GCC
-
-EXTRA_SHARED_LIBS += \
-	$(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)plc4.lib \
-	$(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)plds4.lib \
-	$(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)nspr4.lib \
-	$(NULL)
-endif # NS_USE_GCC
-
-else
-
-# $(PROGRAM) has NO explicit dependencies on $(EXTRA_SHARED_LIBS)
-# $(EXTRA_SHARED_LIBS) come before $(OS_LIBS), except on AIX.
-EXTRA_SHARED_LIBS += \
-	-L$(NSPR_LIB_DIR) \
-	-lplc4 \
-	-lplds4 \
-	-lnspr4 \
-	$(NULL)
-endif
-
-ifeq ($(OS_TARGET),SunOS)
-# The -R '$ORIGIN' linker option instructs this library to search for its
-# dependencies in the same directory where it resides.
-MKSHLIB += -R '$$ORIGIN'
-OS_LIBS += -lbsm 
-endif
-
-ifeq ($(OS_TARGET),WINCE)
-DEFINES += -DDBM_USING_NSPR
-endif
-
-# indicates dependency on freebl static lib
-$(SHARED_LIBRARY): $(CRYPTOLIB)

mozilla/security/nss/lib/softoken/legacydb/dbmshim.c

@@ -1,647 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-/*
- * Berkeley DB 1.85 Shim code to handle blobs.
- *
- * $Id: dbmshim.c,v 1.1.2.1 2007-04-03 22:50:02 rrelyea%redhat.com Exp $
- */
-#include "mcom_db.h"
-#include "secitem.h"
-#include "nssb64.h"
-#include "blapi.h"
-#include "secerr.h"
-
-#include "lgdb.h"
-
-/*
- *   Blob block:
- *   Byte 0   CERTDB Version           -+                       -+
- *   Byte 1   certDBEntryTypeBlob       |  BLOB_HEAD_LEN         |
- *   Byte 2   flags (always '0');       |                        |
- *   Byte 3   reserved (always '0');   -+                        |
- *   Byte 4   LSB length                | <--BLOB_LENGTH_START   | BLOB_BUF_LEN
- *   Byte 5       .                     |                        |
- *   Byte 6       .                     | BLOB_LENGTH_LEN        |
- *   Byte 7   MSB length                |                        |
- *   Byte 8   blob_filename   -+       -+  <-- BLOB_NAME_START   |
- *   Byte 9       .            | BLOB_NAME_LEN                   |
- *     .          .            |                                 |
- *   Byte 37      .           -+                                -+
- */
-#define DBS_BLOCK_SIZE (16*1024) /* 16 k */
-#define DBS_MAX_ENTRY_SIZE (DBS_BLOCK_SIZE - (2048)) /* 14 k */
-#define DBS_CACHE_SIZE	DBS_BLOCK_SIZE*8
-#define ROUNDDIV(x,y) (x+(y-1))/y
-#define BLOB_HEAD_LEN 4
-#define BLOB_LENGTH_START BLOB_HEAD_LEN
-#define BLOB_LENGTH_LEN 4
-#define BLOB_NAME_START BLOB_LENGTH_START+BLOB_LENGTH_LEN
-#define BLOB_NAME_LEN 1+ROUNDDIV(SHA1_LENGTH,3)*4+1
-#define BLOB_BUF_LEN BLOB_HEAD_LEN+BLOB_LENGTH_LEN+BLOB_NAME_LEN
-
-/* a Shim data structure. This data structure has a db built into it. */
-typedef struct DBSStr DBS;
-
-struct DBSStr {
-    DB db;
-    char *blobdir;
-    int mode;
-    PRBool readOnly;
-    PRFileMap *dbs_mapfile;
-    unsigned char *dbs_addr;
-    PRUint32 dbs_len;
-    char staticBlobArea[BLOB_BUF_LEN];
-};
-    
-    
-
-/*
- * return true if the Datablock contains a blobtype
- */
-static PRBool
-dbs_IsBlob(DBT *blobData)
-{
-    unsigned char *addr = (unsigned char *)blobData->data;
-    if (blobData->size < BLOB_BUF_LEN) {
-	return PR_FALSE;
-    }
-    return addr && ((certDBEntryType) addr[1] == certDBEntryTypeBlob);
-}
-
-/*
- * extract the filename in the blob of the real data set.
- * This value is not malloced (does not need to be freed by the caller.
- */
-static const char *
-dbs_getBlobFileName(DBT *blobData)
-{
-    char *addr = (char *)blobData->data;
-
-    return &addr[BLOB_NAME_START];
-}
-
-/*
- * extract the size of the actual blob from the blob record
- */
-static PRUint32
-dbs_getBlobSize(DBT *blobData)
-{
-    unsigned char *addr = (unsigned char *)blobData->data;
-
-    return (PRUint32)(addr[BLOB_LENGTH_START+3] << 24) | 
-			(addr[BLOB_LENGTH_START+2] << 16) | 
-			(addr[BLOB_LENGTH_START+1] << 8) | 
-			addr[BLOB_LENGTH_START];
-}
-
-
-/* We are using base64 data for the filename, but base64 data can include a
- * '/' which is interpreted as a path separator on  many platforms. Replace it
- * with an inocuous '-'. We don't need to convert back because we never actual
- * decode the filename.
- */
-
-static void
-dbs_replaceSlash(char *cp, int len)
-{
-   while (len--) {
-	if (*cp == '/') *cp = '-';
-	cp++;
-   }
-}
-
-/*
- * create a blob record from a key, data and return it in blobData.
- * NOTE: The data element is static data (keeping with the dbm model).
- */
-static void
-dbs_mkBlob(DBS *dbsp,const DBT *key, const DBT *data, DBT *blobData)
-{
-   unsigned char sha1_data[SHA1_LENGTH];
-   char *b = dbsp->staticBlobArea;
-   PRUint32 length = data->size;
-   SECItem sha1Item;
-
-   b[0] = CERT_DB_FILE_VERSION; /* certdb version number */
-   b[1] = (char) certDBEntryTypeBlob; /* type */
-   b[2] = 0; /* flags */
-   b[3] = 0; /* reserved */
-   b[BLOB_LENGTH_START] = length & 0xff;
-   b[BLOB_LENGTH_START+1] = (length >> 8) & 0xff;
-   b[BLOB_LENGTH_START+2] = (length >> 16) & 0xff;
-   b[BLOB_LENGTH_START+3] = (length >> 24) & 0xff;
-   sha1Item.data = sha1_data;
-   sha1Item.len = SHA1_LENGTH;
-   SHA1_HashBuf(sha1_data,key->data,key->size);
-   b[BLOB_NAME_START]='b'; /* Make sure we start with a alpha */
-   NSSBase64_EncodeItem(NULL,&b[BLOB_NAME_START+1],BLOB_NAME_LEN-1,&sha1Item);
-   b[BLOB_BUF_LEN-1] = 0;
-   dbs_replaceSlash(&b[BLOB_NAME_START+1],BLOB_NAME_LEN-1);
-   blobData->data = b;
-   blobData->size = BLOB_BUF_LEN;
-   return;
-}
-   
-
-/*
- * construct a path to the actual blob. The string returned must be
- * freed by the caller with PR_smprintf_free.
- *
- * Note: this file does lots of consistancy checks on the DBT. The
- * routines that call this depend on these checks, so they don't worry
- * about them (success of this routine implies a good blobdata record).
- */ 
-static char *
-dbs_getBlobFilePath(char *blobdir,DBT *blobData)
-{
-    const char *name;
-
-    if (blobdir == NULL) {
-	PR_SetError(SEC_ERROR_BAD_DATABASE,0);
-	return NULL;
-    }
-    if (!dbs_IsBlob(blobData)) {
-	PR_SetError(SEC_ERROR_BAD_DATABASE,0);
-	return NULL;
-    }
-    name = dbs_getBlobFileName(blobData);
-    if (!name || *name == 0) {
-	PR_SetError(SEC_ERROR_BAD_DATABASE,0);
-	return NULL;
-    }
-    return  PR_smprintf("%s" PATH_SEPARATOR "%s", blobdir, name);
-}
-
-/*
- * Delete a blob file pointed to by the blob record.
- */
-static void
-dbs_removeBlob(DBS *dbsp, DBT *blobData)
-{
-    char *file;
-
-    file = dbs_getBlobFilePath(dbsp->blobdir, blobData);
-    if (!file) {
-	return;
-    }
-    PR_Delete(file);
-    PR_smprintf_free(file);
-}
-
-/*
- * Directory modes are slightly different, the 'x' bit needs to be on to
- * access them. Copy all the read bits to 'x' bits
- */
-static int
-dbs_DirMode(int mode)
-{
-  int x_bits = (mode >> 2) &  0111;
-  return mode | x_bits;
-}
-
-/*
- * write a data blob to it's file. blobdData is the blob record that will be
- * stored in the database. data is the actual data to go out on disk.
- */
-static int
-dbs_writeBlob(DBS *dbsp, int mode, DBT *blobData, const DBT *data)
-{
-    char *file = NULL;
-    PRFileDesc *filed;
-    PRStatus status;
-    int len;
-    int error = 0;
-
-    file = dbs_getBlobFilePath(dbsp->blobdir, blobData);
-    if (!file) {
-	goto loser;
-    }
-    if (PR_Access(dbsp->blobdir, PR_ACCESS_EXISTS) != PR_SUCCESS) {
-	status = PR_MkDir(dbsp->blobdir,dbs_DirMode(mode));
-	if (status != PR_SUCCESS) {
-	    goto loser;
-	}
-    }
-    filed = PR_OpenFile(file,PR_CREATE_FILE|PR_TRUNCATE|PR_WRONLY, mode);
-    if (filed == NULL) {
-	error = PR_GetError();
-	goto loser;
-    }
-    len = PR_Write(filed,data->data,data->size);
-    error = PR_GetError();
-    PR_Close(filed);
-    if (len < (int)data->size) {
-	goto loser;
-    }
-    PR_smprintf_free(file);
-    return 0;
-
-loser:
-    if (file) {
-	PR_Delete(file);
-	PR_smprintf_free(file);
-    }
-    /* don't let close or delete reset the error */
-    PR_SetError(error,0);
-    return -1;
-}
-
-
-/*
- * we need to keep a address map in memory between calls to DBM.
- * remember what we have mapped can close it when we get another dbm
- * call. 
- *
- * NOTE: Not all platforms support mapped files. This code is designed to
- * detect this at runtime. If map files aren't supported the OS will indicate
- * this by failing the PR_Memmap call. In this case we emulate mapped files
- * by just reading in the file into regular memory. We signal this state by
- * making dbs_mapfile NULL and dbs_addr non-NULL.
- */
-
-static void
-dbs_freemap(DBS *dbsp)
-{
-    if (dbsp->dbs_mapfile) {
-	PR_MemUnmap(dbsp->dbs_addr,dbsp->dbs_len);
-	PR_CloseFileMap(dbsp->dbs_mapfile);
-	dbsp->dbs_mapfile = NULL;
-	dbsp->dbs_addr = NULL;
-	dbsp->dbs_len = 0;
-    } else if (dbsp->dbs_addr) {
-	PORT_Free(dbsp->dbs_addr);
-	dbsp->dbs_addr = NULL;
-	dbsp->dbs_len = 0;
-    }
-    return;
-}
-
-static void
-dbs_setmap(DBS *dbsp, PRFileMap *mapfile, unsigned char *addr, PRUint32 len)
-{
-    dbsp->dbs_mapfile = mapfile;
-    dbsp->dbs_addr = addr;
-    dbsp->dbs_len = len;
-}
-
-/*
- * platforms that cannot map the file need to read it into a temp buffer.
- */
-static unsigned char *
-dbs_EmulateMap(PRFileDesc *filed, int len)
-{
-    unsigned char *addr;
-    PRInt32 dataRead;
-
-    addr = PORT_Alloc(len);
-    if (addr == NULL) {
-	return NULL;
-    }
-
-    dataRead = PR_Read(filed,addr,len);
-    if (dataRead != len) {
-	PORT_Free(addr);
-	if (dataRead > 0) {
-	    /* PR_Read didn't set an error, we need to */
-	    PR_SetError(SEC_ERROR_BAD_DATABASE,0);
-	}
-	return NULL;
-    }
-
-    return addr;
-}
-
-
-/*
- * pull a database record off the disk
- * data points to the blob record on input and the real record (if we could
- * read it) on output. if there is an error data is not modified.
- */
-static int
-dbs_readBlob(DBS *dbsp, DBT *data)
-{
-    char *file = NULL;
-    PRFileDesc *filed = NULL;
-    PRFileMap *mapfile = NULL;
-    unsigned char *addr = NULL;
-    int error;
-    int len = -1;
-
-    file = dbs_getBlobFilePath(dbsp->blobdir, data);
-    if (!file) {
-	goto loser;
-    }
-    filed = PR_OpenFile(file,PR_RDONLY,0);
-    PR_smprintf_free(file); file = NULL;
-    if (filed == NULL) {
-	goto loser;
-    }
-
-    len = dbs_getBlobSize(data);
-    mapfile = PR_CreateFileMap(filed, len, PR_PROT_READONLY);
-    if (mapfile == NULL) {
-	 /* USE PR_GetError instead of PORT_GetError here
-	  * because we are getting the error from PR_xxx
-	  * function */
-	if (PR_GetError() != PR_NOT_IMPLEMENTED_ERROR) {
-	    goto loser;
-	}
-	addr = dbs_EmulateMap(filed, len);
-    } else {
-	addr = PR_MemMap(mapfile, 0, len);
-    }
-    if (addr == NULL) {
-	goto loser;
-    }
-    PR_Close(filed);
-    dbs_setmap(dbsp,mapfile,addr,len);
-
-    data->data = addr;
-    data->size = len;
-    return 0;
-
-loser:
-    /* preserve the error code */
-    error = PR_GetError();
-    if (mapfile) {
-	PR_CloseFileMap(mapfile);
-    }
-    if (filed) {
-	PR_Close(filed);
-    }
-    PR_SetError(error,0);
-    return -1;
-}
-
-/*
- * actual DBM shims
- */
-static int
-dbs_get(const DB *dbs, const DBT *key, DBT *data, unsigned int flags)
-{
-    int ret;
-    DBS *dbsp = (DBS *)dbs;
-    DB *db = (DB *)dbs->internal;
-    
-
-    dbs_freemap(dbsp);
-    
-    ret = (* db->get)(db, key, data, flags);
-    if ((ret == 0) && dbs_IsBlob(data)) {
-	ret = dbs_readBlob(dbsp,data);
-    }
-
-    return(ret);
-}
-
-static int
-dbs_put(const DB *dbs, DBT *key, const DBT *data, unsigned int flags)
-{
-    DBT blob;
-    int ret = 0;
-    DBS *dbsp = (DBS *)dbs;
-    DB *db = (DB *)dbs->internal;
-
-    dbs_freemap(dbsp);
-
-    /* If the db is readonly, just pass the data down to rdb and let it fail */
-    if (!dbsp->readOnly) {
-	DBT oldData;
-	int ret1;
-
-	/* make sure the current record is deleted if it's a blob */
-	ret1 = (*db->get)(db,key,&oldData,0);
-        if ((ret1 == 0) && flags == R_NOOVERWRITE) {
-	    /* let DBM return the error to maintain consistancy */
-	    return (* db->put)(db, key, data, flags);
-	}
-	if ((ret1 == 0) && dbs_IsBlob(&oldData)) {
-	    dbs_removeBlob(dbsp, &oldData);
-	}
-
-	if (data->size > DBS_MAX_ENTRY_SIZE) {
-	    dbs_mkBlob(dbsp,key,data,&blob);
-	    ret = dbs_writeBlob(dbsp, dbsp->mode, &blob, data);
-	    data = &blob;
-	}
-    }
-
-    if (ret == 0) {
-	ret = (* db->put)(db, key, data, flags);
-    }
-    return(ret);
-}
-
-static int
-dbs_sync(const DB *dbs, unsigned int flags)
-{
-    DB *db = (DB *)dbs->internal;
-    DBS *dbsp = (DBS *)dbs;
-
-    dbs_freemap(dbsp);
-
-    return (* db->sync)(db, flags);
-}
-
-static int
-dbs_del(const DB *dbs, const DBT *key, unsigned int flags)
-{
-    int ret;
-    DBS *dbsp = (DBS *)dbs;
-    DB *db = (DB *)dbs->internal;
-
-    dbs_freemap(dbsp);
-
-    if (!dbsp->readOnly) {
-	DBT oldData;
-	ret = (*db->get)(db,key,&oldData,0);
-	if ((ret == 0) && dbs_IsBlob(&oldData)) {
-	    dbs_removeBlob(dbsp,&oldData);
-	}
-    }
-
-    return (* db->del)(db, key, flags);
-}
-
-static int
-dbs_seq(const DB *dbs, DBT *key, DBT *data, unsigned int flags)
-{
-    int ret;
-    DBS *dbsp = (DBS *)dbs;
-    DB *db = (DB *)dbs->internal;
-    
-    dbs_freemap(dbsp);
-    
-    ret = (* db->seq)(db, key, data, flags);
-    if ((ret == 0) && dbs_IsBlob(data)) {
-	/* don't return a blob read as an error so traversals keep going */
-	(void) dbs_readBlob(dbsp,data);
-    }
-
-    return(ret);
-}
-
-static int
-dbs_close(DB *dbs)
-{
-    DBS *dbsp = (DBS *)dbs;
-    DB *db = (DB *)dbs->internal;
-    int ret;
-
-    dbs_freemap(dbsp);
-    ret = (* db->close)(db);
-    PORT_Free(dbsp->blobdir);
-    PORT_Free(dbsp);
-    return ret;
-}
-
-static int
-dbs_fd(const DB *dbs)
-{
-    DB *db = (DB *)dbs->internal;
-
-    return (* db->fd)(db);
-}
-
-/*
- * the naming convention we use is
- * change the .xxx into .dir. (for nss it's always .db);
- * if no .extension exists or is equal to .dir, add a .dir 
- * the returned data must be freed.
- */
-#define DIRSUFFIX ".dir"
-static char *
-dbs_mkBlobDirName(const char *dbname)
-{
-    int dbname_len = PORT_Strlen(dbname);
-    int dbname_end = dbname_len;
-    const char *cp;
-    char *blobDir = NULL;
-
-    /* scan back from the end looking for either a directory separator, a '.',
-     * or the end of the string. NOTE: Windows should check for both separators
-     * here. For now this is safe because we know NSS always uses a '.'
-     */
-    for (cp = &dbname[dbname_len]; 
-		(cp > dbname) && (*cp != '.') && (*cp != *PATH_SEPARATOR) ;
-			cp--)
-	/* Empty */ ;
-    if (*cp == '.') {
-	dbname_end = cp - dbname;
-	if (PORT_Strcmp(cp,DIRSUFFIX) == 0) {
-	    dbname_end = dbname_len;
-	}
-    }
-    blobDir = PORT_ZAlloc(dbname_end+sizeof(DIRSUFFIX));
-    if (blobDir == NULL) {
-	return NULL;
-    }
-    PORT_Memcpy(blobDir,dbname,dbname_end);
-    PORT_Memcpy(&blobDir[dbname_end],DIRSUFFIX,sizeof(DIRSUFFIX));
-    return blobDir;
-}
-
-#define DBM_DEFAULT 0
-static const HASHINFO dbs_hashInfo = {
-	DBS_BLOCK_SIZE,		/* bucket size, must be greater than = to
-				 * or maximum entry size (+ header)
-				 * we allow before blobing */
-	DBM_DEFAULT,		/* Fill Factor */
-	DBM_DEFAULT,		/* number of elements */
-	DBS_CACHE_SIZE,		/* cache size */
-	DBM_DEFAULT,		/* hash function */
-	DBM_DEFAULT,		/* byte order */
-};
-
-/*
- * the open function. NOTE: this is the only exposed function in this file.
- * everything else is called through the function table pointer.
- */
-DB *
-dbsopen(const char *dbname, int flags, int mode, DBTYPE type,
-							 const void *userData)
-{
-    DB *db = NULL,*dbs = NULL;
-    DBS *dbsp = NULL;
-
-    /* NOTE: we are overriding userData with dbs_hashInfo. since all known
-     * callers pass 0, this is ok, otherwise we should merge the two */
-
-    dbsp = (DBS *)PORT_ZAlloc(sizeof(DBS));
-    if (!dbsp) {
-	return NULL;
-    }
-    dbs = &dbsp->db;
-
-    dbsp->blobdir=dbs_mkBlobDirName(dbname);
-    if (dbsp->blobdir == NULL) {
-	goto loser;
-    }
-    dbsp->mode = mode;
-    dbsp->readOnly = (PRBool)(flags == NO_RDONLY);
-    dbsp->dbs_mapfile = NULL;
-    dbsp->dbs_addr = NULL;
-    dbsp->dbs_len = 0;
-
-    /* the real dbm call */
-    db = dbopen(dbname, flags, mode, type, &dbs_hashInfo);
-    if (db == NULL) {
-	goto loser;
-    }
-    dbs->internal = (void *) db;
-    dbs->type = type;
-    dbs->close = dbs_close;
-    dbs->get = dbs_get;
-    dbs->del = dbs_del;
-    dbs->put = dbs_put;
-    dbs->seq = dbs_seq;
-    dbs->sync = dbs_sync;
-    dbs->fd = dbs_fd;
-
-    return dbs;
-loser:
-    if (db) {
-	(*db->close)(db);
-    }
-    if (dbsp) {
-	if (dbsp->blobdir) {
-	    PORT_Free(dbsp->blobdir);
-	}
-	PORT_Free(dbsp);
-    }
-    return NULL;
-}

mozilla/security/nss/lib/softoken/legacydb/keydbi.h

@@ -1,86 +0,0 @@
-/*
- * private.h - Private data structures for the software token library
- *
- * ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-/* $Id: keydbi.h,v 1.1.2.1 2007-04-03 22:50:02 rrelyea%redhat.com Exp $ */
-
-#ifndef _KEYDBI_H_
-#define _KEYDBI_H_
-
-#include "nspr.h"
-#include "seccomon.h"
-#include "mcom_db.h"
-
-/*
- * Handle structure for open key databases
- */
-struct NSSLOWKEYDBHandleStr {
-    DB *db;
-    DB *updatedb;		/* used when updating an old version */
-    SECItem *global_salt;	/* password hashing salt for this db */
-    int version;		/* version of the database */
-    char *appname;		/* multiaccess app name */
-    char *dbname;		/* name of the openned DB */
-    PRBool readOnly;		/* is the DB read only */
-    PRLock *lock;
-    PRInt32 ref;		/* reference count */
-};
-
-/*
-** Typedef for callback for traversing key database.
-**      "key" is the key used to index the data in the database (nickname)
-**      "data" is the key data
-**      "pdata" is the user's data 
-*/
-typedef SECStatus (* NSSLOWKEYTraverseKeysFunc)(DBT *key, DBT *data, void *pdata);
-
-
-SEC_BEGIN_PROTOS
-
-/*
-** Traverse the entire key database, and pass the nicknames and keys to a 
-** user supplied function.
-**      "f" is the user function to call for each key
-**      "udata" is the user's data, which is passed through to "f"
-*/
-extern SECStatus nsslowkey_TraverseKeys(NSSLOWKEYDBHandle *handle, 
-				NSSLOWKEYTraverseKeysFunc f,
-				void *udata);
-
-SEC_END_PROTOS
-
-#endif /* _KEYDBI_H_ */

mozilla/security/nss/lib/softoken/legacydb/lgcreate.c

@@ -1,955 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *   Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-#include "secitem.h"
-#include "pkcs11.h"
-#include "lgdb.h" 
-#include "pcert.h"
-#include "lowkeyi.h"
-#include "blapi.h"
-#include "secder.h"
-
-#include "keydbi.h" 
-
-/*
- * ******************** Object Creation Utilities ***************************
- */
-
-/*
- * check the consistancy and initialize a Certificate Object 
- */
-static CK_RV
-lg_createCertObject(SDB *sdb, CK_OBJECT_HANDLE *handle,
-			const CK_ATTRIBUTE *templ, CK_ULONG count)
-{
-    SECItem derCert;
-    NSSLOWCERTCertificate *cert;
-    NSSLOWCERTCertTrust *trust = NULL;
-    NSSLOWCERTCertTrust userTrust = 
-		{ CERTDB_USER, CERTDB_USER, CERTDB_USER };
-    NSSLOWCERTCertTrust defTrust = 
-		{ CERTDB_TRUSTED_UNKNOWN, 
-			CERTDB_TRUSTED_UNKNOWN, CERTDB_TRUSTED_UNKNOWN };
-    char *label = NULL;
-    char *email = NULL;
-    SECStatus rv;
-    PRBool inDB = PR_TRUE;
-    NSSLOWCERTCertDBHandle *certHandle = lg_getCertDB(sdb);
-    NSSLOWKEYDBHandle *keyHandle = NULL;
-    CK_CERTIFICATE_TYPE type;
-    const CK_ATTRIBUTE *attribute;
-
-    /* we can't store any certs private */
-    if (lg_isTrue(CKA_PRIVATE, templ, count)) {
-	return CKR_ATTRIBUTE_VALUE_INVALID;
-    }
-	
-    /* We only support X.509 Certs for now */
-    attribute = lg_FindAttribute(CKA_CERTIFICATE_TYPE, templ, count);
-    if (attribute == NULL) return CKR_TEMPLATE_INCOMPLETE;
-    type = *(CK_CERTIFICATE_TYPE *)attribute->pValue;
-
-    if (type != CKC_X_509) {
-	return CKR_ATTRIBUTE_VALUE_INVALID;
-    }
-
-    /* X.509 Certificate */
-    
-
-    if (certHandle == NULL) {
-	return CKR_TOKEN_WRITE_PROTECTED;
-    }
-
-    /* get the der cert */ 
-    attribute = lg_FindAttribute(CKA_VALUE, templ, count);
-    if (!attribute) {
-	return CKR_ATTRIBUTE_VALUE_INVALID;
-    }
-
-    derCert.type = 0;
-    derCert.data = (unsigned char *)attribute->pValue;
-    derCert.len = attribute->ulValueLen ;
-
-    label = lg_getString(CKA_LABEL, templ, count);
-
-    cert =  nsslowcert_FindCertByDERCert(certHandle, &derCert);
-    if (cert == NULL) {
-	cert = nsslowcert_DecodeDERCertificate(&derCert, label);
-	inDB = PR_FALSE;
-    }
-    if (cert == NULL) {
-	if (label) PORT_Free(label);
-	return CKR_ATTRIBUTE_VALUE_INVALID;
-    }
-
-    keyHandle = lg_getKeyDB(sdb);
-    if (keyHandle) {
-	if (nsslowkey_KeyForCertExists(keyHandle,cert)) {
-	    trust = &userTrust;
-	}
-    }
-
-    if (!inDB) {
-	if (!trust) trust = &defTrust;
-	rv = nsslowcert_AddPermCert(certHandle, cert, label, trust);
-    } else {
-	rv = trust ? nsslowcert_ChangeCertTrust(certHandle,cert,trust) :
-				SECSuccess;
-    }
-
-    if (label) PORT_Free(label);
-
-    if (rv != SECSuccess) {
-	nsslowcert_DestroyCertificate(cert);
-	return CKR_DEVICE_ERROR;
-    }
-
-    /*
-     * Add a NULL S/MIME profile if necessary.
-     */
-    email = lg_getString(CKA_NETSCAPE_EMAIL, templ, count);
-    if (email) {
-	certDBEntrySMime *entry;
-
-	entry = nsslowcert_ReadDBSMimeEntry(certHandle,email);
-	if (!entry) {
-	    nsslowcert_SaveSMimeProfile(certHandle, email, 
-						&cert->derSubject, NULL, NULL);
-	} else {
-	    nsslowcert_DestroyDBEntry((certDBEntry *)entry);
-	}
-	PORT_Free(email);
-    }
-    *handle=lg_mkHandle(sdb,&cert->certKey,LG_TOKEN_TYPE_CERT);
-    nsslowcert_DestroyCertificate(cert);
-
-    return CKR_OK;
-}
-
-unsigned int
-lg_MapTrust(CK_TRUST trust, PRBool clientAuth)
-{
-    unsigned int trustCA = clientAuth ? CERTDB_TRUSTED_CLIENT_CA :
-							CERTDB_TRUSTED_CA;
-    switch (trust) {
-    case CKT_NETSCAPE_TRUSTED:
-	return CERTDB_VALID_PEER|CERTDB_TRUSTED;
-    case CKT_NETSCAPE_TRUSTED_DELEGATOR:
-	return CERTDB_VALID_CA|trustCA;
-    case CKT_NETSCAPE_UNTRUSTED:
-	return CERTDB_NOT_TRUSTED;
-    case CKT_NETSCAPE_MUST_VERIFY:
-	return 0;
-    case CKT_NETSCAPE_VALID: /* implies must verify */
-	return CERTDB_VALID_PEER;
-    case CKT_NETSCAPE_VALID_DELEGATOR: /* implies must verify */
-	return CERTDB_VALID_CA;
-    default:
-	break;
-    }
-    return CERTDB_TRUSTED_UNKNOWN;
-}
-    
-	
-/*
- * check the consistancy and initialize a Trust Object 
- */
-static CK_RV
-lg_createTrustObject(SDB *sdb, CK_OBJECT_HANDLE *handle,
-			const CK_ATTRIBUTE *templ, CK_ULONG count)
-{
-    const CK_ATTRIBUTE *issuer = NULL;
-    const CK_ATTRIBUTE *serial = NULL;
-    NSSLOWCERTCertificate *cert = NULL;
-    const CK_ATTRIBUTE *trust;
-    CK_TRUST sslTrust = CKT_NETSCAPE_TRUST_UNKNOWN;
-    CK_TRUST clientTrust = CKT_NETSCAPE_TRUST_UNKNOWN;
-    CK_TRUST emailTrust = CKT_NETSCAPE_TRUST_UNKNOWN;
-    CK_TRUST signTrust = CKT_NETSCAPE_TRUST_UNKNOWN;
-    CK_BBOOL stepUp;
-    NSSLOWCERTCertTrust dbTrust = { 0 };
-    SECStatus rv;
-    NSSLOWCERTCertDBHandle *certHandle = lg_getCertDB(sdb);
-    NSSLOWCERTIssuerAndSN issuerSN;
-
-    /* we can't store any certs private */
-    if (lg_isTrue(CKA_PRIVATE, templ, count)) {
-	return CKR_ATTRIBUTE_VALUE_INVALID;
-    }
-
-    if (certHandle == NULL) {
-	return CKR_TOKEN_WRITE_PROTECTED;
-    }
-
-    issuer = lg_FindAttribute(CKA_ISSUER, templ, count);
-    serial = lg_FindAttribute(CKA_SERIAL_NUMBER, templ, count);
-
-    if (issuer && serial) {
-	issuerSN.derIssuer.data = (unsigned char *)issuer->pValue;
-	issuerSN.derIssuer.len = issuer->ulValueLen ;
-
-	issuerSN.serialNumber.data = (unsigned char *)serial->pValue;
-	issuerSN.serialNumber.len = serial->ulValueLen ;
-
-	cert = nsslowcert_FindCertByIssuerAndSN(certHandle,&issuerSN);
-    }
-
-    if (cert == NULL) {
-	return CKR_ATTRIBUTE_VALUE_INVALID;
-    }
-	
-    lg_GetULongAttribute(CKA_TRUST_SERVER_AUTH, templ, count, &sslTrust);
-    lg_GetULongAttribute(CKA_TRUST_CLIENT_AUTH, templ, count, &clientTrust);
-    lg_GetULongAttribute(CKA_TRUST_EMAIL_PROTECTION, templ, count, &emailTrust);
-    lg_GetULongAttribute(CKA_TRUST_CODE_SIGNING, templ, count, &signTrust);
-    stepUp = CK_FALSE;
-    trust = lg_FindAttribute(CKA_TRUST_STEP_UP_APPROVED, templ, count);
-    if (trust) {
-	if (trust->ulValueLen == sizeof(CK_BBOOL)) {
-	    stepUp = *(CK_BBOOL*)trust->pValue;
-	}
-    }
-
-    /* preserve certain old fields */
-    if (cert->trust) {
-	dbTrust.sslFlags = cert->trust->sslFlags & CERTDB_PRESERVE_TRUST_BITS;
-	dbTrust.emailFlags=
-			cert->trust->emailFlags & CERTDB_PRESERVE_TRUST_BITS;
-	dbTrust.objectSigningFlags = 
-		cert->trust->objectSigningFlags & CERTDB_PRESERVE_TRUST_BITS;
-    }
-
-    dbTrust.sslFlags |= lg_MapTrust(sslTrust,PR_FALSE);
-    dbTrust.sslFlags |= lg_MapTrust(clientTrust,PR_TRUE);
-    dbTrust.emailFlags |= lg_MapTrust(emailTrust,PR_FALSE);
-    dbTrust.objectSigningFlags |= lg_MapTrust(signTrust,PR_FALSE);
-    if (stepUp) {
-	dbTrust.sslFlags |= CERTDB_GOVT_APPROVED_CA;
-    }
-
-    rv = nsslowcert_ChangeCertTrust(certHandle,cert,&dbTrust);
-    *handle=lg_mkHandle(sdb,&cert->certKey,LG_TOKEN_TYPE_TRUST);
-    nsslowcert_DestroyCertificate(cert);
-    if (rv != SECSuccess) {
-	return CKR_DEVICE_ERROR;
-    }
-
-    return CKR_OK;
-}
-
-/*
- * check the consistancy and initialize a Trust Object 
- */
-static CK_RV
-lg_createSMimeObject(SDB *sdb, CK_OBJECT_HANDLE *handle,
-			const CK_ATTRIBUTE *templ, CK_ULONG count)
-{
-    SECItem derSubj,rawProfile,rawTime,emailKey;
-    SECItem *pRawProfile = NULL;
-    SECItem *pRawTime = NULL;
-    char *email = NULL;
-    const CK_ATTRIBUTE *subject = NULL,
-		 *profile = NULL,
-		 *time    = NULL;
-    SECStatus rv;
-    NSSLOWCERTCertDBHandle *certHandle;
-    CK_RV ck_rv = CKR_OK;
-
-    /* we can't store any certs private */
-    if (lg_isTrue(CKA_PRIVATE,templ,count)) {
-	return CKR_ATTRIBUTE_VALUE_INVALID;
-    }
-
-    certHandle = lg_getCertDB(sdb);
-    if (certHandle == NULL) {
-	return CKR_TOKEN_WRITE_PROTECTED;
-    }
-
-    /* lookup SUBJECT */
-    subject = lg_FindAttribute(CKA_SUBJECT,templ,count);
-    PORT_Assert(subject);
-    if (!subject) {
-	ck_rv = CKR_ATTRIBUTE_VALUE_INVALID;
-	goto loser;
-    }
-
-    derSubj.data = (unsigned char *)subject->pValue;
-    derSubj.len = subject->ulValueLen ;
-    derSubj.type = 0;
-
-    /* lookup VALUE */
-    profile = lg_FindAttribute(CKA_VALUE,templ,count);
-    if (profile) {
-	rawProfile.data = (unsigned char *)profile->pValue;
-	rawProfile.len = profile->ulValueLen ;
-	rawProfile.type = siBuffer;
-	pRawProfile = &rawProfile;
-    }
-
-    /* lookup Time */
-    time = lg_FindAttribute(CKA_NETSCAPE_SMIME_TIMESTAMP,templ,count);
-    if (time) {
-	rawTime.data = (unsigned char *)time->pValue;
-	rawTime.len = time->ulValueLen ;
-	rawTime.type = siBuffer;
-	pRawTime = &rawTime;
-    }
-
-
-    email = lg_getString(CKA_NETSCAPE_EMAIL,templ,count);
-    if (!email) {
-	ck_rv = CKR_ATTRIBUTE_VALUE_INVALID;
-	goto loser;
-    }
-
-    /* Store S/MIME Profile by SUBJECT */
-    rv = nsslowcert_SaveSMimeProfile(certHandle, email, &derSubj, 
-				pRawProfile,pRawTime);
-    if (rv != SECSuccess) {
-	ck_rv = CKR_DEVICE_ERROR;
-	goto loser;
-    }
-    emailKey.data = (unsigned char *)email;
-    emailKey.len = PORT_Strlen(email)+1;
-
-    *handle = lg_mkHandle(sdb, &emailKey, LG_TOKEN_TYPE_SMIME);
-
-loser:
-    if (email)   PORT_Free(email);
-
-    return ck_rv;
-}
-
-/*
- * check the consistancy and initialize a Trust Object 
- */
-static CK_RV
-lg_createCrlObject(SDB *sdb, CK_OBJECT_HANDLE *handle,
-			const CK_ATTRIBUTE *templ, CK_ULONG count)
-{
-    PRBool isKRL = PR_FALSE;
-    SECItem derSubj,derCrl;
-    char *url = NULL;
-    const CK_ATTRIBUTE *subject,*crl;
-    SECStatus rv;
-    NSSLOWCERTCertDBHandle *certHandle;
-
-    certHandle = lg_getCertDB(sdb);
-
-    /* we can't store any private crls */
-    if (lg_isTrue(CKA_PRIVATE,templ,count)) {
-	return CKR_ATTRIBUTE_VALUE_INVALID;
-    }
-
-    if (certHandle == NULL) {
-	return CKR_TOKEN_WRITE_PROTECTED;
-    }
-
-    /* lookup SUBJECT */
-    subject = lg_FindAttribute(CKA_SUBJECT,templ,count);
-    if (!subject) {
-	 return CKR_ATTRIBUTE_VALUE_INVALID;
-    }
-
-    derSubj.data = (unsigned char *)subject->pValue;
-    derSubj.len = subject->ulValueLen ;
-
-    /* lookup VALUE */
-    crl = lg_FindAttribute(CKA_VALUE,templ,count);
-    PORT_Assert(crl);
-    if (!crl) {
-	 return CKR_ATTRIBUTE_VALUE_INVALID;
-    }
-    derCrl.data = (unsigned char *)crl->pValue;
-    derCrl.len = crl->ulValueLen ;
-
-    url = lg_getString(CKA_NETSCAPE_URL,templ,count);
-    isKRL = lg_isTrue(CKA_NETSCAPE_KRL,templ,count);
-
-    /* Store CRL by SUBJECT */
-    rv = nsslowcert_AddCrl(certHandle, &derCrl, &derSubj, url, isKRL);
-
-    if (url) {
-	PORT_Free(url);
-    }
-    if (rv != SECSuccess) {
-	return CKR_DEVICE_ERROR;
-    }
-
-    /* if we overwrote the existing CRL, poison the handle entry so we get
-     * a new object handle */
-    (void) lg_poisonHandle(sdb, &derSubj,
-			isKRL ? LG_TOKEN_KRL_HANDLE : LG_TOKEN_TYPE_CRL);
-    *handle = lg_mkHandle(sdb, &derSubj,
-			isKRL ? LG_TOKEN_KRL_HANDLE : LG_TOKEN_TYPE_CRL);
-
-    return CKR_OK;
-}
-
-/*
- * check the consistancy and initialize a Public Key Object 
- */
-static CK_RV
-lg_createPublicKeyObject(SDB *sdb, CK_KEY_TYPE key_type,
-     CK_OBJECT_HANDLE *handle, const CK_ATTRIBUTE *templ, CK_ULONG count)
-{
-    CK_ATTRIBUTE_TYPE pubKeyAttr = CKA_VALUE;
-    CK_RV crv;
-    NSSLOWKEYPrivateKey *priv;
-    SECItem pubKey;
-    NSSLOWKEYDBHandle *keyHandle = NULL;
-
-    switch (key_type) {
-    case CKK_RSA:
-	pubKeyAttr = CKA_MODULUS;
-	break;
-#ifdef NSS_ENABLE_ECC
-    case CKK_EC:
-	pubKeyAttr = CKA_EC_POINT;
-	break;
-#endif /* NSS_ENABLE_ECC */
-    case CKK_DSA:
-    case CKK_DH:
-	break;
-    default:
-	return CKR_ATTRIBUTE_VALUE_INVALID;
-    }
-
-
-    crv = lg_Attribute2SSecItem(NULL,pubKeyAttr,templ,count,&pubKey);
-    if (crv != CKR_OK) return crv;
-
-    PORT_Assert(pubKey.data);
-    keyHandle = lg_getKeyDB(sdb);
-    if (keyHandle == NULL) {
-	PORT_Free(pubKey.data);
-	return CKR_TOKEN_WRITE_PROTECTED;
-    }
-    if (keyHandle->version != 3) {
-	unsigned char buf[SHA1_LENGTH];
-	SHA1_HashBuf(buf,pubKey.data,pubKey.len);
-	PORT_Memcpy(pubKey.data,buf,sizeof(buf));
-	pubKey.len = sizeof(buf);
-    }
-    /* make sure the associated private key already exists */
-    /* only works if we are logged in */
-    priv = nsslowkey_FindKeyByPublicKey(keyHandle, &pubKey, sdb /*password*/);
-    if (priv == NULL) {
-	PORT_Free(pubKey.data);
-	return crv;
-    }
-    nsslowkey_DestroyPrivateKey(priv);
-
-    *handle = lg_mkHandle(sdb, &pubKey, LG_TOKEN_TYPE_PUB);
-    PORT_Free(pubKey.data);
-
-    return CKR_OK;
-}
-
-/* make a private key from a verified object */
-static NSSLOWKEYPrivateKey *
-lg_mkPrivKey(SDB *sdb, const CK_ATTRIBUTE *templ, CK_ULONG count,
-	     CK_KEY_TYPE key_type, CK_RV *crvp)
-{
-    NSSLOWKEYPrivateKey *privKey;
-    PLArenaPool *arena;
-    CK_RV crv = CKR_OK;
-    SECStatus rv;
-
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if (arena == NULL) {
-	*crvp = CKR_HOST_MEMORY;
-	return NULL;
-    }
-
-    privKey = (NSSLOWKEYPrivateKey *)
-			PORT_ArenaZAlloc(arena,sizeof(NSSLOWKEYPrivateKey));
-    if (privKey == NULL)  {
-	PORT_FreeArena(arena,PR_FALSE);
-	*crvp = CKR_HOST_MEMORY;
-	return NULL;
-    }
-
-    /* in future this would be a switch on key_type */
-    privKey->arena = arena;
-    switch (key_type) {
-    case CKK_RSA:
-	privKey->keyType = NSSLOWKEYRSAKey;
-	crv=lg_Attribute2SSecItem(arena,CKA_MODULUS,templ,count,
-					&privKey->u.rsa.modulus);
-	if (crv != CKR_OK) break;
-	crv=lg_Attribute2SSecItem(arena,CKA_PUBLIC_EXPONENT,templ,count,
-					&privKey->u.rsa.publicExponent);
-	if (crv != CKR_OK) break;
-	crv=lg_PrivAttr2SSecItem(arena,CKA_PRIVATE_EXPONENT,templ,count,
-				&privKey->u.rsa.privateExponent, sdb);
-	if (crv != CKR_OK) break;
-	crv=lg_PrivAttr2SSecItem(arena,CKA_PRIME_1,templ,count,
-					&privKey->u.rsa.prime1, sdb);
-	if (crv != CKR_OK) break;
-	crv=lg_PrivAttr2SSecItem(arena,CKA_PRIME_2,templ,count,
-					&privKey->u.rsa.prime2, sdb);
-	if (crv != CKR_OK) break;
-	crv=lg_PrivAttr2SSecItem(arena,CKA_EXPONENT_1,templ,count,
-					&privKey->u.rsa.exponent1, sdb);
-	if (crv != CKR_OK) break;
-	crv=lg_PrivAttr2SSecItem(arena,CKA_EXPONENT_2,templ,count,
-					&privKey->u.rsa.exponent2, sdb);
-	if (crv != CKR_OK) break;
-	crv=lg_PrivAttr2SSecItem(arena,CKA_COEFFICIENT,templ,count,
-					&privKey->u.rsa.coefficient, sdb);
-	if (crv != CKR_OK) break;
-        rv = DER_SetUInteger(privKey->arena, &privKey->u.rsa.version,
-                          NSSLOWKEY_VERSION);
-	if (rv != SECSuccess) crv = CKR_HOST_MEMORY;
-	break;
-
-    case CKK_DSA:
-	privKey->keyType = NSSLOWKEYDSAKey;
-	crv = lg_Attribute2SSecItem(arena,CKA_PRIME,templ,count,
-					&privKey->u.dsa.params.prime);
-    	if (crv != CKR_OK) break;
-	crv = lg_Attribute2SSecItem(arena,CKA_SUBPRIME,templ,count,
-					&privKey->u.dsa.params.subPrime);
-    	if (crv != CKR_OK) break;
-	crv = lg_Attribute2SSecItem(arena,CKA_BASE,templ,count,
-					&privKey->u.dsa.params.base);
-    	if (crv != CKR_OK) break;
-    	crv = lg_PrivAttr2SSecItem(arena,CKA_VALUE,templ,count,
-					&privKey->u.dsa.privateValue, sdb);
-    	if (crv != CKR_OK) break;
-	if (lg_hasAttribute(CKA_NETSCAPE_DB, templ,count)) {
-	    crv = lg_Attribute2SSecItem(arena, CKA_NETSCAPE_DB,templ,count,
-						&privKey->u.dsa.publicValue);
-	    /* privKey was zero'd so public value is already set to NULL, 0
-	     * if we don't set it explicitly */
-	}
-	break;
-
-    case CKK_DH:
-	privKey->keyType = NSSLOWKEYDHKey;
-	crv = lg_Attribute2SSecItem(arena,CKA_PRIME,templ,count,
-					&privKey->u.dh.prime);
-    	if (crv != CKR_OK) break;
-	crv = lg_Attribute2SSecItem(arena,CKA_BASE,templ,count,
-					&privKey->u.dh.base);
-    	if (crv != CKR_OK) break;
-    	crv = lg_PrivAttr2SSecItem(arena,CKA_VALUE,templ,count,
-					&privKey->u.dh.privateValue, sdb);
-    	if (crv != CKR_OK) break;
-	if (lg_hasAttribute(CKA_NETSCAPE_DB, templ, count)) {
-	    crv = lg_Attribute2SSecItem(arena, CKA_NETSCAPE_DB,templ,count,
-					&privKey->u.dh.publicValue);
-	    /* privKey was zero'd so public value is already set to NULL, 0
-	     * if we don't set it explicitly */
-	}
-	break;
-
-#ifdef NSS_ENABLE_ECC
-    case CKK_EC:
-	privKey->keyType = NSSLOWKEYECKey;
-	crv = lg_Attribute2SSecItem(arena, CKA_EC_PARAMS,templ,count,
-	                              &privKey->u.ec.ecParams.DEREncoding);
-    	if (crv != CKR_OK) break;
-
-	/* Fill out the rest of the ecParams structure
-	 * based on the encoded params
-	 */
-	if (LGEC_FillParams(arena, &privKey->u.ec.ecParams.DEREncoding,
-		    &privKey->u.ec.ecParams) != SECSuccess) {
-	    crv = CKR_DOMAIN_PARAMS_INVALID;
-	    break;
-	}
-	crv = lg_PrivAttr2SSecItem(arena,CKA_VALUE,templ,count,
-					&privKey->u.ec.privateValue, sdb);
-	if (crv != CKR_OK) break;
-	if (lg_hasAttribute(CKA_NETSCAPE_DB,templ,count)) {
-	    crv = lg_Attribute2SSecItem(arena, CKA_NETSCAPE_DB,templ,count,
-					&privKey->u.ec.publicValue);
-	    if (crv != CKR_OK) break;
-	    /* privKey was zero'd so public value is already set to NULL, 0
-	     * if we don't set it explicitly */
-	}
-        rv = DER_SetUInteger(privKey->arena, &privKey->u.ec.version,
-                          NSSLOWKEY_EC_PRIVATE_KEY_VERSION);
-	if (rv != SECSuccess) crv = CKR_HOST_MEMORY;
-	break;
-#endif /* NSS_ENABLE_ECC */
-
-    default:
-	crv = CKR_KEY_TYPE_INCONSISTENT;
-	break;
-    }
-    *crvp = crv;
-    if (crv != CKR_OK) {
-	PORT_FreeArena(arena,PR_FALSE);
-	return NULL;
-    }
-    return privKey;
-}
-
-/*
- * check the consistancy and initialize a Private Key Object 
- */
-static CK_RV
-lg_createPrivateKeyObject(SDB *sdb, CK_KEY_TYPE key_type,
-     CK_OBJECT_HANDLE *handle, const CK_ATTRIBUTE *templ, CK_ULONG count)
-{
-    NSSLOWKEYPrivateKey *privKey;
-    char *label;
-    SECStatus rv = SECSuccess;
-    CK_RV crv = CKR_DEVICE_ERROR;
-    SECItem pubKey;
-    NSSLOWKEYDBHandle *keyHandle = lg_getKeyDB(sdb);
-
-    if (keyHandle == NULL) {
-	return CKR_TOKEN_WRITE_PROTECTED;
-    }
-
-    privKey=lg_mkPrivKey(sdb, templ,count,key_type,&crv);
-    if (privKey == NULL) return crv;
-    label = lg_getString(CKA_LABEL,templ,count);
-
-    crv = lg_Attribute2SSecItem(NULL,CKA_NETSCAPE_DB,templ,count,&pubKey);
-    if (crv != CKR_OK) {
-	crv = CKR_TEMPLATE_INCOMPLETE;
-	rv = SECFailure;
-	goto fail;
-    }
-#ifdef notdef
-    if (keyHandle->version != 3) {
-	unsigned char buf[SHA1_LENGTH];
-	SHA1_HashBuf(buf,pubKey.data,pubKey.len);
-	PORT_Memcpy(pubKey.data,buf,sizeof(buf));
-	pubKey.len = sizeof(buf);
-    }
-#endif
-    /* get the key type */
-    if (key_type == CKK_RSA) {
-	rv = RSA_PrivateKeyCheck(&privKey->u.rsa);
-	if (rv == SECFailure) {
-	    goto fail;
-	}
-    }
-    rv = nsslowkey_StoreKeyByPublicKey(keyHandle, privKey, &pubKey, 
-					   label, sdb /*->password*/);
-
-fail:
-    if (label) PORT_Free(label);
-    *handle = lg_mkHandle(sdb,&pubKey,LG_TOKEN_TYPE_PRIV);
-    if (pubKey.data) PORT_Free(pubKey.data);
-    nsslowkey_DestroyPrivateKey(privKey);
-    if (rv != SECSuccess) return crv;
-
-    return CKR_OK;
-}
-
-
-#define LG_KEY_MAX_RETRIES 10 /* don't hang if we are having problems with the rng */
-#define LG_KEY_ID_SIZE 18 /* don't use either SHA1 or MD5 sizes */
-/*
- * Secret keys must have a CKA_ID value to be stored in the database. This code
- * will generate one if there wasn't one already. 
- */
-static CK_RV
-lg_GenerateSecretCKA_ID(NSSLOWKEYDBHandle *handle, SECItem *id, char *label)
-{
-    unsigned int retries;
-    SECStatus rv = SECSuccess;
-    CK_RV crv = CKR_OK;
-
-    id->data = NULL;
-    if (label) {
-	id->data = (unsigned char *)PORT_Strdup(label);
-	if (id->data == NULL) {
-	    return CKR_HOST_MEMORY;
-	}
-	id->len = PORT_Strlen(label)+1;
-	if (!nsslowkey_KeyForIDExists(handle,id)) { 
-	    return CKR_OK;
-	}
-	PORT_Free(id->data);
-	id->data = NULL;
-	id->len = 0;
-    }
-    id->data = (unsigned char *)PORT_Alloc(LG_KEY_ID_SIZE);
-    if (id->data == NULL) {
-	return CKR_HOST_MEMORY;
-    }
-    id->len = LG_KEY_ID_SIZE;
-
-    retries = 0;
-    do {
-	rv = RNG_GenerateGlobalRandomBytes(id->data,id->len);
-    } while (rv == SECSuccess && nsslowkey_KeyForIDExists(handle,id) && 
-				(++retries <= LG_KEY_MAX_RETRIES));
-
-    if ((rv != SECSuccess) || (retries > LG_KEY_MAX_RETRIES)) {
-	crv = CKR_DEVICE_ERROR; /* random number generator is bad */
-	PORT_Free(id->data);
-	id->data = NULL;
-	id->len = 0;
-    }
-    return crv;
-}
-
-
-static NSSLOWKEYPrivateKey *lg_mkSecretKeyRep(const CK_ATTRIBUTE *templ,
-		 CK_ULONG count, CK_KEY_TYPE key_type, 
-		 SECItem *pubkey, SDB *sdbpw)
-{
-    NSSLOWKEYPrivateKey *privKey = 0;
-    PLArenaPool *arena = 0;
-    CK_KEY_TYPE keyType;
-    PRUint32 keyTypeStorage;
-    SECItem keyTypeItem;
-    CK_RV crv;
-    SECStatus rv;
-    static unsigned char derZero[1] = { 0 };
-
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if (arena == NULL) { crv = CKR_HOST_MEMORY; goto loser; }
-
-    privKey = (NSSLOWKEYPrivateKey *)
-			PORT_ArenaZAlloc(arena,sizeof(NSSLOWKEYPrivateKey));
-    if (privKey == NULL) { crv = CKR_HOST_MEMORY; goto loser; }
-
-    privKey->arena = arena;
-
-    /* Secret keys are represented in the database as "fake" RSA keys.  
-     * The RSA key is marked as a secret key representation by setting the 
-     * public exponent field to 0, which is an invalid RSA exponent.  
-     * The other fields are set as follows:
-     *   modulus - CKA_ID value for the secret key
-     *   private exponent - CKA_VALUE (the key itself)
-     *   coefficient - CKA_KEY_TYPE, which indicates what encryption algorithm
-     *      is used for the key.
-     *   all others - set to integer 0
-     */
-    privKey->keyType = NSSLOWKEYRSAKey;
-
-    /* The modulus is set to the key id of the symmetric key */
-    crv = lg_Attribute2SecItem(arena, CKA_ID, templ, count, 
-				&privKey->u.rsa.modulus);
-    if (crv != CKR_OK) goto loser;
-
-    /* The public exponent is set to 0 length to indicate a special key */
-    privKey->u.rsa.publicExponent.len = sizeof derZero;
-    privKey->u.rsa.publicExponent.data = derZero;
-
-    /* The private exponent is the actual key value */
-    crv = lg_PrivAttr2SecItem(arena, CKA_VALUE, templ, count,
-				&privKey->u.rsa.privateExponent, sdbpw);
-    if (crv != CKR_OK) goto loser;
-
-    /* All other fields empty - needs testing */
-    privKey->u.rsa.prime1.len = sizeof derZero;
-    privKey->u.rsa.prime1.data = derZero;
-
-    privKey->u.rsa.prime2.len = sizeof derZero;
-    privKey->u.rsa.prime2.data = derZero;
-
-    privKey->u.rsa.exponent1.len = sizeof derZero;
-    privKey->u.rsa.exponent1.data = derZero;
-
-    privKey->u.rsa.exponent2.len = sizeof derZero;
-    privKey->u.rsa.exponent2.data = derZero;
-
-    /* Coeficient set to KEY_TYPE */
-    crv = lg_GetULongAttribute(CKA_KEY_TYPE, templ, count, &keyType);
-    if (crv != CKR_OK) goto loser; 
-    /* on 64 bit platforms, we still want to store 32 bits of keyType (This is
-     * safe since the PKCS #11 defines for all types are 32 bits or less). */
-    keyTypeStorage = (PRUint32) keyType;
-    keyTypeStorage = PR_htonl(keyTypeStorage);
-    keyTypeItem.data = (unsigned char *)&keyTypeStorage;
-    keyTypeItem.len = sizeof (keyTypeStorage);
-    rv = SECITEM_CopyItem(arena, &privKey->u.rsa.coefficient, &keyTypeItem);
-    if (rv != SECSuccess) {
-	crv = CKR_HOST_MEMORY;
-	goto loser;
-    }
-    
-    /* Private key version field set normally for compatibility */
-    rv = DER_SetUInteger(privKey->arena, 
-			&privKey->u.rsa.version, NSSLOWKEY_VERSION);
-    if (rv != SECSuccess) { crv = CKR_HOST_MEMORY; goto loser; }
-
-loser:
-    if (crv != CKR_OK) {
-	PORT_FreeArena(arena,PR_FALSE);
-	privKey = 0;
-    }
-
-    return privKey;
-}
-
-/*
- * check the consistancy and initialize a Secret Key Object 
- */
-static CK_RV
-lg_createSecretKeyObject(SDB *sdb, CK_KEY_TYPE key_type,
-     CK_OBJECT_HANDLE *handle, const CK_ATTRIBUTE *templ, CK_ULONG count)
-{
-    CK_RV crv;
-    NSSLOWKEYPrivateKey *privKey   = NULL;
-    NSSLOWKEYDBHandle   *keyHandle = NULL;
-    SECItem pubKey;
-    char *label = NULL;
-    SECStatus rv = SECSuccess;
-
-    pubKey.data = 0;
-
-    /* If the object is a TOKEN object, store in the database */
-    keyHandle = lg_getKeyDB(sdb);
-
-    if (keyHandle == NULL) {
-	return CKR_TOKEN_WRITE_PROTECTED;
-    }
-
-    label = lg_getString(CKA_LABEL,templ,count);
-
-    crv = lg_Attribute2SecItem(NULL,CKA_ID,templ,count,&pubKey);
-						/* Should this be ID? */
-    if (crv != CKR_OK) goto loser;
-
-    /* if we don't have an ID, generate one */
-    if (pubKey.len == 0) {
-	if (pubKey.data) { 
-	    PORT_Free(pubKey.data);
-	    pubKey.data = NULL;
-	}
-	crv = lg_GenerateSecretCKA_ID(keyHandle, &pubKey, label);
-	if (crv != CKR_OK) goto loser;
-    }
-
-    privKey = lg_mkSecretKeyRep(templ, count, key_type, &pubKey, sdb);
-    if (privKey == NULL) {
-	crv = CKR_HOST_MEMORY;
-	goto loser;
-    }
-
-    rv = nsslowkey_StoreKeyByPublicKey(keyHandle,
-			privKey, &pubKey, label, sdb /*->password*/);
-    if (rv != SECSuccess) {
-	crv = CKR_DEVICE_ERROR;
-	goto loser;
-    }
-
-    *handle = lg_mkHandle(sdb, &pubKey, LG_TOKEN_TYPE_KEY);
-
-loser:
-    if (label) PORT_Free(label);
-    if (privKey) nsslowkey_DestroyPrivateKey(privKey);
-    if (pubKey.data) PORT_Free(pubKey.data);
-
-    return crv;
-}
-
-/*
- * check the consistancy and initialize a Key Object 
- */
-static CK_RV
-lg_createKeyObject(SDB *sdb, CK_OBJECT_CLASS objclass, 
-	CK_OBJECT_HANDLE *handle, const CK_ATTRIBUTE *templ, CK_ULONG count)
-{
-    CK_RV crv;
-    CK_KEY_TYPE key_type;
-
-    /* get the key type */
-    crv = lg_GetULongAttribute(CKA_KEY_TYPE, templ, count, &key_type);
-    if (crv != CKR_OK) {
-	return crv;
-    }
-
-    switch (objclass) {
-    case CKO_PUBLIC_KEY:
-	return lg_createPublicKeyObject(sdb,key_type,handle,templ,count);
-    case CKO_PRIVATE_KEY:
-	return lg_createPrivateKeyObject(sdb,key_type,handle,templ,count);
-    case CKO_SECRET_KEY:
-	return lg_createSecretKeyObject(sdb,key_type,handle,templ,count);
-    default:
-	break;
-    }
-    return CKR_ATTRIBUTE_VALUE_INVALID;
-}
-
-/* 
- * Parse the template and create an object stored in the DB that reflects.
- * the object specified in the database.
- */
-CK_RV
-lg_CreateObject(SDB *sdb, CK_OBJECT_HANDLE *handle,
-			const CK_ATTRIBUTE *templ, CK_ULONG count)
-{
-    CK_RV crv;
-    CK_OBJECT_CLASS objclass;
-
-    /* get the object class */
-    crv = lg_GetULongAttribute(CKA_CLASS, templ, count, &objclass);
-    if (crv != CKR_OK) {
-	return crv;
-    }
-
-    /* Now handle the specific object class. 
-     */
-    switch (objclass) {
-    case CKO_CERTIFICATE:
-	crv = lg_createCertObject(sdb,handle,templ,count);
-	break;
-    case CKO_NETSCAPE_TRUST:
-	crv = lg_createTrustObject(sdb,handle,templ,count);
-	break;
-    case CKO_NETSCAPE_CRL:
-	crv = lg_createCrlObject(sdb,handle,templ,count);
-	break;
-    case CKO_NETSCAPE_SMIME:
-	crv = lg_createSMimeObject(sdb,handle,templ,count);
-	break;
-    case CKO_PRIVATE_KEY:
-    case CKO_PUBLIC_KEY:
-    case CKO_SECRET_KEY:
-	crv = lg_createKeyObject(sdb,objclass,handle,templ,count);
-	break;
-    default:
-	crv = CKR_ATTRIBUTE_VALUE_INVALID;
-	break;
-    }
-
-    return crv;
-}
-

mozilla/security/nss/lib/softoken/legacydb/lgdb.h

@@ -1,197 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-/*
- * Internal data structures and functions used by pkcs11.c
- */
-#ifndef _LGDB_H_
-#define _LGDB_H_ 1
-
-#include "nssilock.h"
-#include "seccomon.h"
-#include "secoidt.h"
-#include "lowkeyti.h"
-#include "pkcs11t.h"
-#include "sdb.h"
-#include "cdbhdl.h" 
-
-
-#define MULTIACCESS "multiaccess:"
-
-
-/* machine dependent path stuff used by dbinit.c and pk11db.c */
-#ifdef macintosh
-#define PATH_SEPARATOR ":"
-#define SECMOD_DB "Security Modules"
-#define CERT_DB_FMT "%sCertificates%s"
-#define KEY_DB_FMT "%sKey Database%s"
-#else
-#define PATH_SEPARATOR "/"
-#define SECMOD_DB "secmod.db"
-#define CERT_DB_FMT "%scert%s.db"
-#define KEY_DB_FMT "%skey%s.db"
-#endif
-
-SEC_BEGIN_PROTOS
-
-
-/* internal utility functions used by pkcs11.c */
-extern const CK_ATTRIBUTE *lg_FindAttribute(CK_ATTRIBUTE_TYPE type,
-			const CK_ATTRIBUTE *templ, CK_ULONG count);
-extern CK_RV lg_Attribute2SecItem(PLArenaPool *,CK_ATTRIBUTE_TYPE type,
-			const CK_ATTRIBUTE *templ, CK_ULONG count,
-			SECItem *item);
-extern CK_RV lg_Attribute2SSecItem(PLArenaPool *,CK_ATTRIBUTE_TYPE type,
-			const CK_ATTRIBUTE *templ, CK_ULONG count,
-			SECItem *item);
-extern CK_RV lg_PrivAttr2SecItem(PLArenaPool *,CK_ATTRIBUTE_TYPE type,
-			const CK_ATTRIBUTE *templ, CK_ULONG count,
-			SECItem *item, SDB *sdbpw);
-extern CK_RV lg_PrivAttr2SSecItem(PLArenaPool *,CK_ATTRIBUTE_TYPE type,
-			const CK_ATTRIBUTE *templ, CK_ULONG count,
-			SECItem *item, SDB *sdbpw);
-extern CK_RV lg_GetULongAttribute(CK_ATTRIBUTE_TYPE type,
-			const CK_ATTRIBUTE *templ, CK_ULONG count, 
-			CK_ULONG *out);
-extern PRBool lg_hasAttribute(CK_ATTRIBUTE_TYPE type,
-			const CK_ATTRIBUTE *templ, CK_ULONG count);
-extern PRBool lg_isTrue(CK_ATTRIBUTE_TYPE type,
-			const CK_ATTRIBUTE *templ, CK_ULONG count);
-extern PRBool lg_isSensitive(CK_ATTRIBUTE_TYPE type, CK_OBJECT_CLASS inClass);
-extern char *lg_getString(CK_ATTRIBUTE_TYPE type,
-			const CK_ATTRIBUTE *templ, CK_ULONG count);
-extern unsigned int lg_MapTrust(CK_TRUST trust, PRBool clientAuth);
-
-/* clear out all the existing object ID to database key mappings.
- * used to reinit a token */
-extern CK_RV SFTK_ClearTokenKeyHashTable(SDB *sdb);
-
-
-extern void lg_FreeSearch(SDBFind *search);
-
-NSSLOWCERTCertDBHandle *lg_getCertDB(SDB *sdb);
-NSSLOWKEYDBHandle *lg_getKeyDB(SDB *sdb);
-
-const char *lg_EvaluateConfigDir(const char *configdir, char **domain);
-
-
-/*
- * object handle modifiers
- */
-#define LG_TOKEN_MASK		0xc0000000L
-#define LG_TOKEN_TYPE_MASK	0x38000000L
-#define LG_TOKEN_TYPE_SHIFT	27
-/* keydb (high bit == 0) */
-#define LG_TOKEN_TYPE_PRIV	0x08000000L
-#define LG_TOKEN_TYPE_PUB	0x10000000L
-#define LG_TOKEN_TYPE_KEY	0x18000000L
-/* certdb (high bit == 1) */
-#define LG_TOKEN_TYPE_TRUST	0x20000000L
-#define LG_TOKEN_TYPE_CRL	0x28000000L
-#define LG_TOKEN_TYPE_SMIME	0x30000000L
-#define LG_TOKEN_TYPE_CERT	0x38000000L
-
-#define LG_TOKEN_KRL_HANDLE	(LG_TOKEN_TYPE_CRL|1)
-
-#define LG_SEARCH_BLOCK_SIZE   10
-#define LG_BUF_SPACE	  50
-#define LG_STRICT   PR_FALSE
-
-/*
- * token object utilities
- */
-void lg_addHandle(SDBFind *search, CK_OBJECT_HANDLE handle);
-PRBool lg_poisonHandle(SDB *sdb, SECItem *dbkey, CK_OBJECT_HANDLE handle);
-PRBool lg_tokenMatch(SDB *sdb, const SECItem *dbKey, CK_OBJECT_HANDLE class,
-				const CK_ATTRIBUTE *templ, CK_ULONG count);
-const SECItem *lg_lookupTokenKeyByHandle(SDB *sdb, CK_OBJECT_HANDLE handle);
-CK_OBJECT_HANDLE lg_mkHandle(SDB *sdb, SECItem *dbKey, CK_OBJECT_HANDLE class);
-SECStatus lg_deleteTokenKeyByHandle(SDB *sdb, CK_OBJECT_HANDLE handle);
-
-SECStatus lg_util_encrypt(PLArenaPool *arena, SDB *sdbpw, 
-			  SECItem *plainText, SECItem **cipherText);
-SECStatus lg_util_decrypt(SDB *sdbpw, 
-			  SECItem *cipherText, SECItem **plainText);
-PLHashTable *lg_GetHashTable(SDB *sdb);
-void lg_DBLock(SDB *sdb);
-void lg_DBUnlock(SDB *sdb);
-
-typedef void (*LGFreeFunc)(void *);
-
-
-/*
- * database functions
- */
-
-/* lg_FindObjectsInit initializes a search for token and session objects 
- * that match a template. */
-CK_RV lg_FindObjectsInit(SDB *sdb, const CK_ATTRIBUTE *pTemplate, 
-			 CK_ULONG ulCount, SDBFind **search);
-/* lg_FindObjects continues a search for token and session objects 
- * that match a template, obtaining additional object handles. */
-CK_RV lg_FindObjects(SDB *sdb, SDBFind *search, 
-    CK_OBJECT_HANDLE *phObject,CK_ULONG ulMaxObjectCount,
-    CK_ULONG *pulObjectCount);
-
-/* lg_FindObjectsFinal finishes a search for token and session objects. */
-CK_RV lg_FindObjectsFinal(SDB* lgdb, SDBFind *search);
-
-/* lg_CreateObject parses the template and create an object stored in the 
- * DB that reflects the object specified in the template.  */
-CK_RV lg_CreateObject(SDB *sdb, CK_OBJECT_HANDLE *handle,
-			const CK_ATTRIBUTE *templ, CK_ULONG count);
-
-CK_RV lg_GetAttributeValue(SDB *sdb, CK_OBJECT_HANDLE object_id, 
-				CK_ATTRIBUTE *template, CK_ULONG count);
-CK_RV lg_SetAttributeValue(SDB *sdb, CK_OBJECT_HANDLE object_id, 
-			const CK_ATTRIBUTE *template, CK_ULONG count);
-CK_RV lg_DestroyObject(SDB *sdb, CK_OBJECT_HANDLE object_id);
-
-CK_RV lg_Close(SDB *sdb);
-CK_RV lg_Reset(SDB *sdb);
-
-/*
- * The old database doesn't share and doesn't support
- * transactions.
- */
-CK_RV lg_Begin(SDB *sdb);
-CK_RV lg_Commit(SDB *sdb);
-CK_RV lg_Abort(SDB *sdb);
-CK_RV lg_GetPWEntry(SDB *sdb, SDBPasswordEntry *entry);
-CK_RV lg_PutPWEntry(SDB *sdb, SDBPasswordEntry *entry);
-
-SEC_END_PROTOS
-
-#endif /* _LGDB_H_ */

mozilla/security/nss/lib/softoken/legacydb/lgdbm.def

@@ -1,64 +0,0 @@
-;+#
-;+# ***** BEGIN LICENSE BLOCK *****
-;+# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-;+#
-;+# The contents of this file are subject to the Mozilla Public License Version
-;+# 1.1 (the "License"); you may not use this file except in compliance with
-;+# the License. You may obtain a copy of the License at
-;+# http://www.mozilla.org/MPL/
-;+#
-;+# Software distributed under the License is distributed on an "AS IS" basis,
-;+# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-;+# for the specific language governing rights and limitations under the
-;+# License.
-;+#
-;+# The Original Code is the Netscape security libraries.
-;+#
-;+# The Initial Developer of the Original Code is
-;+# Netscape Communications Corporation.
-;+# Portions created by the Initial Developer are Copyright (C) 2000
-;+# the Initial Developer. All Rights Reserved.
-;+#
-;+# Contributor(s):
-;+#   Dr Stephen Henson <stephen.henson@gemplus.com>
-;+#
-;+# Alternatively, the contents of this file may be used under the terms of
-;+# either the GNU General Public License Version 2 or later (the "GPL"), or
-;+# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-;+# in which case the provisions of the GPL or the LGPL are applicable instead
-;+# of those above. If you wish to allow use of your version of this file only
-;+# under the terms of either the GPL or the LGPL, and not to allow others to
-;+# use your version of this file under the terms of the MPL, indicate your
-;+# decision by deleting the provisions above and replace them with the notice
-;+# and other provisions required by the GPL or the LGPL. If you do not delete
-;+# the provisions above, a recipient may use your version of this file under
-;+# the terms of any one of the MPL, the GPL or the LGPL.
-;+#
-;+# ***** END LICENSE BLOCK *****
-;+#
-;+# OK, this file is meant to support SUN, LINUX, AIX and WINDOWS
-;+#   1. For all unix platforms, the string ";-"  means "remove this line"
-;+#   2. For all unix platforms, the string " DATA " will be removed from any 
-;+#	line on which it occurs.
-;+#   3. Lines containing ";+" will have ";+" removed on SUN and LINUX.
-;+#      On AIX, lines containing ";+" will be removed.  
-;+#   4. For all unix platforms, the string ";;" will thave the ";;" removed.
-;+#   5. For all unix platforms, after the above processing has taken place,
-;+#    all characters after the first ";" on the line will be removed.  
-;+#    And for AIX, the first ";" will also be removed.
-;+#  This file is passed directly to windows. Since ';' is a comment, all UNIX
-;+#   directives are hidden behind ";", ";+", and ";-"
-;+LGDBM_3.12 {       # NSS 3.12 release
-;+    global:
-LIBRARY lgdbm3 ;-
-EXPORTS ;-
-legacy_Open;
-legacy_Shutdown;
-legacy_ReadSecmodDB;
-legacy_ReleaseSecmodDBData;
-legacy_AddSecmodDB;
-legacy_DeleteSecmodDB;
-legacy_SetCryptFunctions;
-;+    local:
-;+       *;
-;+};

mozilla/security/nss/lib/softoken/legacydb/lgdestroy.c

@@ -1,144 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *   Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-/*
- * Internal PKCS #11 functions. Should only be called by pkcs11.c
- */
-#include "pkcs11.h"
-#include "lgdb.h"
-#include "pcert.h"
-#include "lowkeyi.h"
-
-/*
- * remove an object.
- */
-CK_RV
-lg_DestroyObject(SDB *sdb, CK_OBJECT_HANDLE object_id)
-{
-    CK_RV crv = CKR_OK;
-    SECStatus rv;
-    NSSLOWCERTCertificate *cert;
-    NSSLOWCERTCertTrust tmptrust;
-    PRBool isKrl;
-    NSSLOWKEYDBHandle *keyHandle;
-    NSSLOWCERTCertDBHandle *certHandle;
-    const SECItem *dbKey;
-
-    object_id &= ~LG_TOKEN_MASK;
-    dbKey = lg_lookupTokenKeyByHandle(sdb,object_id);
-    if (dbKey == NULL) {
-	return CKR_OBJECT_HANDLE_INVALID;
-    }
-
-    /* remove the objects from the real data base */
-    switch (object_id & LG_TOKEN_TYPE_MASK) {
-    case LG_TOKEN_TYPE_PRIV:
-    case LG_TOKEN_TYPE_KEY:
-	/* KEYID is the public KEY for DSA and DH, and the MODULUS for
-	 *  RSA */
-	keyHandle = lg_getKeyDB(sdb);
-	if (!keyHandle) {
-	    crv = CKR_TOKEN_WRITE_PROTECTED;
-	    break;
-	}
-	rv = nsslowkey_DeleteKey(keyHandle, dbKey);
-	if (rv != SECSuccess) {
-	    crv = CKR_DEVICE_ERROR;
-	}
-	break;
-    case LG_TOKEN_TYPE_PUB:
-	break; /* public keys only exist at the behest of the priv key */
-    case LG_TOKEN_TYPE_CERT:
-	certHandle = lg_getCertDB(sdb);
-	if (!certHandle) {
-	    crv = CKR_TOKEN_WRITE_PROTECTED;
-	    break;
-	}
-	cert = nsslowcert_FindCertByKey(certHandle,dbKey);
-	if (cert == NULL) {
-	    crv = CKR_DEVICE_ERROR;
-	    break;
-	}
-	rv = nsslowcert_DeletePermCertificate(cert);
-	if (rv != SECSuccess) {
-	    crv = CKR_DEVICE_ERROR;
-	}
-	nsslowcert_DestroyCertificate(cert);
-	break;
-    case LG_TOKEN_TYPE_CRL:
-	certHandle = lg_getCertDB(sdb);
-	if (!certHandle) {
-	    crv = CKR_TOKEN_WRITE_PROTECTED;
-	    break;
-	}
-	isKrl = (PRBool) (object_id == LG_TOKEN_KRL_HANDLE);
-	rv = nsslowcert_DeletePermCRL(certHandle, dbKey, isKrl);
-	if (rv == SECFailure) crv = CKR_DEVICE_ERROR;
-	break;
-    case LG_TOKEN_TYPE_TRUST:
-	certHandle = lg_getCertDB(sdb);
-	if (!certHandle) {
-	    crv = CKR_TOKEN_WRITE_PROTECTED;
-	    break;
-	}
-	cert = nsslowcert_FindCertByKey(certHandle, dbKey);
-	if (cert == NULL) {
-	    crv = CKR_DEVICE_ERROR;
-	    break;
-	}
-	tmptrust = *cert->trust;
-	tmptrust.sslFlags &= CERTDB_PRESERVE_TRUST_BITS;
-	tmptrust.emailFlags &= CERTDB_PRESERVE_TRUST_BITS;
-	tmptrust.objectSigningFlags &= CERTDB_PRESERVE_TRUST_BITS;
-	tmptrust.sslFlags |= CERTDB_TRUSTED_UNKNOWN;
-	tmptrust.emailFlags |= CERTDB_TRUSTED_UNKNOWN;
-	tmptrust.objectSigningFlags |= CERTDB_TRUSTED_UNKNOWN;
-	rv = nsslowcert_ChangeCertTrust(certHandle, cert, &tmptrust);
-	if (rv != SECSuccess) crv = CKR_DEVICE_ERROR;
-	nsslowcert_DestroyCertificate(cert);
-	break;
-    default:
-	break;
-    }
-    lg_DBLock(sdb);
-    lg_deleteTokenKeyByHandle(sdb,object_id);
-    lg_DBUnlock(sdb);
-
-    return crv;
-}
-
-
-

mozilla/security/nss/lib/softoken/legacydb/lgfind.c

@@ -1,941 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-#include "secitem.h"
-#include "pkcs11.h"
-#include "lgdb.h"
-#include "lowkeyi.h"
-#include "pcert.h"
-#include "blapi.h"
-
-#include "keydbi.h" 
-
-/*
- * This code maps PKCS #11 Finds to legacy database searches. This code
- * was orginally in pkcs11.c in previous versions of NSS.
- */
-
-struct SDBFindStr {
-    CK_OBJECT_HANDLE    *handles;
-    int                 size;
-    int                 index;
-    int                 array_size;
-};
-
-
-/*
- * free a search structure
- */
-void
-lg_FreeSearch(SDBFind *search)
-{
-    if (search->handles) {
-	PORT_Free(search->handles);
-    }
-    PORT_Free(search);
-}
-
-void
-lg_addHandle(SDBFind *search, CK_OBJECT_HANDLE handle)
-{
-    if (search->handles == NULL) {
-	return;
-    }
-    if (search->size >= search->array_size) {
-	search->array_size += LG_SEARCH_BLOCK_SIZE;
-	search->handles = (CK_OBJECT_HANDLE *) PORT_Realloc(search->handles,
-				 sizeof(CK_OBJECT_HANDLE)* search->array_size);
-	if (search->handles == NULL) {
-	   return;
-	}
-    }
-    search->handles[search->size] = handle;
-    search->size++;
-}
-
-/*
- * find any certs that may match the template and load them.
- */
-#define LG_CERT 	0x00000001
-#define LG_TRUST	0x00000002
-#define LG_CRL		0x00000004
-#define LG_SMIME	0x00000008
-#define LG_PRIVATE	0x00000010
-#define LG_PUBLIC	0x00000020
-#define LG_KEY		0x00000040
-
-/*
- * structure to collect key handles.
- */
-typedef struct lgEntryDataStr {
-    SDB *sdb;
-    SDBFind *searchHandles;
-    const CK_ATTRIBUTE *template;
-    CK_ULONG templ_count;
-} lgEntryData;
-
-
-static SECStatus
-lg_crl_collect(SECItem *data, SECItem *key, certDBEntryType type, void *arg)
-{
-    lgEntryData *crlData;
-    CK_OBJECT_HANDLE class_handle;
-    SDB *sdb;
-    
-    crlData = (lgEntryData *)arg;
-    sdb = crlData->sdb;
-
-    class_handle = (type == certDBEntryTypeRevocation) ? LG_TOKEN_TYPE_CRL :
-							LG_TOKEN_KRL_HANDLE;
-    if (lg_tokenMatch(sdb, key, class_handle,
-			crlData->template, crlData->templ_count)) {
-	lg_addHandle(crlData->searchHandles,
-				 lg_mkHandle(sdb,key,class_handle));
-    }
-    return(SECSuccess);
-}
-
-static void
-lg_searchCrls(SDB *sdb, SECItem *derSubject, PRBool isKrl, 
-		unsigned long classFlags, SDBFind *search,
-		const CK_ATTRIBUTE *pTemplate, CK_ULONG ulCount)
-{
-    NSSLOWCERTCertDBHandle *certHandle = NULL;
-
-    certHandle = lg_getCertDB(sdb);
-    if (certHandle == NULL) {
-	return;
-    }
-    if (derSubject->data != NULL)  {
-	certDBEntryRevocation *crl = 
-	    nsslowcert_FindCrlByKey(certHandle, derSubject, isKrl);
-
-	if (crl != NULL) {
-	    lg_addHandle(search, lg_mkHandle(sdb, derSubject,
-		isKrl ? LG_TOKEN_KRL_HANDLE : LG_TOKEN_TYPE_CRL));
-	    nsslowcert_DestroyDBEntry((certDBEntry *)crl);
-	}
-    } else {
-	lgEntryData crlData;
-
-	/* traverse */
-	crlData.sdb = sdb;
-	crlData.searchHandles = search;
-	crlData.template = pTemplate;
-	crlData.templ_count = ulCount;
-	nsslowcert_TraverseDBEntries(certHandle, certDBEntryTypeRevocation,
-		lg_crl_collect, (void *)&crlData);
-	nsslowcert_TraverseDBEntries(certHandle, certDBEntryTypeKeyRevocation,
-		lg_crl_collect, (void *)&crlData);
-    } 
-}
-
-/*
- * structure to collect key handles.
- */
-typedef struct lgKeyDataStr {
-    SDB *sdb;
-    NSSLOWKEYDBHandle *keyHandle;
-    SDBFind *searchHandles;
-    SECItem *id;
-    const CK_ATTRIBUTE *template;
-    CK_ULONG templ_count;
-    unsigned long classFlags;
-    PRBool strict;
-} lgKeyData;
-
-static PRBool
-isSecretKey(NSSLOWKEYPrivateKey *privKey)
-{
-  if (privKey->keyType == NSSLOWKEYRSAKey &&
-                privKey->u.rsa.publicExponent.len == 1 &&
-                                privKey->u.rsa.publicExponent.data[0] == 0)
-    return PR_TRUE;
-
-  return PR_FALSE;
-}
-
-
-
-static SECStatus
-lg_key_collect(DBT *key, DBT *data, void *arg)
-{
-    lgKeyData *keyData;
-    NSSLOWKEYPrivateKey *privKey = NULL;
-    SECItem tmpDBKey;
-    SDB *sdb;
-    unsigned long classFlags;
-    
-    keyData = (lgKeyData *)arg;
-    sdb = keyData->sdb;
-    classFlags = keyData->classFlags;
-
-    tmpDBKey.data = key->data;
-    tmpDBKey.len = key->size;
-    tmpDBKey.type = siBuffer;
-
-    PORT_Assert(keyData->keyHandle);
-    if (!keyData->strict && keyData->id) {
-	SECItem result;
-	PRBool haveMatch= PR_FALSE;
-	unsigned char hashKey[SHA1_LENGTH];
-	result.data = hashKey;
-	result.len = sizeof(hashKey);
-
-	if (keyData->id->len == 0) {
-	    /* Make sure this isn't a LG_KEY */
-	    privKey = nsslowkey_FindKeyByPublicKey(keyData->keyHandle, 
-					&tmpDBKey, keyData->sdb/*->password*/);
-	    if (privKey) {
-		/* turn off the unneeded class flags */
-		classFlags &= isSecretKey(privKey) ?  ~(LG_PRIVATE|LG_PUBLIC) :
-							~LG_KEY;
-		haveMatch = (PRBool)
-			((classFlags & (LG_KEY|LG_PRIVATE|LG_PUBLIC)) != 0);
-		nsslowkey_DestroyPrivateKey(privKey);
-	    }
-	} else {
-	    SHA1_HashBuf( hashKey, key->data, key->size ); /* match id */
-	    haveMatch = SECITEM_ItemsAreEqual(keyData->id,&result);
-	    if (!haveMatch && ((unsigned char *)key->data)[0] == 0) {
-		/* This is a fix for backwards compatibility.  The key
-		 * database indexes private keys by the public key, and
-		 * versions of NSS prior to 3.4 stored the public key as
-		 * a signed integer.  The public key is now treated as an
-		 * unsigned integer, with no leading zero.  In order to
-		 * correctly compute the hash of an old key, it is necessary
-		 * to fallback and detect the leading zero.
-		 */
-		SHA1_HashBuf(hashKey, 
-		             (unsigned char *)key->data + 1, key->size - 1);
-		haveMatch = SECITEM_ItemsAreEqual(keyData->id,&result);
-	    }
-	}
-	if (haveMatch) {
-	    if (classFlags & LG_PRIVATE)  {
-		lg_addHandle(keyData->searchHandles,
-			lg_mkHandle(sdb,&tmpDBKey,LG_TOKEN_TYPE_PRIV));
-	    }
-	    if (classFlags & LG_PUBLIC) {
-		lg_addHandle(keyData->searchHandles,
-			lg_mkHandle(sdb,&tmpDBKey,LG_TOKEN_TYPE_PUB));
-	    }
-	    if (classFlags & LG_KEY) {
-		lg_addHandle(keyData->searchHandles,
-			lg_mkHandle(sdb,&tmpDBKey,LG_TOKEN_TYPE_KEY));
-	    }
-	}
-	return SECSuccess;
-    }
-
-    privKey = nsslowkey_FindKeyByPublicKey(keyData->keyHandle, &tmpDBKey, 
-						 keyData->sdb/*->password*/);
-    if ( privKey == NULL ) {
-	goto loser;
-    }
-
-    if (isSecretKey(privKey)) {
-	if ((classFlags & LG_KEY) && 
-		lg_tokenMatch(keyData->sdb, &tmpDBKey, LG_TOKEN_TYPE_KEY,
-			keyData->template, keyData->templ_count)) {
-	    lg_addHandle(keyData->searchHandles,
-		lg_mkHandle(keyData->sdb, &tmpDBKey, LG_TOKEN_TYPE_KEY));
-	}
-    } else {
-	if ((classFlags & LG_PRIVATE) && 
-		lg_tokenMatch(keyData->sdb, &tmpDBKey, LG_TOKEN_TYPE_PRIV,
-			keyData->template, keyData->templ_count)) {
-	    lg_addHandle(keyData->searchHandles,
-		lg_mkHandle(keyData->sdb,&tmpDBKey,LG_TOKEN_TYPE_PRIV));
-	}
-	if ((classFlags & LG_PUBLIC) && 
-		lg_tokenMatch(keyData->sdb, &tmpDBKey, LG_TOKEN_TYPE_PUB,
-			keyData->template, keyData->templ_count)) {
-	    lg_addHandle(keyData->searchHandles,
-		lg_mkHandle(keyData->sdb, &tmpDBKey,LG_TOKEN_TYPE_PUB));
-	}
-    }
-
-loser:
-    if ( privKey ) {
-	nsslowkey_DestroyPrivateKey(privKey);
-    }
-    return(SECSuccess);
-}
-
-static void
-lg_searchKeys(SDB *sdb, SECItem *key_id,
-	unsigned long classFlags, SDBFind *search, PRBool mustStrict,
-	const CK_ATTRIBUTE *pTemplate, CK_ULONG ulCount)
-{
-    NSSLOWKEYDBHandle *keyHandle = NULL;
-    NSSLOWKEYPrivateKey *privKey;
-    lgKeyData keyData;
-    PRBool found = PR_FALSE;
-
-    keyHandle = lg_getKeyDB(sdb);
-    if (keyHandle == NULL) {
-	return;
-    }
-
-    if (key_id->data) {
-	privKey = nsslowkey_FindKeyByPublicKey(keyHandle, key_id, sdb);
-	if (privKey) {
-	    if ((classFlags & LG_KEY) && isSecretKey(privKey)) {
-    	        lg_addHandle(search,
-			lg_mkHandle(sdb,key_id,LG_TOKEN_TYPE_KEY));
-		found = PR_TRUE;
-	    }
-	    if ((classFlags & LG_PRIVATE) && !isSecretKey(privKey)) {
-    	        lg_addHandle(search,
-			lg_mkHandle(sdb,key_id,LG_TOKEN_TYPE_PRIV));
-		found = PR_TRUE;
-	    }
-	    if ((classFlags & LG_PUBLIC) && !isSecretKey(privKey)) {
-    	        lg_addHandle(search,
-			lg_mkHandle(sdb,key_id,LG_TOKEN_TYPE_PUB));
-		found = PR_TRUE;
-	    }
-    	    nsslowkey_DestroyPrivateKey(privKey);
-	}
-	/* don't do the traversal if we have an up to date db */
-	if (keyHandle->version != 3) {
-	    goto loser;
-	}
-	/* don't do the traversal if it can't possibly be the correct id */
-	/* all soft token id's are SHA1_HASH_LEN's */
-	if (key_id->len != SHA1_LENGTH) {
-	    goto loser;
-	}
-	if (found) {
-	   /* if we already found some keys, don't do the traversal */
-	   goto loser;
-	}
-    }
-    keyData.sdb = sdb;
-    keyData.keyHandle = keyHandle;
-    keyData.searchHandles = search;
-    keyData.id = key_id;
-    keyData.template = pTemplate;
-    keyData.templ_count = ulCount;
-    keyData.classFlags = classFlags;
-    keyData.strict = mustStrict ? mustStrict : LG_STRICT;
-
-    nsslowkey_TraverseKeys(keyHandle, lg_key_collect, &keyData);
-
-loser:
-    return;
-}
-
-/*
- * structure to collect certs into
- */
-typedef struct lgCertDataStr {
-    SDB *sdb;
-    int cert_count;
-    int max_cert_count;
-    NSSLOWCERTCertificate **certs;
-    const CK_ATTRIBUTE *template;
-    CK_ULONG	templ_count;
-    unsigned long classFlags;
-    PRBool	strict;
-} lgCertData;
-
-/*
- * collect all the certs from the traverse call.
- */	
-static SECStatus
-lg_cert_collect(NSSLOWCERTCertificate *cert,void *arg)
-{
-    lgCertData *cd = (lgCertData *)arg;
-
-    if (cert == NULL) {
-	return SECSuccess;
-    }
-
-    if (cd->certs == NULL) {
-	return SECFailure;
-    }
-
-    if (cd->strict) {
-	if ((cd->classFlags & LG_CERT) && !lg_tokenMatch(cd->sdb,
-	  &cert->certKey, LG_TOKEN_TYPE_CERT, cd->template,cd->templ_count)) {
-	    return SECSuccess;
-	}
-	if ((cd->classFlags & LG_TRUST) && !lg_tokenMatch(cd->sdb,
-	  &cert->certKey, LG_TOKEN_TYPE_TRUST, 
-					     cd->template, cd->templ_count)) {
-	    return SECSuccess;
-	}
-    }
-
-    /* allocate more space if we need it. This should only happen in
-     * the general traversal case */
-    if (cd->cert_count >= cd->max_cert_count) {
-	int size;
-	cd->max_cert_count += LG_SEARCH_BLOCK_SIZE;
-	size = cd->max_cert_count * sizeof (NSSLOWCERTCertificate *);
-	cd->certs = (NSSLOWCERTCertificate **)PORT_Realloc(cd->certs,size);
-	if (cd->certs == NULL) {
-	    return SECFailure;
-	}
-    }
-
-    cd->certs[cd->cert_count++] = nsslowcert_DupCertificate(cert);
-    return SECSuccess;
-}
-
-/* provide impedence matching ... */
-static SECStatus
-lg_cert_collect2(NSSLOWCERTCertificate *cert, SECItem *dymmy, void *arg)
-{
-    return lg_cert_collect(cert, arg);
-}
-
-static void
-lg_searchSingleCert(lgCertData *certData,NSSLOWCERTCertificate *cert)
-{
-    if (cert == NULL) {
-	    return;
-    }
-    if (certData->strict && 
-	!lg_tokenMatch(certData->sdb, &cert->certKey, LG_TOKEN_TYPE_CERT, 
-				certData->template,certData->templ_count)) {
-	nsslowcert_DestroyCertificate(cert);
-	return;
-    }
-    certData->certs = (NSSLOWCERTCertificate **) 
-				PORT_Alloc(sizeof (NSSLOWCERTCertificate *));
-    if (certData->certs == NULL) {
-	nsslowcert_DestroyCertificate(cert);
-	return;
-    }
-    certData->certs[0] = cert;
-    certData->cert_count = 1;
-}
-
-static void
-lg_CertSetupData(lgCertData *certData,int count)
-{
-    certData->max_cert_count = count;
-
-    if (certData->max_cert_count <= 0) {
-	return;
-    }
-    certData->certs = (NSSLOWCERTCertificate **)
-			 PORT_Alloc( count * sizeof(NSSLOWCERTCertificate *));
-    return;
-}
-
-static void
-lg_searchCertsAndTrust(SDB *sdb, SECItem *derCert, SECItem *name, 
-			SECItem *derSubject, NSSLOWCERTIssuerAndSN *issuerSN, 
-			SECItem *email,
-			unsigned long classFlags, SDBFind *handles, 
-			const CK_ATTRIBUTE *pTemplate, CK_LONG ulCount)
-{
-    NSSLOWCERTCertDBHandle *certHandle = NULL;
-    lgCertData certData;
-    int i;
-
-    certHandle = lg_getCertDB(sdb);
-    if (certHandle == NULL) return;
-
-    certData.sdb = sdb;
-    certData.max_cert_count = 0;
-    certData.certs = NULL;
-    certData.cert_count = 0;
-    certData.template = pTemplate;
-    certData.templ_count = ulCount;
-    certData.classFlags = classFlags; 
-    certData.strict = LG_STRICT; 
-
-
-    /*
-     * Find the Cert.
-     */
-    if (derCert->data != NULL) {
-	NSSLOWCERTCertificate *cert = 
-			nsslowcert_FindCertByDERCert(certHandle,derCert);
-	lg_searchSingleCert(&certData,cert);
-    } else if (name->data != NULL) {
-	char *tmp_name = (char*)PORT_Alloc(name->len+1);
-	int count;
-
-	if (tmp_name == NULL) {
-	    return;
-	}
-	PORT_Memcpy(tmp_name,name->data,name->len);
-	tmp_name[name->len] = 0;
-
-	count= nsslowcert_NumPermCertsForNickname(certHandle,tmp_name);
-	lg_CertSetupData(&certData,count);
-	nsslowcert_TraversePermCertsForNickname(certHandle,tmp_name,
-				lg_cert_collect, &certData);
-	PORT_Free(tmp_name);
-    } else if (derSubject->data != NULL) {
-	int count;
-
-	count = nsslowcert_NumPermCertsForSubject(certHandle,derSubject);
-	lg_CertSetupData(&certData,count);
-	nsslowcert_TraversePermCertsForSubject(certHandle,derSubject,
-				lg_cert_collect, &certData);
-    } else if ((issuerSN->derIssuer.data != NULL) && 
-			(issuerSN->serialNumber.data != NULL)) {
-        if (classFlags & LG_CERT) {
-	    NSSLOWCERTCertificate *cert = 
-		nsslowcert_FindCertByIssuerAndSN(certHandle,issuerSN);
-
-	    lg_searchSingleCert(&certData,cert);
-	}
-	if (classFlags & LG_TRUST) {
-	    NSSLOWCERTTrust *trust = 
-		nsslowcert_FindTrustByIssuerAndSN(certHandle, issuerSN);
-
-	    if (trust) {
-		lg_addHandle(handles,
-		    lg_mkHandle(sdb,&trust->dbKey,LG_TOKEN_TYPE_TRUST));
-		nsslowcert_DestroyTrust(trust);
-	    }
-	}
-    } else if (email->data != NULL) {
-	char *tmp_name = (char*)PORT_Alloc(email->len+1);
-	certDBEntrySMime *entry = NULL;
-
-	if (tmp_name == NULL) {
-	    return;
-	}
-	PORT_Memcpy(tmp_name,email->data,email->len);
-	tmp_name[email->len] = 0;
-
-	entry = nsslowcert_ReadDBSMimeEntry(certHandle,tmp_name);
-	if (entry) {
-	    int count;
-	    SECItem *subjectName = &entry->subjectName;
-
-	    count = nsslowcert_NumPermCertsForSubject(certHandle, subjectName);
-	    lg_CertSetupData(&certData,count);
-	    nsslowcert_TraversePermCertsForSubject(certHandle, subjectName, 
-						lg_cert_collect, &certData);
-
-	    nsslowcert_DestroyDBEntry((certDBEntry *)entry);
-	}
-	PORT_Free(tmp_name);
-    } else {
-	/* we aren't filtering the certs, we are working on all, so turn
-	 * on the strict filters. */
-	certData.strict = PR_TRUE;
-	lg_CertSetupData(&certData,LG_SEARCH_BLOCK_SIZE);
-	nsslowcert_TraversePermCerts(certHandle, lg_cert_collect2, &certData);
-    }
-
-    /*
-     * build the handles
-     */	
-    for (i=0 ; i < certData.cert_count ; i++) {
-	NSSLOWCERTCertificate *cert = certData.certs[i];
-
-	/* if we filtered it would have been on the stuff above */
-	if (classFlags & LG_CERT) {
-	    lg_addHandle(handles,
-		lg_mkHandle(sdb,&cert->certKey,LG_TOKEN_TYPE_CERT));
-	}
-	if ((classFlags & LG_TRUST) && nsslowcert_hasTrust(cert->trust)) {
-	    lg_addHandle(handles,
-		lg_mkHandle(sdb,&cert->certKey,LG_TOKEN_TYPE_TRUST));
-	}
-	nsslowcert_DestroyCertificate(cert);
-    }
-
-    if (certData.certs) PORT_Free(certData.certs);
-    return;
-}
-
-static SECStatus
-lg_smime_collect(SECItem *data, SECItem *key, certDBEntryType type, void *arg)
-{
-    lgEntryData *smimeData;
-    SDB *sdb;
-    
-    smimeData = (lgEntryData *)arg;
-    sdb = smimeData->sdb;
-
-    if (lg_tokenMatch(sdb, key, LG_TOKEN_TYPE_SMIME,
-			smimeData->template, smimeData->templ_count)) {
-	lg_addHandle(smimeData->searchHandles,
-				 lg_mkHandle(sdb,key,LG_TOKEN_TYPE_SMIME));
-    }
-    return(SECSuccess);
-}
-
-static void
-lg_searchSMime(SDB *sdb, SECItem *email, SDBFind *handles, 
-			const CK_ATTRIBUTE *pTemplate, CK_LONG ulCount)
-{
-    NSSLOWCERTCertDBHandle *certHandle = NULL;
-    certDBEntrySMime *entry;
-
-    certHandle = lg_getCertDB(sdb);
-    if (certHandle == NULL) return;
-
-    if (email->data != NULL) {
-	char *tmp_name = (char*)PORT_Alloc(email->len+1);
-
-	if (tmp_name == NULL) {
-	    return;
-	}
-	PORT_Memcpy(tmp_name,email->data,email->len);
-	tmp_name[email->len] = 0;
-
-	entry = nsslowcert_ReadDBSMimeEntry(certHandle,tmp_name);
-	if (entry) {
-	    SECItem emailKey;
-
-	    emailKey.data = (unsigned char *)tmp_name;
-	    emailKey.len = PORT_Strlen(tmp_name)+1;
-	    emailKey.type = 0;
-	    lg_addHandle(handles,
-		lg_mkHandle(sdb,&emailKey,LG_TOKEN_TYPE_SMIME));
-	    nsslowcert_DestroyDBEntry((certDBEntry *)entry);
-	}
-	PORT_Free(tmp_name);
-    } else {
-	/* traverse */
-	lgEntryData smimeData;
-
-	/* traverse */
-	smimeData.sdb = sdb;
-	smimeData.searchHandles = handles;
-	smimeData.template = pTemplate;
-	smimeData.templ_count = ulCount;
-	nsslowcert_TraverseDBEntries(certHandle, certDBEntryTypeSMimeProfile,
-		lg_smime_collect, (void *)&smimeData);
-    }
-    return;
-}
-
-static CK_RV
-lg_searchTokenList(SDB *sdb, SDBFind *search,
-	 		const CK_ATTRIBUTE *pTemplate, CK_LONG ulCount)
-{
-    int i;
-    PRBool isKrl = PR_FALSE;
-    SECItem derCert = { siBuffer, NULL, 0 };
-    SECItem derSubject = { siBuffer, NULL, 0 };
-    SECItem name = { siBuffer, NULL, 0 };
-    SECItem email = { siBuffer, NULL, 0 };
-    SECItem key_id = { siBuffer, NULL, 0 };
-    SECItem cert_sha1_hash = { siBuffer, NULL, 0 };
-    SECItem cert_md5_hash  = { siBuffer, NULL, 0 };
-    NSSLOWCERTIssuerAndSN issuerSN = {
-	{ siBuffer, NULL, 0 },
-	{ siBuffer, NULL, 0 }
-    };
-    SECItem *copy = NULL;
-    CK_CERTIFICATE_TYPE certType;
-    CK_OBJECT_CLASS objectClass;
-    CK_RV crv;
-    unsigned long classFlags = 
-	LG_CERT|LG_TRUST|LG_PRIVATE|LG_PUBLIC|LG_KEY|LG_SMIME|LG_CRL;
-
-    if (lg_getCertDB(sdb) == NULL) {
-	classFlags = LG_PRIVATE|LG_KEY;
-    } else {
-	classFlags = LG_CERT|LG_TRUST|LG_PUBLIC|LG_SMIME|LG_CRL;
-    }
-
-    /*
-     * look for things to search on token objects for. If the right options
-     * are specified, we can use them as direct indeces into the database
-     * (rather than using linear searches. We can also use the attributes to
-     * limit the kinds of objects we are searching for. Later we can use this
-     * array to filter the remaining objects more finely.
-     */
-    for (i=0 ;classFlags && i < (int)ulCount; i++) {
-
-	switch (pTemplate[i].type) {
-	case CKA_SUBJECT:
-	    copy = &derSubject;
-	    classFlags &= (LG_CERT|LG_PRIVATE|LG_PUBLIC|LG_SMIME|LG_CRL);
-	    break;
-	case CKA_ISSUER: 
-	    copy = &issuerSN.derIssuer;
-	    classFlags &= (LG_CERT|LG_TRUST);
-	    break;
-	case CKA_SERIAL_NUMBER: 
-	    copy = &issuerSN.serialNumber;
-	    classFlags &= (LG_CERT|LG_TRUST);
-	    break;
-	case CKA_VALUE:
-	    copy = &derCert;
-	    classFlags &= (LG_CERT|LG_CRL|LG_SMIME);
-	    break;
-	case CKA_LABEL:
-	    copy = &name;
-	    break;
-	case CKA_NETSCAPE_EMAIL:
-	    copy = &email;
-	    classFlags &= LG_SMIME|LG_CERT;
-	    break;
-	case CKA_NETSCAPE_SMIME_TIMESTAMP:
-	    classFlags &= LG_SMIME;
-	    break;
-	case CKA_CLASS:
-	    crv = lg_GetULongAttribute(CKA_CLASS,&pTemplate[i],1, &objectClass);
-	    if (crv != CKR_OK) {
-		classFlags = 0;
-		break;;
-	    }
-	    switch (objectClass) {
-	    case CKO_CERTIFICATE:
-		classFlags &= LG_CERT;
-		break;
-	    case CKO_NETSCAPE_TRUST:
-		classFlags &= LG_TRUST;
-		break;
-	    case CKO_NETSCAPE_CRL:
-		classFlags &= LG_CRL;
-		break;
-	    case CKO_NETSCAPE_SMIME:
-		classFlags &= LG_SMIME;
-		break;
-	    case CKO_PRIVATE_KEY:
-		classFlags &= LG_PRIVATE;
-		break;
-	    case CKO_PUBLIC_KEY:
-		classFlags &= LG_PUBLIC;
-		break;
-	    case CKO_SECRET_KEY:
-		classFlags &= LG_KEY;
-		break;
-	    default:
-		classFlags = 0;
-		break;
-	    }
-	    break;
-	case CKA_PRIVATE:
-	    if (pTemplate[i].ulValueLen != sizeof(CK_BBOOL)) {
-		classFlags = 0;
-	    }
-	    if (*((CK_BBOOL *)pTemplate[i].pValue) == CK_TRUE) {
-		classFlags &= (LG_PRIVATE|LG_KEY);
-	    } else {
-		classFlags &= ~(LG_PRIVATE|LG_KEY);
-	    }
-	    break;
-	case CKA_SENSITIVE:
-	    if (pTemplate[i].ulValueLen != sizeof(CK_BBOOL)) {
-		classFlags = 0;
-	    }
-	    if (*((CK_BBOOL *)pTemplate[i].pValue) == CK_TRUE) {
-		classFlags &= (LG_PRIVATE|LG_KEY);
-	    } else {
-		classFlags = 0;
-	    }
-	    break;
-	case CKA_TOKEN:
-	    if (pTemplate[i].ulValueLen != sizeof(CK_BBOOL)) {
-		classFlags = 0;
-	    }
-	    if (*((CK_BBOOL *)pTemplate[i].pValue) != CK_TRUE) {
-		classFlags = 0;
-	    }
-	    break;
-	case CKA_CERT_SHA1_HASH:
-	    classFlags &= LG_TRUST;
-	    copy = &cert_sha1_hash; break;
-	case CKA_CERT_MD5_HASH:
-	    classFlags &= LG_TRUST;
-	    copy = &cert_md5_hash; break;
-	case CKA_CERTIFICATE_TYPE:
-	    crv = lg_GetULongAttribute(CKA_CLASS,&pTemplate[i],1,&certType);
-	    if (crv != CKR_OK) {
-		classFlags = 0;
-	    }
-	    classFlags &= LG_CERT;
-	    if (certType != CKC_X_509) {
-		classFlags = 0;
-	    }
-	    break;
-	case CKA_ID:
-	    copy = &key_id;
-	    classFlags &= (LG_CERT|LG_PRIVATE|LG_KEY|LG_PUBLIC);
-	    break;
-	case CKA_NETSCAPE_KRL:
-	    if (pTemplate[i].ulValueLen != sizeof(CK_BBOOL)) {
-		classFlags = 0;
-	    }
-	    classFlags &= LG_CRL;
-	    isKrl = (PRBool)(*((CK_BBOOL *)pTemplate[i].pValue) == CK_TRUE);
-	    break;
-	case CKA_MODIFIABLE:
-	     break;
-	case CKA_KEY_TYPE:
-	case CKA_DERIVE:
-	    classFlags &= LG_PUBLIC|LG_PRIVATE|LG_KEY;
-	    break;
-	case CKA_VERIFY_RECOVER:
-	    classFlags &= LG_PUBLIC;
-	    break;
-	case CKA_SIGN_RECOVER:
-	    classFlags &= LG_PRIVATE;
-	    break;
-	case CKA_ENCRYPT:
-	case CKA_VERIFY:
-	case CKA_WRAP:
-	    classFlags &= LG_PUBLIC|LG_KEY;
-	    break;
-	case CKA_DECRYPT:
-	case CKA_SIGN:
-	case CKA_UNWRAP:
-	case CKA_ALWAYS_SENSITIVE:
-	case CKA_EXTRACTABLE:
-	case CKA_NEVER_EXTRACTABLE:
-	    classFlags &= LG_PRIVATE|LG_KEY;
-	    break;
-	/* can't be a certificate if it doesn't match one of the above 
-	 * attributes */
-	default: 
-	     classFlags  = 0;
-	     break;
-	}
- 	if (copy) {
-	    copy->data = (unsigned char*)pTemplate[i].pValue;
-	    copy->len = pTemplate[i].ulValueLen;
-	}
-	copy = NULL;
-    }
-
-    /* certs */
-    if (classFlags & (LG_CERT|LG_TRUST)) {
-	lg_searchCertsAndTrust(sdb,&derCert,&name,&derSubject,
-				 &issuerSN, &email,classFlags,search, 
-				pTemplate, ulCount);
-    }
-
-    /* keys */
-    if (classFlags & (LG_PRIVATE|LG_PUBLIC|LG_KEY)) {
-	PRBool mustStrict = ((classFlags & LG_KEY) != 0) && (name.len != 0);
-	lg_searchKeys(sdb, &key_id, classFlags, search,
-			 mustStrict, pTemplate, ulCount);
-    }
-
-    /* crl's */
-    if (classFlags & LG_CRL) {
-	lg_searchCrls(sdb, &derSubject, isKrl, classFlags, search,
-			pTemplate, ulCount);
-    }
-    /* Add S/MIME entry stuff */
-    if (classFlags & LG_SMIME) {
-	lg_searchSMime(sdb, &email, search, pTemplate, ulCount);
-    }
-    return CKR_OK;
-}
-	
-
-/* lg_FindObjectsInit initializes a search for token and session objects 
- * that match a template. */
-CK_RV lg_FindObjectsInit(SDB *sdb, const CK_ATTRIBUTE *pTemplate,
-			 CK_ULONG ulCount, SDBFind **retSearch)
-{
-    SDBFind *search;
-    CK_RV crv = CKR_OK;
-  
-    *retSearch = NULL; 
-
-    search = (SDBFind *)PORT_Alloc(sizeof(SDBFind));
-    if (search == NULL) {
-	crv = CKR_HOST_MEMORY;
-	goto loser;
-    }
-    search->handles = (CK_OBJECT_HANDLE *)
-		PORT_Alloc(sizeof(CK_OBJECT_HANDLE) * LG_SEARCH_BLOCK_SIZE);
-    if (search->handles == NULL) {
-	crv = CKR_HOST_MEMORY;
-	goto loser;
-    }
-    search->index = 0;
-    search->size = 0;
-    search->array_size = LG_SEARCH_BLOCK_SIZE;
-    /* FIXME - do we still need to get Login state? */
-
-    crv = lg_searchTokenList(sdb, search, pTemplate, ulCount);
-    if (crv != CKR_OK) {
-	goto loser;
-    }
-
-    *retSearch = search;
-    return CKR_OK;
-
-loser:
-    if (search) {
-	lg_FreeSearch(search);
-    }
-    return crv;
-}
-
-
-/* lg_FindObjects continues a search for token and session objects 
- * that match a template, obtaining additional object handles. */
-CK_RV lg_FindObjects(SDB *sdb, SDBFind *search, 
-    CK_OBJECT_HANDLE *phObject,CK_ULONG ulMaxObjectCount,
-    					CK_ULONG *pulObjectCount)
-{
-    int	transfer;
-    int left;
-
-    *pulObjectCount = 0;
-    left = search->size - search->index;
-    transfer = ((int)ulMaxObjectCount > left) ? left : ulMaxObjectCount;
-    if (transfer > 0) {
-	PORT_Memcpy(phObject,&search->handles[search->index],
-                                        transfer*sizeof(CK_OBJECT_HANDLE_PTR));
-    } else {
-       *phObject = CK_INVALID_HANDLE;
-    }
-
-    search->index += transfer;
-    *pulObjectCount = transfer;
-    return CKR_OK;
-}
-
-/* lg_FindObjectsFinal finishes a search for token and session objects. */
-CK_RV lg_FindObjectsFinal(SDB* lgdb, SDBFind *search)
-{
-
-    if (search != NULL) {
-	lg_FreeSearch(search);
-    }
-    return CKR_OK;
-}

mozilla/security/nss/lib/softoken/legacydb/lginit.c

@@ -1,644 +0,0 @@
-/*
- * NSS utility functions
- *
- * ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-/* $Id: lginit.c,v 1.1.2.1 2007-04-03 22:50:02 rrelyea%redhat.com Exp $ */
-
-#include "lowkeyi.h"
-#include "pcert.h"
-#include "keydbi.h"
-#include "lgdb.h"
-
-typedef struct LGPrivateStr {
-    NSSLOWCERTCertDBHandle *certDB;
-    NSSLOWKEYDBHandle *keyDB;
-    PRLock *dbLock;
-    PLHashTable *hashTable;
-} LGPrivate;
-
-static char *
-lg_certdb_name_cb(void *arg, int dbVersion)
-{
-    const char *configdir = (const char *)arg;
-    const char *dbver;
-    char *smpname = NULL;
-    char *dbname = NULL;
-
-    switch (dbVersion) {
-      case 8:
-	dbver = "8";
-	break;
-      case 7:
-	dbver = "7";
-	break;
-      case 6:
-	dbver = "6";
-	break;
-      case 5:
-	dbver = "5";
-	break;
-      case 4:
-      default:
-	dbver = "";
-	break;
-    }
-
-    /* make sure we return something allocated with PORT_ so we have properly
-     * matched frees at the end */
-    smpname = PR_smprintf(CERT_DB_FMT, configdir, dbver);
-    if (smpname) {
-	dbname = PORT_Strdup(smpname);
-	PR_smprintf_free(smpname);
-    }
-    return dbname;
-}
-    
-static char *
-lg_keydb_name_cb(void *arg, int dbVersion)
-{
-    const char *configdir = (const char *)arg;
-    const char *dbver;
-    char *smpname = NULL;
-    char *dbname = NULL;
-    
-    switch (dbVersion) {
-      case 4:
-	dbver = "4";
-	break;
-      case 3:
-	dbver = "3";
-	break;
-      case 1:
-	dbver = "1";
-	break;
-      case 2:
-      default:
-	dbver = "";
-	break;
-    }
-
-    smpname = PR_smprintf(KEY_DB_FMT, configdir, dbver);
-    if (smpname) {
-	dbname = PORT_Strdup(smpname);
-	PR_smprintf_free(smpname);
-    }
-    return dbname;
-}
-
-const char *
-lg_EvaluateConfigDir(const char *configdir,char **appName)
-{
-    if (PORT_Strncmp(configdir, MULTIACCESS, sizeof(MULTIACCESS)-1) == 0) {
-	char *cdir;
-
-	*appName = PORT_Strdup(configdir+sizeof(MULTIACCESS)-1);
-	if (*appName == NULL) {
-	    return configdir;
-	}
-	cdir = *appName;
-	while (*cdir && *cdir != ':') {
-	    cdir++;
-	}
-	if (*cdir == ':') {
-	   *cdir = 0;
-	   cdir++;
-	}
-	configdir = cdir;
-    }
-    return configdir;
-}
-
-static int rdbmapflags(int flags);
-static rdbfunc lg_rdbfunc = NULL;
-static rdbstatusfunc lg_rdbstatusfunc = NULL;
-
-/* NOTE: SHLIB_SUFFIX is defined on the command line */
-#define RDBLIB SHLIB_PREFIX"rdb."SHLIB_SUFFIX
-
-DB * rdbopen(const char *appName, const char *prefix, 
-			const char *type, int flags, int *status)
-{
-    PRLibrary *lib;
-    DB *db;
-
-    if (lg_rdbfunc) {
-	db = (*lg_rdbfunc)(appName,prefix,type,rdbmapflags(flags));
-	if (!db && status && lg_rdbstatusfunc) {
-	    *status = (*lg_rdbstatusfunc)();
-	}
-	return db;
-    }
-
-    /*
-     * try to open the library.
-     */
-    lib = PR_LoadLibrary(RDBLIB);
-
-    if (!lib) {
-	return NULL;
-    }
-
-    /* get the entry points */
-    lg_rdbstatusfunc = (rdbstatusfunc) PR_FindSymbol(lib,"rdbstatus");
-    lg_rdbfunc = (rdbfunc) PR_FindSymbol(lib,"rdbopen");
-    if (lg_rdbfunc) {
-	db = (*lg_rdbfunc)(appName,prefix,type,rdbmapflags(flags));
-	if (!db && status && lg_rdbstatusfunc) {
-	    *status = (*lg_rdbstatusfunc)();
-	}
-	return db;
-    }
-
-    /* couldn't find the entry point, unload the library and fail */
-    PR_UnloadLibrary(lib);
-    return NULL;
-}
-
-/*
- * the following data structures are from rdb.h.
- */
-struct RDBStr {
-    DB	db;
-    int (*xactstart)(DB *db);
-    int (*xactdone)(DB *db, PRBool abort);
-    int version;
-    int (*dbinitcomplete)(DB *db);
-};
-
-#define DB_RDB ((DBTYPE) 0xff)
-#define RDB_RDONLY	1
-#define RDB_RDWR 	2
-#define RDB_CREATE      4
-
-static int
-rdbmapflags(int flags) {
-   switch (flags) {
-   case NO_RDONLY:
-	return RDB_RDONLY;
-   case NO_RDWR:
-	return RDB_RDWR;
-   case NO_CREATE:
-	return RDB_CREATE;
-   default:
-	break;
-   }
-   return 0;
-}
-
-PRBool
-db_IsRDB(DB *db)
-{
-    return (PRBool) db->type == DB_RDB;
-}
-
-int
-db_BeginTransaction(DB *db)
-{
-    struct RDBStr *rdb = (struct RDBStr *)db;
-    if (db->type != DB_RDB) {
-	return 0;
-    }
-
-    return rdb->xactstart(db);
-}
-
-int
-db_FinishTransaction(DB *db, PRBool abort)
-{
-    struct RDBStr *rdb = (struct RDBStr *)db;
-    if (db->type != DB_RDB) {
-	return 0;
-    }
-
-    return rdb->xactdone(db, abort);
-}
-
-static DB *
-lg_getRawDB(SDB *sdb)
-{
-    NSSLOWCERTCertDBHandle *certDB;
-    NSSLOWKEYDBHandle *keyDB;
-
-    certDB = lg_getCertDB(sdb);
-    if (certDB) {
-	return certDB->permCertDB;
-    }
-    keyDB = lg_getKeyDB(sdb);
-    if (keyDB) {
-	return keyDB->db;
-    }
-    return NULL;
-}
-
-CK_RV
-lg_Begin(SDB *sdb)
-{
-    DB *db = lg_getRawDB(sdb);
-    int ret;
-
-    if (db == NULL) {
-	return CKR_GENERAL_ERROR; /* shouldn't happen */
-    }
-    ret = db_BeginTransaction(db);
-    if (ret != 0) {
-	return CKR_GENERAL_ERROR; /* could happen */
-    }
-    return CKR_OK;
-}
-
-CK_RV
-lg_Commit(SDB *sdb)
-{
-    DB *db = lg_getRawDB(sdb);
-    int ret;
-
-    if (db == NULL) {
-	return CKR_GENERAL_ERROR; /* shouldn't happen */
-    }
-    ret = db_FinishTransaction(db, PR_FALSE);
-    if (ret != 0) {
-	return CKR_GENERAL_ERROR; /* could happen */
-    }
-    return CKR_OK;
-}
-
-CK_RV
-lg_Abort(SDB *sdb)
-{
-    DB *db = lg_getRawDB(sdb);
-    int ret;
-
-    if (db == NULL) {
-	return CKR_GENERAL_ERROR; /* shouldn't happen */
-    }
-    ret = db_FinishTransaction(db, PR_TRUE);
-    if (ret != 0) {
-	return CKR_GENERAL_ERROR; /* could happen */
-    }
-    return CKR_OK;
-}
-
-int
-db_InitComplete(DB *db)
-{
-    struct RDBStr *rdb = (struct RDBStr *)db;
-    if (db->type != DB_RDB) {
-	return 0;
-    }
-    /* we should have added a version number to the RDBS structure. Since we
-     * didn't, we detect that we have and 'extended' structure if the rdbstatus
-     * func exists */
-    if (!lg_rdbstatusfunc) {
-	return 0;
-    }
-
-    return rdb->dbinitcomplete(db);
-}
-
-
-
-SECStatus
-db_Copy(DB *dest,DB *src)
-{
-    int ret;
-    DBT key,data;
-    ret = (*src->seq)(src, &key, &data, R_FIRST);
-    if (ret)  {
-	return SECSuccess;
-    }
-
-    do {
-	(void)(*dest->put)(dest,&key,&data, R_NOOVERWRITE);
-    } while ( (*src->seq)(src, &key, &data, R_NEXT) == 0);
-    (void)(*dest->sync)(dest,0);
-
-    return SECSuccess;
-}
-
-
-static CK_RV
-lg_OpenCertDB(const char * configdir, const char *prefix, PRBool readOnly,
-    					    NSSLOWCERTCertDBHandle **certdbPtr)
-{
-    NSSLOWCERTCertDBHandle *certdb = NULL;
-    CK_RV        crv = CKR_NETSCAPE_CERTDB_FAILED;
-    SECStatus    rv;
-    char * name = NULL;
-    char * appName = NULL;
-
-    if (prefix == NULL) {
-	prefix = "";
-    }
-
-    configdir = lg_EvaluateConfigDir(configdir, &appName);
-
-    name = PR_smprintf("%s" PATH_SEPARATOR "%s",configdir,prefix);
-    if (name == NULL) goto loser;
-
-    certdb = (NSSLOWCERTCertDBHandle*)PORT_ZAlloc(sizeof(NSSLOWCERTCertDBHandle));
-    if (certdb == NULL) 
-    	goto loser;
-
-    certdb->ref = 1;
-/* fix when we get the DB in */
-    rv = nsslowcert_OpenCertDB(certdb, readOnly, appName, prefix,
-				lg_certdb_name_cb, (void *)name, PR_FALSE);
-    if (rv == SECSuccess) {
-	crv = CKR_OK;
-	*certdbPtr = certdb;
-	certdb = NULL;
-    }
-loser: 
-    if (certdb) PR_Free(certdb);
-    if (name) PR_smprintf_free(name);
-    if (appName) PORT_Free(appName);
-    return crv;
-}
-
-static CK_RV
-lg_OpenKeyDB(const char * configdir, const char *prefix, PRBool readOnly,
-    						NSSLOWKEYDBHandle **keydbPtr)
-{
-    NSSLOWKEYDBHandle *keydb;
-    char * name = NULL;
-    char * appName = NULL;
-
-    if (prefix == NULL) {
-	prefix = "";
-    }
-    configdir = lg_EvaluateConfigDir(configdir, &appName);
-
-    name = PR_smprintf("%s" PATH_SEPARATOR "%s",configdir,prefix);	
-    if (name == NULL) 
-	return CKR_HOST_MEMORY;
-    keydb = nsslowkey_OpenKeyDB(readOnly, appName, prefix, 
-					lg_keydb_name_cb, (void *)name);
-    PR_smprintf_free(name);
-    if (appName) PORT_Free(appName);
-    if (keydb == NULL)
-	return CKR_NETSCAPE_KEYDB_FAILED;
-    *keydbPtr = keydb;
-
-    return CKR_OK;
-}
-
-/*
- * Accessors for the private parts of the sdb structure.
- */
-void
-lg_DBLock(SDB *sdb) 
-{
-    LGPrivate *lgdb_p = (LGPrivate *)sdb->private;
-    PR_Lock(lgdb_p->dbLock);
-}
-
-void
-lg_DBUnlock(SDB *sdb) 
-{
-    LGPrivate *lgdb_p = (LGPrivate *)sdb->private;
-    PR_Unlock(lgdb_p->dbLock);
-}
-
-PLHashTable *
-lg_GetHashTable(SDB *sdb) 
-{
-    LGPrivate *lgdb_p = (LGPrivate *)sdb->private;
-    return lgdb_p->hashTable;
-}
-
-NSSLOWCERTCertDBHandle *
-lg_getCertDB(SDB *sdb)
-{
-    LGPrivate *lgdb_p = (LGPrivate *)sdb->private;
-
-    return lgdb_p->certDB;
-}
-
-NSSLOWKEYDBHandle *
-lg_getKeyDB(SDB *sdb)
-{
-    LGPrivate *lgdb_p = (LGPrivate *)sdb->private;
-
-    return lgdb_p->keyDB;
-}
-
-CK_RV
-lg_Close(SDB *sdb)
-{
-    LGPrivate *lgdb_p = (LGPrivate *)sdb->private;
-    if (lgdb_p) {
-    	if (lgdb_p->certDB) {
-	    nsslowcert_ClosePermCertDB(lgdb_p->certDB);
-	} else if (lgdb_p->keyDB) {
-	    nsslowkey_CloseKeyDB(lgdb_p->keyDB);
-	}
-	if (lgdb_p->dbLock) {
-	    PR_DestroyLock(lgdb_p->dbLock);
-	}
-	if (lgdb_p->hashTable) {
-	    PL_HashTableDestroy(lgdb_p->hashTable);
-	}
-	PORT_Free(lgdb_p);
-    }
-    PORT_Free(sdb);
-    return CKR_OK;
-}
-
-static PLHashNumber
-lg_HashNumber(const void *key)
-{
-    return (PLHashNumber) key;
-}
-
-
-/*
- * helper function to wrap a NSSLOWCERTCertDBHandle or a NSSLOWKEYDBHandle
- * with and sdb structure.
- */
-CK_RV 
-lg_init(SDB **pSdb, int flags, NSSLOWCERTCertDBHandle *certdbPtr,
-	 NSSLOWKEYDBHandle *keydbPtr)
-{
-    SDB *sdb = NULL;
-    LGPrivate *lgdb_p = NULL;
-    CK_RV error = CKR_HOST_MEMORY;
-
-    *pSdb = NULL;
-    sdb = (SDB *) PORT_Alloc(sizeof(SDB));
-    if (sdb == NULL) {
-	goto loser;
-    }
-    lgdb_p = (LGPrivate *) PORT_Alloc(sizeof(LGPrivate));
-    if (lgdb_p == NULL) {
-	goto loser;
-    }
-    /* invariant fields */
-    lgdb_p->certDB = certdbPtr;
-    lgdb_p->keyDB = keydbPtr;
-    lgdb_p->dbLock = PR_NewLock();
-    if (lgdb_p->dbLock == NULL) {
-	goto loser;
-    }
-    lgdb_p->hashTable = PL_NewHashTable(64, lg_HashNumber, PL_CompareValues,
-			SECITEM_HashCompare, NULL, 0);
-    if (lgdb_p->hashTable == NULL) {
-	goto loser;
-    }
-
-    sdb->sdb_type = SDB_LEGACY;
-    sdb->sdb_flags = flags;
-    sdb->private = lgdb_p;
-    sdb->sdb_FindObjectsInit = lg_FindObjectsInit;
-    sdb->sdb_FindObjects = lg_FindObjects;
-    sdb->sdb_FindObjectsFinal = lg_FindObjectsFinal;
-    sdb->sdb_GetAttributeValue = lg_GetAttributeValue;
-    sdb->sdb_SetAttributeValue = lg_SetAttributeValue;
-    sdb->sdb_CreateObject = lg_CreateObject;
-    sdb->sdb_DestroyObject = lg_DestroyObject;
-    sdb->sdb_GetPWEntry = lg_GetPWEntry;
-    sdb->sdb_PutPWEntry = lg_PutPWEntry;
-    sdb->sdb_Begin = lg_Begin;
-    sdb->sdb_Commit = lg_Commit;
-    sdb->sdb_Abort = lg_Abort;
-    sdb->sdb_Close = lg_Reset;
-    sdb->sdb_Close = lg_Close;
-
-
-    *pSdb = sdb;
-    return CKR_OK;
-
-loser:
-    if (sdb) {
-	PORT_Free(sdb);
-    }
-    if (lgdb_p) {
-	if (lgdb_p->dbLock) {
-	    PR_DestroyLock(lgdb_p->dbLock);
-	}
-	if (lgdb_p->hashTable) {
-	    PL_HashTableDestroy(lgdb_p->hashTable);
-	}
-	PORT_Free(lgdb_p);
-    }
-    return error;
-
-}
-
-extern SECStatus secoid_Init(void); /* util *REALLY* needs 
-				     * to be a shared library */
-/*
- * OK there are now lots of options here, lets go through them all:
- *
- * configdir - base directory where all the cert, key, and module datbases live.
- * certPrefix - prefix added to the beginning of the cert database example: "
- * 			"https-server1-"
- * keyPrefix - prefix added to the beginning of the key database example: "
- * 			"https-server1-"
- * secmodName - name of the security module database (usually "secmod.db").
- * readOnly - Boolean: true if the databases are to be openned read only.
- * nocertdb - Don't open the cert DB and key DB's, just initialize the 
- *			Volatile certdb.
- * nomoddb - Don't open the security module DB, just initialize the 
- *			PKCS #11 module.
- * forceOpen - Continue to force initializations even if the databases cannot
- * 			be opened.
- */
-CK_RV
-legacy_Open(const char *configdir, const char *certPrefix, 
-	    const char *keyPrefix, int certVersion, int keyVersion,
-	    int flags, SDB **certDB, SDB **keyDB)
-{
-    CK_RV crv = CKR_OK;
-    PRBool readOnly = (flags == SDB_RDONLY)? PR_TRUE: PR_FALSE;
-
-    secoid_Init();
-    nsslowcert_InitLocks();
-
-    if (keyDB) *keyDB = NULL;
-    if (certDB) *certDB = NULL;
-
-    if (certDB) {
-	NSSLOWCERTCertDBHandle *certdbPtr;
-
-	crv = lg_OpenCertDB(configdir, certPrefix, readOnly, &certdbPtr);
-	if (crv != CKR_OK) {
-	    goto loser;
-	}
-	crv = lg_init(certDB, flags, certdbPtr, NULL);
-	if (crv != CKR_OK) {
-	    nsslowcert_ClosePermCertDB(certdbPtr);
-	    goto loser;
-	}
-    }
-    if (keyDB) {
-	NSSLOWKEYDBHandle *keydbPtr;
-
-	crv = lg_OpenKeyDB(configdir, keyPrefix, readOnly, &keydbPtr);
-	if (crv != CKR_OK) {
-	    goto loser;
-	}
-	crv = lg_init(keyDB, flags, NULL, keydbPtr);
-	if (crv != CKR_OK) {
-	    nsslowkey_CloseKeyDB(keydbPtr);
-	    goto loser;
-	}
-	if (certDB && *certDB) {
-	    LGPrivate *lgdb_p = (LGPrivate *)(*certDB)->private;
-	    lgdb_p->keyDB = keydbPtr;
-	}
-    }
-
-loser:
-    if (crv != CKR_OK) {
-	if (keyDB && *keyDB) {
-	    lg_Close(*keyDB);
-	    *keyDB = NULL;
-	}
-	if (certDB && *certDB) {
-	    lg_Close(*certDB);
-	    *certDB = NULL;
-	}
-    }
-    return crv;
-}
-
-CK_RV
-legacy_Shutdown(void)
-{
-    nsslowcert_DestroyFreeLists();
-    nsslowcert_DestroyGlobalLocks();
-}

mozilla/security/nss/lib/softoken/legacydb/lgutil.c

@@ -1,424 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *   Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-#include "lgdb.h"
-#include "secerr.h"
-#include "lgglue.h"
-
-/*
- * ******************** Attribute Utilities *******************************
- */
-
-/*
- * look up and attribute structure from a type and Object structure.
- * The returned attribute is referenced and needs to be freed when 
- * it is no longer needed.
- */
-const CK_ATTRIBUTE *
-lg_FindAttribute(CK_ATTRIBUTE_TYPE type, const CK_ATTRIBUTE *templ,
-		 CK_ULONG count )
-{
-    int i;
-
-    for (i=0; i < count; i++) {
-	if (templ[i].type == type) {
-	    return &templ[i];
-	}
-    }
-    return NULL;
-}
-
-
-/*
- * return true if object has attribute
- */
-PRBool
-lg_hasAttribute(CK_ATTRIBUTE_TYPE type, const CK_ATTRIBUTE *templ,
-		 CK_ULONG count )
-{
-   if (lg_FindAttribute(type, templ, count) == NULL) {
-	return PR_FALSE;
-   }
-   return PR_TRUE;
-}
-
-/* 
- * copy an attribute into a SECItem. Secitem is allocated in the specified
- * arena.
- */
-CK_RV
-lg_Attribute2SecItem(PLArenaPool *arena, CK_ATTRIBUTE_TYPE type,
-			const CK_ATTRIBUTE *templ, CK_ULONG count,
-			SECItem *item)
-{
-    int len;
-    const CK_ATTRIBUTE *attribute;
-
-    attribute = lg_FindAttribute(type, templ, count);
-    if (attribute == NULL) return CKR_TEMPLATE_INCOMPLETE;
-    len = attribute->ulValueLen;
-
-    if (arena) {
-    	item->data = (unsigned char *) PORT_ArenaAlloc(arena,len);
-    } else {
-    	item->data = (unsigned char *) PORT_Alloc(len);
-    }
-    if (item->data == NULL) {
-	return CKR_HOST_MEMORY;
-    }
-    item->len = len;
-    PORT_Memcpy(item->data, attribute->pValue, len);
-    return CKR_OK;
-}
-
-
-/* 
- * copy an unsigned attribute into a SECItem. Secitem is allocated in
- * the specified arena.
- */
-CK_RV
-lg_Attribute2SSecItem(PLArenaPool *arena, CK_ATTRIBUTE_TYPE type,
-			const CK_ATTRIBUTE *templ, CK_ULONG count,
-			SECItem *item)
-{
-    const CK_ATTRIBUTE *attribute;
-    item->data = NULL;
-
-    attribute = lg_FindAttribute(type, templ, count);
-    if (attribute == NULL) return CKR_TEMPLATE_INCOMPLETE;
-
-    (void)SECITEM_AllocItem(arena, item, attribute->ulValueLen);
-    if (item->data == NULL) {
-	return CKR_HOST_MEMORY;
-    }
-    PORT_Memcpy(item->data, attribute->pValue, item->len);
-    return CKR_OK;
-}
-
-/* 
- * copy an unsigned attribute into a SECItem. Secitem is allocated in
- * the specified arena.
- */
-CK_RV
-lg_PrivAttr2SSecItem(PLArenaPool *arena, CK_ATTRIBUTE_TYPE type,
-			const CK_ATTRIBUTE *templ, CK_ULONG count,
-			SECItem *item, SDB *sdbpw)
-{
-    const CK_ATTRIBUTE *attribute;
-    SECItem epki, *dest = NULL;
-    SECStatus rv;
-
-    item->data = NULL;
-
-    attribute = lg_FindAttribute(type, templ, count);
-    if (attribute == NULL) return CKR_TEMPLATE_INCOMPLETE;
-
-    epki.data = attribute->pValue;
-    epki.len = attribute->ulValueLen;
-
-    rv = lg_util_decrypt(sdbpw, &epki, &dest);
-    if (rv != SECSuccess) {
-	return CKR_USER_NOT_LOGGED_IN;
-    }
-    (void)SECITEM_AllocItem(arena, item, dest->len);
-    if (item->data == NULL) {
-	SECITEM_FreeItem(dest, PR_TRUE);
-	return CKR_HOST_MEMORY;
-    }
-    
-    PORT_Memcpy(item->data, dest->data, item->len);
-    SECITEM_FreeItem(dest, PR_TRUE);
-    return CKR_OK;
-}
-
-CK_RV
-lg_PrivAttr2SecItem(PLArenaPool *arena, CK_ATTRIBUTE_TYPE type,
-			const CK_ATTRIBUTE *templ, CK_ULONG count,
-			SECItem *item, SDB *sdbpw)
-{
-    return lg_PrivAttr2SSecItem(arena, type, templ, count, item, sdbpw);
-}
-
-/*
- * this is only valid for CK_BBOOL type attributes. Return the state
- * of that attribute.
- */
-PRBool
-lg_isTrue(CK_ATTRIBUTE_TYPE type, const CK_ATTRIBUTE *templ, CK_ULONG count)
-{
-    const CK_ATTRIBUTE *attribute;
-    PRBool tok = PR_FALSE;
-
-    attribute=lg_FindAttribute(type, templ, count);
-    if (attribute == NULL) { return PR_FALSE; }
-    tok = (PRBool)(*(CK_BBOOL *)attribute->pValue);
-
-    return tok;
-}
-
-/*
- * return a null terminated string from attribute 'type'. This string
- * is allocated and needs to be freed with PORT_Free() When complete.
- */
-char *
-lg_getString(CK_ATTRIBUTE_TYPE type, const CK_ATTRIBUTE *templ, CK_ULONG count)
-{
-    const CK_ATTRIBUTE *attribute;
-    char *label = NULL;
-
-    attribute = lg_FindAttribute(type, templ, count);
-    if (attribute == NULL) return NULL;
-
-    if (attribute->pValue != NULL) {
-	label = (char *) PORT_Alloc(attribute->ulValueLen+1);
-	if (label == NULL) {
-	    return NULL;
-	}
-
-	PORT_Memcpy(label,attribute->pValue, attribute->ulValueLen);
-	label[attribute->ulValueLen] = 0;
-    }
-    return label;
-}
-
-CK_RV
-lg_GetULongAttribute(CK_ATTRIBUTE_TYPE type, const CK_ATTRIBUTE *templ,
-				 CK_ULONG count, CK_ULONG *longData)
-{
-    const CK_ATTRIBUTE *attribute;
-    CK_ULONG value = 0;
-    const unsigned char *data;
-    int i;
-
-    attribute = lg_FindAttribute(type, templ, count);
-    if (attribute == NULL) return CKR_TEMPLATE_INCOMPLETE;
-
-    if (attribute->ulValueLen != sizeof(CK_ULONG)) {
-	return CKR_ATTRIBUTE_VALUE_INVALID;
-    }
-    data = (const unsigned char *)attribute->pValue;
-    for (i=0; i < 4; i++) {
-	value |= (CK_ULONG)(data[i]) << ((3-i)*8);
-    }
-
-    *longData = value;
-    return CKR_OK;
-}
-
-/*
- * ******************** Object Utilities *******************************
- */
-
-SECStatus
-lg_deleteTokenKeyByHandle(SDB *sdb, CK_OBJECT_HANDLE handle)
-{
-    SECItem *item;
-    PRBool rem;
-    PLHashTable *hashTable= lg_GetHashTable(sdb);
-
-    item = (SECItem *)PL_HashTableLookup(hashTable, (void *)handle);
-    rem = PL_HashTableRemove(hashTable,(void *)handle) ;
-    if (rem && item) {
-	SECITEM_FreeItem(item,PR_TRUE);
-    }
-    return rem ? SECSuccess : SECFailure;
-}
-
-/* must be called holding lg_DBLock(sdb) */
-static SECStatus
-lg_addTokenKeyByHandle(SDB *sdb, CK_OBJECT_HANDLE handle, SECItem *key)
-{
-    PLHashEntry *entry;
-    SECItem *item;
-    PLHashTable *hashTable= lg_GetHashTable(sdb);
-
-    item = SECITEM_DupItem(key);
-    if (item == NULL) {
-	return SECFailure;
-    }
-    entry = PL_HashTableAdd(hashTable,(void *)handle,item);
-    if (entry == NULL) {
-	SECITEM_FreeItem(item,PR_TRUE);
-	return SECFailure;
-    }
-    return SECSuccess;
-}
-
-/* must be called holding lg_DBLock(sdb) */
-const SECItem *
-lg_lookupTokenKeyByHandle(SDB *sdb, CK_OBJECT_HANDLE handle)
-{
-    PLHashTable *hashTable= lg_GetHashTable(sdb);
-    return (const SECItem *)PL_HashTableLookup(hashTable, (void *)handle);
-}
-
-
-static PRIntn
-lg_freeHashItem(PLHashEntry* entry, PRIntn index, void *arg)
-{
-    SECItem *item = (SECItem *)entry->value;
-
-    SECITEM_FreeItem(item, PR_TRUE);
-    return HT_ENUMERATE_NEXT;
-}
-
-CK_RV
-LG_ClearTokenKeyHashTable(SDB *sdb)
-{
-    PLHashTable *hashTable;
-    lg_DBLock(sdb);
-    hashTable= lg_GetHashTable(sdb);
-    PL_HashTableEnumerateEntries(hashTable, lg_freeHashItem, NULL);
-    lg_DBLock(sdb);
-    return CKR_OK;
-}
-
-/*
- * handle Token Object stuff
- */
-static void
-lg_XORHash(unsigned char *key, unsigned char *dbkey, int len)
-{
-   int i;
-
-   PORT_Memset(key, 0, 4);
-
-   for (i=0; i < len-4; i += 4) {
-	key[0] ^= dbkey[i];
-	key[1] ^= dbkey[i+1];
-	key[2] ^= dbkey[i+2];
-	key[3] ^= dbkey[i+3];
-   }
-}
-
-/* Make a token handle for an object and record it so we can find it again */
-CK_OBJECT_HANDLE
-lg_mkHandle(SDB *sdb, SECItem *dbKey, CK_OBJECT_HANDLE class)
-{
-    unsigned char hashBuf[4];
-    CK_OBJECT_HANDLE handle;
-    const SECItem *key;
-
-    handle = class;
-    /* there is only one KRL, use a fixed handle for it */
-    if (handle != LG_TOKEN_KRL_HANDLE) {
-	lg_XORHash(hashBuf,dbKey->data,dbKey->len);
-	handle = (hashBuf[0] << 24) | (hashBuf[1] << 16) | 
-					(hashBuf[2] << 8)  | hashBuf[3];
-	handle =  class | (handle & ~(LG_TOKEN_TYPE_MASK|LG_TOKEN_MASK));
-	/* we have a CRL who's handle has randomly matched the reserved KRL
-	 * handle, increment it */
-	if (handle == LG_TOKEN_KRL_HANDLE) {
-	    handle++;
-	}
-    }
-
-    lg_DBLock(sdb);
-    while ((key = lg_lookupTokenKeyByHandle(sdb,handle)) != NULL) {
-	if (SECITEM_ItemsAreEqual(key,dbKey)) {
-    	   lg_DBUnlock(sdb);
-	   return handle;
-	}
-	handle++;
-    }
-    lg_addTokenKeyByHandle(sdb,handle,dbKey);
-    lg_DBUnlock(sdb);
-    return handle;
-}
-
-PRBool
-lg_poisonHandle(SDB *sdb, SECItem *dbKey, CK_OBJECT_HANDLE class)
-{
-    unsigned char hashBuf[4];
-    CK_OBJECT_HANDLE handle;
-    const SECItem *key;
-
-    handle = class;
-    /* there is only one KRL, use a fixed handle for it */
-    if (handle != LG_TOKEN_KRL_HANDLE) {
-	lg_XORHash(hashBuf,dbKey->data,dbKey->len);
-	handle = (hashBuf[0] << 24) | (hashBuf[1] << 16) | 
-					(hashBuf[2] << 8)  | hashBuf[3];
-	handle = class | (handle & ~(LG_TOKEN_TYPE_MASK|LG_TOKEN_MASK));
-	/* we have a CRL who's handle has randomly matched the reserved KRL
-	 * handle, increment it */
-	if (handle == LG_TOKEN_KRL_HANDLE) {
-	    handle++;
-	}
-    }
-    lg_DBLock(sdb);
-    while ((key = lg_lookupTokenKeyByHandle(sdb,handle)) != NULL) {
-	if (SECITEM_ItemsAreEqual(key,dbKey)) {
-	   key->data[0] ^= 0x80;
-    	   lg_DBUnlock(sdb);
-	   return PR_TRUE;
-	}
-	handle++;
-    }
-    lg_DBUnlock(sdb);
-    return PR_FALSE;
-}
-
-static LGEncryptFunc lg_encrypt_stub = NULL;
-static LGDecryptFunc lg_decrypt_stub = NULL;
-
-void
-legacy_SetCryptFunctions(LGEncryptFunc enc, LGDecryptFunc dec)
-{
-   lg_encrypt_stub = enc;
-   lg_decrypt_stub = dec;
-}
-
-SECStatus lg_util_encrypt(PLArenaPool *arena, SDB *sdb, 
-			  SECItem *plainText, SECItem **cipherText)
-{
-    if (lg_encrypt_stub == NULL) {
-	PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-	return SECFailure;
-    }
-    return (*lg_encrypt_stub)(arena, sdb, plainText, cipherText);
-}
-
-SECStatus lg_util_decrypt(SDB *sdb, SECItem *cipherText, SECItem **plainText)
-{
-    if (lg_decrypt_stub == NULL) {
-	PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-	return SECFailure;
-    }
-    return (*lg_decrypt_stub)(sdb, cipherText, plainText);
-}
-
-

mozilla/security/nss/lib/softoken/legacydb/lowcert.c

@@ -1,824 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *   Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-/*
- * Certificate handling code
- *
- * $Id: lowcert.c,v 1.1.2.2 2007-05-15 21:59:52 rrelyea%redhat.com Exp $
- */
-
-#include "seccomon.h"
-#include "secder.h"
-#include "nssilock.h"
-#include "lowkeyi.h"
-#include "secasn1.h"
-#include "secoid.h"
-#include "secerr.h"
-#include "pcert.h"
-
-static const SEC_ASN1Template nsslowcert_SubjectPublicKeyInfoTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWCERTSubjectPublicKeyInfo) },
-    { SEC_ASN1_INLINE, offsetof(NSSLOWCERTSubjectPublicKeyInfo,algorithm),
-          SECOID_AlgorithmIDTemplate },
-    { SEC_ASN1_BIT_STRING,
-          offsetof(NSSLOWCERTSubjectPublicKeyInfo,subjectPublicKey), },
-    { 0, }
-};
-
-static const SEC_ASN1Template nsslowcert_RSAPublicKeyTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPublicKey) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPublicKey,u.rsa.modulus), },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPublicKey,u.rsa.publicExponent), },
-    { 0, }
-};
-static const SEC_ASN1Template nsslowcert_DSAPublicKeyTemplate[] = {
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPublicKey,u.dsa.publicValue), },
-    { 0, }
-};
-static const SEC_ASN1Template nsslowcert_DHPublicKeyTemplate[] = {
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPublicKey,u.dh.publicValue), },
-    { 0, }
-};
-
-/*
- * See bugzilla bug 125359
- * Since NSS (via PKCS#11) wants to handle big integers as unsigned ints,
- * all of the templates above that en/decode into integers must be converted
- * from ASN.1's signed integer type.  This is done by marking either the
- * source or destination (encoding or decoding, respectively) type as
- * siUnsignedInteger.
- */
-
-static void
-prepare_low_rsa_pub_key_for_asn1(NSSLOWKEYPublicKey *pubk)
-{
-    pubk->u.rsa.modulus.type = siUnsignedInteger;
-    pubk->u.rsa.publicExponent.type = siUnsignedInteger;
-}
-
-static void
-prepare_low_dsa_pub_key_for_asn1(NSSLOWKEYPublicKey *pubk)
-{
-    pubk->u.dsa.publicValue.type = siUnsignedInteger;
-    pubk->u.dsa.params.prime.type = siUnsignedInteger;
-    pubk->u.dsa.params.subPrime.type = siUnsignedInteger;
-    pubk->u.dsa.params.base.type = siUnsignedInteger;
-}
-
-static void
-prepare_low_dh_pub_key_for_asn1(NSSLOWKEYPublicKey *pubk)
-{
-    pubk->u.dh.prime.type = siUnsignedInteger;
-    pubk->u.dh.base.type = siUnsignedInteger;
-    pubk->u.dh.publicValue.type = siUnsignedInteger;
-}
-
-/*
- * simple cert decoder to avoid the cost of asn1 engine
- */ 
-static unsigned char *
-nsslowcert_dataStart(unsigned char *buf, unsigned int length, 
-			unsigned int *data_length, PRBool includeTag,
-                        unsigned char* rettag) {
-    unsigned char tag;
-    unsigned int used_length= 0;
-
-    tag = buf[used_length++];
-
-    if (rettag) {
-        *rettag = tag;
-    }
-
-    /* blow out when we come to the end */
-    if (tag == 0) {
-	return NULL;
-    }
-
-    *data_length = buf[used_length++];
-
-    if (*data_length&0x80) {
-	int  len_count = *data_length & 0x7f;
-
-	*data_length = 0;
-
-	while (len_count-- > 0) {
-	    *data_length = (*data_length << 8) | buf[used_length++];
-	} 
-    }
-
-    if (*data_length > (length-used_length) ) {
-	*data_length = length-used_length;
-	return NULL;
-    }
-    if (includeTag) *data_length += used_length;
-
-    return (buf + (includeTag ? 0 : used_length));	
-}
-
-static void SetTimeType(SECItem* item, unsigned char tagtype)
-{
-    switch (tagtype) {
-        case SEC_ASN1_UTC_TIME:
-            item->type = siUTCTime;
-            break;
-
-        case SEC_ASN1_GENERALIZED_TIME:
-            item->type = siGeneralizedTime;
-            break;
-
-        default:
-            PORT_Assert(0);
-            break;
-    }
-}
-
-static int
-nsslowcert_GetValidityFields(unsigned char *buf,int buf_length,
-	SECItem *notBefore, SECItem *notAfter)
-{
-    unsigned char tagtype;
-    notBefore->data = nsslowcert_dataStart(buf,buf_length,
-						&notBefore->len,PR_FALSE, &tagtype);
-    if (notBefore->data == NULL) return SECFailure;
-    SetTimeType(notBefore, tagtype);
-    buf_length -= (notBefore->data-buf) + notBefore->len;
-    buf = notBefore->data + notBefore->len;
-    notAfter->data = nsslowcert_dataStart(buf,buf_length,
-						&notAfter->len,PR_FALSE, &tagtype);
-    if (notAfter->data == NULL) return SECFailure;
-    SetTimeType(notAfter, tagtype);
-    return SECSuccess;
-}
-
-static int
-nsslowcert_GetCertFields(unsigned char *cert,int cert_length,
-	SECItem *issuer, SECItem *serial, SECItem *derSN, SECItem *subject,
-	SECItem *valid, SECItem *subjkey, SECItem *extensions)
-{
-    unsigned char *buf;
-    unsigned int buf_length;
-    unsigned char *dummy;
-    unsigned int dummylen;
-
-    /* get past the signature wrap */
-    buf = nsslowcert_dataStart(cert,cert_length,&buf_length,PR_FALSE, NULL);
-    if (buf == NULL) return SECFailure;
-    /* get into the raw cert data */
-    buf = nsslowcert_dataStart(buf,buf_length,&buf_length,PR_FALSE, NULL);
-    if (buf == NULL) return SECFailure;
-    /* skip past any optional version number */
-    if ((buf[0] & 0xa0) == 0xa0) {
-	dummy = nsslowcert_dataStart(buf,buf_length,&dummylen,PR_FALSE, NULL);
-	if (dummy == NULL) return SECFailure;
-	buf_length -= (dummy-buf) + dummylen;
-	buf = dummy + dummylen;
-    }
-    /* serial number */
-    if (derSN) {
-	derSN->data=nsslowcert_dataStart(buf,buf_length,&derSN->len,PR_TRUE, NULL);
-    }
-    serial->data = nsslowcert_dataStart(buf,buf_length,&serial->len,PR_FALSE, NULL);
-    if (serial->data == NULL) return SECFailure;
-    buf_length -= (serial->data-buf) + serial->len;
-    buf = serial->data + serial->len;
-    /* skip the OID */
-    dummy = nsslowcert_dataStart(buf,buf_length,&dummylen,PR_FALSE, NULL);
-    if (dummy == NULL) return SECFailure;
-    buf_length -= (dummy-buf) + dummylen;
-    buf = dummy + dummylen;
-    /* issuer */
-    issuer->data = nsslowcert_dataStart(buf,buf_length,&issuer->len,PR_TRUE, NULL);
-    if (issuer->data == NULL) return SECFailure;
-    buf_length -= (issuer->data-buf) + issuer->len;
-    buf = issuer->data + issuer->len;
-
-    /* only wanted issuer/SN */
-    if (valid == NULL) {
-	return SECSuccess;
-    }
-    /* validity */
-    valid->data = nsslowcert_dataStart(buf,buf_length,&valid->len,PR_FALSE, NULL);
-    if (valid->data == NULL) return SECFailure;
-    buf_length -= (valid->data-buf) + valid->len;
-    buf = valid->data + valid->len;
-    /*subject */
-    subject->data=nsslowcert_dataStart(buf,buf_length,&subject->len,PR_TRUE, NULL);
-    if (subject->data == NULL) return SECFailure;
-    buf_length -= (subject->data-buf) + subject->len;
-    buf = subject->data + subject->len;
-    /* subject  key info */
-    subjkey->data=nsslowcert_dataStart(buf,buf_length,&subjkey->len,PR_TRUE, NULL);
-    if (subjkey->data == NULL) return SECFailure;
-    buf_length -= (subjkey->data-buf) + subjkey->len;
-    buf = subjkey->data + subjkey->len;
-
-    extensions->data = NULL;
-    extensions->len = 0;
-    while (buf_length > 0) {
-	/* EXTENSIONS */
-	if (buf[0] == 0xa3) {
-	    extensions->data = nsslowcert_dataStart(buf,buf_length, 
-					&extensions->len, PR_FALSE, NULL);
-	    break;
-	}
-	dummy = nsslowcert_dataStart(buf,buf_length,&dummylen,PR_FALSE,NULL);
-	if (dummy == NULL) return SECFailure;
-	buf_length -= (dummy - buf) + dummylen;
-	buf = dummy + dummylen;
-    }
-    return SECSuccess;
-}
-
-static SECStatus
-nsslowcert_GetCertTimes(NSSLOWCERTCertificate *c, PRTime *notBefore, PRTime *notAfter)
-{
-    int rv;
-    NSSLOWCERTValidity validity;
-
-    rv = nsslowcert_GetValidityFields(c->validity.data,c->validity.len,
-				&validity.notBefore,&validity.notAfter);
-    if (rv != SECSuccess) {
-	return rv;
-    }
-    
-    /* convert DER not-before time */
-    rv = DER_DecodeTimeChoice(notBefore, &validity.notBefore);
-    if (rv) {
-        return(SECFailure);
-    }
-    
-    /* convert DER not-after time */
-    rv = DER_DecodeTimeChoice(notAfter, &validity.notAfter);
-    if (rv) {
-        return(SECFailure);
-    }
-
-    return(SECSuccess);
-}
-
-/*
- * is certa newer than certb?  If one is expired, pick the other one.
- */
-PRBool
-nsslowcert_IsNewer(NSSLOWCERTCertificate *certa, NSSLOWCERTCertificate *certb)
-{
-    PRTime notBeforeA, notAfterA, notBeforeB, notAfterB, now;
-    SECStatus rv;
-    PRBool newerbefore, newerafter;
-    
-    rv = nsslowcert_GetCertTimes(certa, &notBeforeA, &notAfterA);
-    if ( rv != SECSuccess ) {
-	return(PR_FALSE);
-    }
-    
-    rv = nsslowcert_GetCertTimes(certb, &notBeforeB, &notAfterB);
-    if ( rv != SECSuccess ) {
-	return(PR_TRUE);
-    }
-
-    newerbefore = PR_FALSE;
-    if ( LL_CMP(notBeforeA, >, notBeforeB) ) {
-	newerbefore = PR_TRUE;
-    }
-
-    newerafter = PR_FALSE;
-    if ( LL_CMP(notAfterA, >, notAfterB) ) {
-	newerafter = PR_TRUE;
-    }
-    
-    if ( newerbefore && newerafter ) {
-	return(PR_TRUE);
-    }
-    
-    if ( ( !newerbefore ) && ( !newerafter ) ) {
-	return(PR_FALSE);
-    }
-
-    /* get current time */
-    now = PR_Now();
-
-    if ( newerbefore ) {
-	/* cert A was issued after cert B, but expires sooner */
-	/* if A is expired, then pick B */
-	if ( LL_CMP(notAfterA, <, now ) ) {
-	    return(PR_FALSE);
-	}
-	return(PR_TRUE);
-    } else {
-	/* cert B was issued after cert A, but expires sooner */
-	/* if B is expired, then pick A */
-	if ( LL_CMP(notAfterB, <, now ) ) {
-	    return(PR_TRUE);
-	}
-	return(PR_FALSE);
-    }
-}
-
-#define SOFT_DEFAULT_CHUNKSIZE 2048
-
-static SECStatus
-nsslowcert_KeyFromIssuerAndSN(PRArenaPool *arena, 
-			      SECItem *issuer, SECItem *sn, SECItem *key)
-{
-    unsigned int len = sn->len + issuer->len;
-
-    if (!arena) {
-        PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	goto loser;
-    }
-    key->data = (unsigned char*)PORT_ArenaAlloc(arena, len);
-    if ( !key->data ) {
-	goto loser;
-    }
-
-    key->len = len;
-    /* copy the serialNumber */
-    PORT_Memcpy(key->data, sn->data, sn->len);
-
-    /* copy the issuer */
-    PORT_Memcpy(&key->data[sn->len], issuer->data, issuer->len);
-
-    return(SECSuccess);
-
-loser:
-    return(SECFailure);
-}
-
-static SECStatus
-nsslowcert_KeyFromIssuerAndSNStatic(unsigned char *space,
-	int spaceLen, SECItem *issuer, SECItem *sn, SECItem *key)
-{
-    unsigned int len = sn->len + issuer->len;
-
-    key->data = pkcs11_allocStaticData(len, space, spaceLen);
-    if ( !key->data ) {
-	goto loser;
-    }
-
-    key->len = len;
-    /* copy the serialNumber */
-    PORT_Memcpy(key->data, sn->data, sn->len);
-
-    /* copy the issuer */
-    PORT_Memcpy(&key->data[sn->len], issuer->data, issuer->len);
-
-    return(SECSuccess);
-
-loser:
-    return(SECFailure);
-}
-
-
-static char *
-nsslowcert_EmailName(SECItem *derDN, char *space, unsigned int len)
-{
-    unsigned char *buf;
-    unsigned int buf_length;
-
-    /* unwrap outer sequence */
-    buf=nsslowcert_dataStart(derDN->data,derDN->len,&buf_length,PR_FALSE,NULL);
-    if (buf == NULL) return NULL;
-
-    /* Walk each RDN */
-    while (buf_length > 0) {
-	unsigned char *rdn;
-	unsigned int rdn_length;
-
-	/* grab next rdn */
-	rdn=nsslowcert_dataStart(buf, buf_length, &rdn_length, PR_FALSE, NULL);
-	if (rdn == NULL) { return NULL; }
-	buf_length -= (rdn - buf) + rdn_length;
-	buf = rdn+rdn_length;
-
-	while (rdn_length > 0) {
-	    unsigned char *ava;
-	    unsigned int ava_length;
-	    unsigned char *oid;
-	    unsigned int oid_length;
-	    unsigned char *name;
-	    unsigned int name_length;
-	    SECItem oidItem;
-	    SECOidTag type;
-
-	    /* unwrap the ava */
-	    ava=nsslowcert_dataStart(rdn, rdn_length, &ava_length, PR_FALSE, 
-					NULL);
-	    if (ava == NULL) return NULL;
-	    rdn_length -= (ava-rdn)+ava_length;
-	    rdn = ava + ava_length;
-
-	    oid=nsslowcert_dataStart(ava, ava_length, &oid_length, PR_FALSE, 
-					NULL);
-	    if (oid == NULL) { return NULL; }
-	    ava_length -= (oid-ava)+oid_length;
-	    ava = oid+oid_length;
-
-	    name=nsslowcert_dataStart(ava, ava_length, &name_length, PR_FALSE, 
-					NULL);
-	    if (oid == NULL) { return NULL; }
-	    ava_length -= (name-ava)+name_length;
-	    ava = name+name_length;
-
-	    oidItem.data = oid;
-	    oidItem.len = oid_length;
-	    type = SECOID_FindOIDTag(&oidItem);
-	    if ((type == SEC_OID_PKCS9_EMAIL_ADDRESS) || 
-					(type == SEC_OID_RFC1274_MAIL)) {
-		/* Email is supposed to be IA5String, so no 
-		 * translation necessary */
-		char *emailAddr;
-		emailAddr = (char *)pkcs11_copyStaticData(name,name_length+1,
-					(unsigned char *)space,len);
-		if (emailAddr) {
-		    emailAddr[name_length] = 0;
-		}
-		return emailAddr;
-	    }
-	}
-    }
-    return NULL;
-}
-
-static char *
-nsslowcert_EmailAltName(NSSLOWCERTCertificate *cert, char *space, 
-			unsigned int len)
-{
-    unsigned char *exts;
-    unsigned int exts_length;
-
-    /* unwrap the sequence */
-    exts = nsslowcert_dataStart(cert->extensions.data, cert->extensions.len,
-				 &exts_length, PR_FALSE, NULL);
-    /* loop through extension */
-    while (exts && exts_length > 0) {
-	unsigned char * ext;
-	unsigned int ext_length;
-	unsigned char *oid;	
-	unsigned int oid_length;
-	unsigned char *nameList;
-	unsigned int nameList_length;
-	SECItem oidItem;
-	SECOidTag type;
-
-	ext = nsslowcert_dataStart(exts, exts_length, &ext_length, 
-					PR_FALSE, NULL);
-	if (ext == NULL) { break; }
-	exts_length -= (ext - exts) + ext_length;
-	exts = ext+ext_length;
-
-	oid=nsslowcert_dataStart(ext, ext_length, &oid_length, PR_FALSE, NULL);
-	if (oid == NULL) { break; }
-	ext_length -= (oid - ext) + oid_length;
-	ext = oid+oid_length;
-	oidItem.data = oid;
-	oidItem.len = oid_length;
-	type = SECOID_FindOIDTag(&oidItem);
-
-	/* get Alt Extension */
-	if (type != SEC_OID_X509_SUBJECT_ALT_NAME) {
-		continue;
-	}
-
-	/* skip passed the critical flag */
-	if (ext[0] == 0x01) { /* BOOLEAN */
-	    unsigned char *dummy;
-	    unsigned int dummy_length;
-	    dummy = nsslowcert_dataStart(ext, ext_length, &dummy_length, 
-					PR_FALSE, NULL);
-	    if (dummy == NULL) { break; } 
-	    ext_length -= (dummy - ext) + dummy_length;
-	    ext = dummy+dummy_length;
-	}
-
-	   
-	/* unwrap the name list */ 
-	nameList = nsslowcert_dataStart(ext, ext_length, &nameList_length, 
-					PR_FALSE, NULL);
-	if (nameList == NULL) { break; }
-	ext_length -= (nameList - ext) + nameList_length;
-	ext = nameList+nameList_length;
-	nameList = nsslowcert_dataStart(nameList, nameList_length,
-					&nameList_length, PR_FALSE, NULL);
-	/* loop through the name list */
-	while (nameList && nameList_length > 0) {
-	    unsigned char *thisName;
-	    unsigned int thisName_length;
-
-	    thisName = nsslowcert_dataStart(nameList, nameList_length,
-					&thisName_length, PR_FALSE, NULL);
-	    if (thisName == NULL) { break; }
-	    if (nameList[0] == 0xa2) { /* DNS Name */
-		SECItem dn;
-	        char *emailAddr;
-
-		dn.data = thisName;
-		dn.len = thisName_length;
-		emailAddr = nsslowcert_EmailName(&dn, space, len);
-		if (emailAddr) {
-		    return emailAddr;
-		}
-	    }
-	    if (nameList[0] == 0x81) { /* RFC 822name */
-		char *emailAddr;
-		emailAddr = (char *)pkcs11_copyStaticData(thisName,
-			thisName_length+1, (unsigned char *)space,len);
-		if (emailAddr) {
-		    emailAddr[thisName_length] = 0;
-		}
-		return emailAddr;
-	    }
-	    nameList_length -= (thisName-nameList) + thisName_length;
-	    nameList = thisName + thisName_length;
-	}
-	break;
-    }
-    return NULL;
-}
-
-static char *
-nsslowcert_GetCertificateEmailAddress(NSSLOWCERTCertificate *cert)
-{
-    char *emailAddr = NULL;
-    char *str;
-
-    emailAddr = nsslowcert_EmailName(&cert->derSubject,cert->emailAddrSpace,
-					sizeof(cert->emailAddrSpace));
-    /* couldn't find the email address in the DN, check the subject Alt name */
-    if (!emailAddr && cert->extensions.data) {
-	emailAddr = nsslowcert_EmailAltName(cert, cert->emailAddrSpace,
-					sizeof(cert->emailAddrSpace));
-    }
-
-
-    /* make it lower case */
-    str = emailAddr;
-    while ( str && *str ) {
-	*str = tolower( *str );
-	str++;
-    }
-    return emailAddr;
-
-}
-
-/*
- * take a DER certificate and decode it into a certificate structure
- */
-NSSLOWCERTCertificate *
-nsslowcert_DecodeDERCertificate(SECItem *derSignedCert, char *nickname)
-{
-    NSSLOWCERTCertificate *cert;
-    int rv;
-
-    /* allocate the certificate structure */
-    cert = nsslowcert_CreateCert();
-    
-    if ( !cert ) {
-	goto loser;
-    }
-    
-	/* point to passed in DER data */
-    cert->derCert = *derSignedCert;
-    cert->nickname = NULL;
-    cert->certKey.data = NULL;
-    cert->referenceCount = 1;
-
-    /* decode the certificate info */
-    rv = nsslowcert_GetCertFields(cert->derCert.data, cert->derCert.len,
-	&cert->derIssuer, &cert->serialNumber, &cert->derSN, &cert->derSubject,
-	&cert->validity, &cert->derSubjKeyInfo, &cert->extensions);
-
-    /* cert->subjectKeyID;	 x509v3 subject key identifier */
-    cert->subjectKeyID.data = NULL;
-    cert->subjectKeyID.len = 0;
-    cert->dbEntry = NULL;
-    cert ->trust = NULL;
-    cert ->dbhandle = NULL;
-
-    /* generate and save the database key for the cert */
-    rv = nsslowcert_KeyFromIssuerAndSNStatic(cert->certKeySpace,
-		sizeof(cert->certKeySpace), &cert->derIssuer, 
-		&cert->serialNumber, &cert->certKey);
-    if ( rv ) {
-	goto loser;
-    }
-
-    /* set the nickname */
-    if ( nickname == NULL ) {
-	cert->nickname = NULL;
-    } else {
-	/* copy and install the nickname */
-	cert->nickname = pkcs11_copyNickname(nickname,cert->nicknameSpace,
-				sizeof(cert->nicknameSpace));
-    }
-
-#ifdef FIXME
-    /* initialize the subjectKeyID */
-    rv = cert_GetKeyID(cert);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-#endif
-
-    /* set the email address */
-    cert->emailAddr = nsslowcert_GetCertificateEmailAddress(cert);
-    
-    
-    cert->referenceCount = 1;
-    
-    return(cert);
-    
-loser:
-    if (cert) {
-	nsslowcert_DestroyCertificate(cert);
-    }
-    
-    return(0);
-}
-
-char *
-nsslowcert_FixupEmailAddr(char *emailAddr)
-{
-    char *retaddr;
-    char *str;
-
-    if ( emailAddr == NULL ) {
-	return(NULL);
-    }
-    
-    /* copy the string */
-    str = retaddr = PORT_Strdup(emailAddr);
-    if ( str == NULL ) {
-	return(NULL);
-    }
-    
-    /* make it lower case */
-    while ( *str ) {
-	*str = tolower( *str );
-	str++;
-    }
-    
-    return(retaddr);
-}
-
-
-/*
- * Generate a database key, based on serial number and issuer, from a
- * DER certificate.
- */
-SECStatus
-nsslowcert_KeyFromDERCert(PRArenaPool *arena, SECItem *derCert, SECItem *key)
-{
-    int rv;
-    NSSLOWCERTCertKey certkey;
-
-    PORT_Memset(&certkey, 0, sizeof(NSSLOWCERTCertKey));    
-
-    rv = nsslowcert_GetCertFields(derCert->data, derCert->len,
-	&certkey.derIssuer, &certkey.serialNumber, NULL, NULL, 
-	NULL, NULL, NULL);
-
-    if ( rv ) {
-	goto loser;
-    }
-
-    return(nsslowcert_KeyFromIssuerAndSN(arena, &certkey.derIssuer,
-				   &certkey.serialNumber, key));
-loser:
-    return(SECFailure);
-}
-
-NSSLOWKEYPublicKey *
-nsslowcert_ExtractPublicKey(NSSLOWCERTCertificate *cert)
-{
-    NSSLOWCERTSubjectPublicKeyInfo spki;
-    NSSLOWKEYPublicKey *pubk;
-    SECItem os;
-    SECStatus rv;
-    PRArenaPool *arena;
-    SECOidTag tag;
-    SECItem newDerSubjKeyInfo;
-
-    arena = PORT_NewArena (DER_DEFAULT_CHUNKSIZE);
-    if (arena == NULL)
-        return NULL;
-
-    pubk = (NSSLOWKEYPublicKey *) 
-		PORT_ArenaZAlloc(arena, sizeof(NSSLOWKEYPublicKey));
-    if (pubk == NULL) {
-        PORT_FreeArena (arena, PR_FALSE);
-        return NULL;
-    }
-
-    pubk->arena = arena;
-    PORT_Memset(&spki,0,sizeof(spki));
-
-    /* copy the DER into the arena, since Quick DER returns data that points
-       into the DER input, which may get freed by the caller */
-    rv = SECITEM_CopyItem(arena, &newDerSubjKeyInfo, &cert->derSubjKeyInfo);
-    if ( rv != SECSuccess ) {
-        PORT_FreeArena (arena, PR_FALSE);
-        return NULL;
-    }
-
-    /* we haven't bothered decoding the spki struct yet, do it now */
-    rv = SEC_QuickDERDecodeItem(arena, &spki, 
-		nsslowcert_SubjectPublicKeyInfoTemplate, &newDerSubjKeyInfo);
-    if (rv != SECSuccess) {
- 	PORT_FreeArena (arena, PR_FALSE);
- 	return NULL;
-    }
-
-    /* Convert bit string length from bits to bytes */
-    os = spki.subjectPublicKey;
-    DER_ConvertBitString (&os);
-
-    tag = SECOID_GetAlgorithmTag(&spki.algorithm);
-    switch ( tag ) {
-      case SEC_OID_X500_RSA_ENCRYPTION:
-      case SEC_OID_PKCS1_RSA_ENCRYPTION:
-        pubk->keyType = NSSLOWKEYRSAKey;
-        prepare_low_rsa_pub_key_for_asn1(pubk);
-        rv = SEC_QuickDERDecodeItem(arena, pubk, 
-				nsslowcert_RSAPublicKeyTemplate, &os);
-        if (rv == SECSuccess)
-            return pubk;
-        break;
-      case SEC_OID_ANSIX9_DSA_SIGNATURE:
-        pubk->keyType = NSSLOWKEYDSAKey;
-        prepare_low_dsa_pub_key_for_asn1(pubk);
-        rv = SEC_QuickDERDecodeItem(arena, pubk,
-				 nsslowcert_DSAPublicKeyTemplate, &os);
-        if (rv == SECSuccess) return pubk;
-        break;
-      case SEC_OID_X942_DIFFIE_HELMAN_KEY:
-        pubk->keyType = NSSLOWKEYDHKey;
-        prepare_low_dh_pub_key_for_asn1(pubk);
-        rv = SEC_QuickDERDecodeItem(arena, pubk,
-				 nsslowcert_DHPublicKeyTemplate, &os);
-        if (rv == SECSuccess) return pubk;
-        break;
-#ifdef NSS_ENABLE_ECC
-      case SEC_OID_ANSIX962_EC_PUBLIC_KEY:
-        pubk->keyType = NSSLOWKEYECKey;
-	/* Since PKCS#11 directly takes the DER encoding of EC params
-	 * and public value, we don't need any decoding here.
-	 */
-        rv = SECITEM_CopyItem(arena, &pubk->u.ec.ecParams.DEREncoding, 
-	    &spki.algorithm.parameters);
-        if ( rv != SECSuccess )
-            break;	
-
-	/* Fill out the rest of the ecParams structure 
-	 * based on the encoded params
-	 */
-	if (LGEC_FillParams(arena, &pubk->u.ec.ecParams.DEREncoding,
-	    &pubk->u.ec.ecParams) != SECSuccess) 
-	    break;
-
-        rv = SECITEM_CopyItem(arena, &pubk->u.ec.publicValue, &os);
-	if (rv == SECSuccess) return pubk;
-        break;
-#endif /* NSS_ENABLE_ECC */
-      default:
-        rv = SECFailure;
-        break;
-    }
-
-    nsslowkey_DestroyPublicKey (pubk);
-    return NULL;
-}
-

mozilla/security/nss/lib/softoken/legacydb/lowkey.c

@@ -1,462 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *   Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-#include "lowkeyi.h" 
-#include "secoid.h" 
-#include "secitem.h"
-#include "secder.h" 
-#include "secasn1.h"
-#include "secerr.h" 
-
-static const SEC_ASN1Template nsslowkey_AttributeTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 
-	0, NULL, sizeof(NSSLOWKEYAttribute) },
-    { SEC_ASN1_OBJECT_ID, offsetof(NSSLOWKEYAttribute, attrType) },
-    { SEC_ASN1_SET_OF, offsetof(NSSLOWKEYAttribute, attrValue), 
-	SEC_AnyTemplate },
-    { 0 }
-};
-
-static const SEC_ASN1Template nsslowkey_SetOfAttributeTemplate[] = {
-    { SEC_ASN1_SET_OF, 0, nsslowkey_AttributeTemplate },
-};
-/* ASN1 Templates for new decoder/encoder */
-const SEC_ASN1Template nsslowkey_PrivateKeyInfoTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	0, NULL, sizeof(NSSLOWKEYPrivateKeyInfo) },
-    { SEC_ASN1_INTEGER,
-	offsetof(NSSLOWKEYPrivateKeyInfo,version) },
-    { SEC_ASN1_INLINE,
-	offsetof(NSSLOWKEYPrivateKeyInfo,algorithm),
-	SECOID_AlgorithmIDTemplate },
-    { SEC_ASN1_OCTET_STRING,
-	offsetof(NSSLOWKEYPrivateKeyInfo,privateKey) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
-	offsetof(NSSLOWKEYPrivateKeyInfo, attributes),
-	nsslowkey_SetOfAttributeTemplate },
-    { 0 }
-};
-
-const SEC_ASN1Template nsslowkey_PQGParamsTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(PQGParams) },
-    { SEC_ASN1_INTEGER, offsetof(PQGParams,prime) },
-    { SEC_ASN1_INTEGER, offsetof(PQGParams,subPrime) },
-    { SEC_ASN1_INTEGER, offsetof(PQGParams,base) },
-    { 0, }
-};
-
-const SEC_ASN1Template nsslowkey_RSAPrivateKeyTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPrivateKey) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.version) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.modulus) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.publicExponent) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.privateExponent) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.prime1) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.prime2) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.exponent1) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.exponent2) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.coefficient) },
-    { 0 }                                                                     
-};                                                                            
-
-
-const SEC_ASN1Template nsslowkey_DSAPrivateKeyTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPrivateKey) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dsa.publicValue) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dsa.privateValue) },
-    { 0, }
-};
-
-const SEC_ASN1Template nsslowkey_DSAPrivateKeyExportTemplate[] = {
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dsa.privateValue) },
-};
-
-const SEC_ASN1Template nsslowkey_DHPrivateKeyTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPrivateKey) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dh.publicValue) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dh.privateValue) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dh.base) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dh.prime) },
-    { 0, }
-};
-
-#ifdef NSS_ENABLE_ECC
-
-/* XXX This is just a placeholder for later when we support
- * generic curves and need full-blown support for parsing EC
- * parameters. For now, we only support named curves in which
- * EC params are simply encoded as an object ID and we don't
- * use nsslowkey_ECParamsTemplate.
- */
-const SEC_ASN1Template nsslowkey_ECParamsTemplate[] = {
-    { SEC_ASN1_CHOICE, offsetof(ECParams,type), NULL, sizeof(ECParams) },
-    { SEC_ASN1_OBJECT_ID, offsetof(ECParams,curveOID), NULL, ec_params_named },
-    { 0, }
-};
-
-
-/* NOTE: The SECG specification allows the private key structure
- * to contain curve parameters but recommends that they be stored
- * in the PrivateKeyAlgorithmIdentifier field of the PrivateKeyInfo
- * instead.
- */
-const SEC_ASN1Template nsslowkey_ECPrivateKeyTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPrivateKey) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.ec.version) },
-    { SEC_ASN1_OCTET_STRING, 
-      offsetof(NSSLOWKEYPrivateKey,u.ec.privateValue) },
-    /* XXX The following template works for now since we only
-     * support named curves for which the parameters are
-     * encoded as an object ID. When we support generic curves,
-     * we'll need to define nsslowkey_ECParamsTemplate
-     */
-#if 1
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED |
-      SEC_ASN1_EXPLICIT | SEC_ASN1_CONTEXT_SPECIFIC | 0, 
-      offsetof(NSSLOWKEYPrivateKey,u.ec.ecParams.curveOID), 
-      SEC_ObjectIDTemplate }, 
-#else
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED |
-      SEC_ASN1_EXPLICIT | SEC_ASN1_CONTEXT_SPECIFIC | 0, 
-      offsetof(NSSLOWKEYPrivateKey,u.ec.ecParams), 
-      nsslowkey_ECParamsTemplate }, 
-#endif
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED |
-      SEC_ASN1_EXPLICIT | SEC_ASN1_CONTEXT_SPECIFIC | 1, 
-      offsetof(NSSLOWKEYPrivateKey,u.ec.publicValue),
-      SEC_BitStringTemplate }, 
-    { 0, }
-};
-
-
-/*
- * smaller version of EC_FillParams. In this code, we only need
- * oid and DER data.
- */
-SECStatus
-LGEC_FillParams(PRArenaPool *arena, const SECItem *encodedParams, 
-    ECParams *params)
-{
-    SECOidTag tag;
-    SECItem oid = { siBuffer, NULL, 0};
-
-#if EC_DEBUG
-    int i;
-
-    printf("Encoded params in EC_DecodeParams: ");
-    for (i = 0; i < encodedParams->len; i++) {
-	    printf("%02x:", encodedParams->data[i]);
-    }
-    printf("\n");
-#endif
-
-    oid.len = encodedParams->len - 2;
-    oid.data = encodedParams->data + 2;
-    if ((encodedParams->data[0] != SEC_ASN1_OBJECT_ID) ||
-	((tag = SECOID_FindOIDTag(&oid)) == SEC_OID_UNKNOWN)) { 
-	    PORT_SetError(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE);
-	    return SECFailure;
-    }
-
-    params->arena = arena;
-
-    /* For named curves, fill out curveOID */
-    params->curveOID.len = oid.len;
-    params->curveOID.data = (unsigned char *) PORT_ArenaAlloc(arena, oid.len);
-    if (params->curveOID.data == NULL)  {
-	return SECFailure;
-    }
-    memcpy(params->curveOID.data, oid.data, oid.len);
-
-    return SECSuccess;
-}
-
-/* Copy all of the fields from srcParams into dstParams
- */
-SECStatus
-LGEC_CopyParams(PRArenaPool *arena, ECParams *dstParams,
-	      const ECParams *srcParams)
-{
-    SECStatus rv = SECFailure;
-
-    dstParams->arena = arena;
-    rv = SECITEM_CopyItem(arena, &dstParams->DEREncoding,
-				 &srcParams->DEREncoding);
-    if (rv != SECSuccess) {
-	goto loser;
-    }
-    rv =SECITEM_CopyItem(arena, &dstParams->curveOID,
-				&srcParams->curveOID);
-    if (rv != SECSuccess) {
-	goto loser;
-    }
-
-    return SECSuccess;
-
-loser:
-    return SECFailure;
-}
-#endif /* NSS_ENABLE_ECC */
-/*
- * See bugzilla bug 125359
- * Since NSS (via PKCS#11) wants to handle big integers as unsigned ints,
- * all of the templates above that en/decode into integers must be converted
- * from ASN.1's signed integer type.  This is done by marking either the
- * source or destination (encoding or decoding, respectively) type as
- * siUnsignedInteger.
- */
-
-void
-prepare_low_rsa_priv_key_for_asn1(NSSLOWKEYPrivateKey *key)
-{
-    key->u.rsa.modulus.type = siUnsignedInteger;
-    key->u.rsa.publicExponent.type = siUnsignedInteger;
-    key->u.rsa.privateExponent.type = siUnsignedInteger;
-    key->u.rsa.prime1.type = siUnsignedInteger;
-    key->u.rsa.prime2.type = siUnsignedInteger;
-    key->u.rsa.exponent1.type = siUnsignedInteger;
-    key->u.rsa.exponent2.type = siUnsignedInteger;
-    key->u.rsa.coefficient.type = siUnsignedInteger;
-}
-
-void
-prepare_low_pqg_params_for_asn1(PQGParams *params)
-{
-    params->prime.type = siUnsignedInteger;
-    params->subPrime.type = siUnsignedInteger;
-    params->base.type = siUnsignedInteger;
-}
-
-void
-prepare_low_dsa_priv_key_for_asn1(NSSLOWKEYPrivateKey *key)
-{
-    key->u.dsa.publicValue.type = siUnsignedInteger;
-    key->u.dsa.privateValue.type = siUnsignedInteger;
-    key->u.dsa.params.prime.type = siUnsignedInteger;
-    key->u.dsa.params.subPrime.type = siUnsignedInteger;
-    key->u.dsa.params.base.type = siUnsignedInteger;
-}
-
-void
-prepare_low_dsa_priv_key_export_for_asn1(NSSLOWKEYPrivateKey *key)
-{
-    key->u.dsa.privateValue.type = siUnsignedInteger;
-}
-
-void
-prepare_low_dh_priv_key_for_asn1(NSSLOWKEYPrivateKey *key)
-{
-    key->u.dh.prime.type = siUnsignedInteger;
-    key->u.dh.base.type = siUnsignedInteger;
-    key->u.dh.publicValue.type = siUnsignedInteger;
-    key->u.dh.privateValue.type = siUnsignedInteger;
-}
-
-#ifdef NSS_ENABLE_ECC
-void
-prepare_low_ecparams_for_asn1(ECParams *params)
-{
-    params->DEREncoding.type = siUnsignedInteger;
-    params->curveOID.type = siUnsignedInteger;
-}
-
-void
-prepare_low_ec_priv_key_for_asn1(NSSLOWKEYPrivateKey *key)
-{
-    key->u.ec.version.type = siUnsignedInteger;
-    key->u.ec.ecParams.DEREncoding.type = siUnsignedInteger;
-    key->u.ec.ecParams.curveOID.type = siUnsignedInteger;
-    key->u.ec.privateValue.type = siUnsignedInteger;
-    key->u.ec.publicValue.type = siUnsignedInteger;
-}
-#endif /* NSS_ENABLE_ECC */
-
-void
-nsslowkey_DestroyPrivateKey(NSSLOWKEYPrivateKey *privk)
-{
-    if (privk && privk->arena) {
-	PORT_FreeArena(privk->arena, PR_TRUE);
-    }
-}
-
-void
-nsslowkey_DestroyPublicKey(NSSLOWKEYPublicKey *pubk)
-{
-    if (pubk && pubk->arena) {
-	PORT_FreeArena(pubk->arena, PR_FALSE);
-    }
-}
-unsigned
-nsslowkey_PublicModulusLen(NSSLOWKEYPublicKey *pubk)
-{
-    unsigned char b0;
-
-    /* interpret modulus length as key strength... in
-     * fortezza that's the public key length */
-
-    switch (pubk->keyType) {
-    case NSSLOWKEYRSAKey:
-    	b0 = pubk->u.rsa.modulus.data[0];
-    	return b0 ? pubk->u.rsa.modulus.len : pubk->u.rsa.modulus.len - 1;
-    default:
-	break;
-    }
-    return 0;
-}
-
-unsigned
-nsslowkey_PrivateModulusLen(NSSLOWKEYPrivateKey *privk)
-{
-
-    unsigned char b0;
-
-    switch (privk->keyType) {
-    case NSSLOWKEYRSAKey:
-	b0 = privk->u.rsa.modulus.data[0];
-	return b0 ? privk->u.rsa.modulus.len : privk->u.rsa.modulus.len - 1;
-    default:
-	break;
-    }
-    return 0;
-}
-
-NSSLOWKEYPublicKey *
-nsslowkey_ConvertToPublicKey(NSSLOWKEYPrivateKey *privk)
-{
-    NSSLOWKEYPublicKey *pubk;
-    PLArenaPool *arena;
-
-
-    arena = PORT_NewArena (DER_DEFAULT_CHUNKSIZE);
-    if (arena == NULL) {
-        PORT_SetError (SEC_ERROR_NO_MEMORY);
-        return NULL;
-    }
-
-    switch(privk->keyType) {
-      case NSSLOWKEYRSAKey:
-      case NSSLOWKEYNullKey:
-	pubk = (NSSLOWKEYPublicKey *)PORT_ArenaZAlloc(arena,
-						sizeof (NSSLOWKEYPublicKey));
-	if (pubk != NULL) {
-	    SECStatus rv;
-
-	    pubk->arena = arena;
-	    pubk->keyType = privk->keyType;
-	    if (privk->keyType == NSSLOWKEYNullKey) return pubk;
-	    rv = SECITEM_CopyItem(arena, &pubk->u.rsa.modulus,
-				  &privk->u.rsa.modulus);
-	    if (rv == SECSuccess) {
-		rv = SECITEM_CopyItem (arena, &pubk->u.rsa.publicExponent,
-				       &privk->u.rsa.publicExponent);
-		if (rv == SECSuccess)
-		    return pubk;
-	    }
-	} else {
-	    PORT_SetError (SEC_ERROR_NO_MEMORY);
-	}
-	break;
-      case NSSLOWKEYDSAKey:
-	pubk = (NSSLOWKEYPublicKey *)PORT_ArenaZAlloc(arena,
-						    sizeof(NSSLOWKEYPublicKey));
-	if (pubk != NULL) {
-	    SECStatus rv;
-
-	    pubk->arena = arena;
-	    pubk->keyType = privk->keyType;
-	    rv = SECITEM_CopyItem(arena, &pubk->u.dsa.publicValue,
-				  &privk->u.dsa.publicValue);
-	    if (rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.prime,
-				  &privk->u.dsa.params.prime);
-	    if (rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.subPrime,
-				  &privk->u.dsa.params.subPrime);
-	    if (rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.base,
-				  &privk->u.dsa.params.base);
-	    if (rv == SECSuccess) return pubk;
-	}
-	break;
-      case NSSLOWKEYDHKey:
-	pubk = (NSSLOWKEYPublicKey *)PORT_ArenaZAlloc(arena,
-						    sizeof(NSSLOWKEYPublicKey));
-	if (pubk != NULL) {
-	    SECStatus rv;
-
-	    pubk->arena = arena;
-	    pubk->keyType = privk->keyType;
-	    rv = SECITEM_CopyItem(arena, &pubk->u.dh.publicValue,
-				  &privk->u.dh.publicValue);
-	    if (rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(arena, &pubk->u.dh.prime,
-				  &privk->u.dh.prime);
-	    if (rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(arena, &pubk->u.dh.base,
-				  &privk->u.dh.base);
-	    if (rv == SECSuccess) return pubk;
-	}
-	break;
-#ifdef NSS_ENABLE_ECC
-      case NSSLOWKEYECKey:
-	pubk = (NSSLOWKEYPublicKey *)PORT_ArenaZAlloc(arena,
-						    sizeof(NSSLOWKEYPublicKey));
-	if (pubk != NULL) {
-	    SECStatus rv;
-
-	    pubk->arena = arena;
-	    pubk->keyType = privk->keyType;
-	    rv = SECITEM_CopyItem(arena, &pubk->u.ec.publicValue,
-				  &privk->u.ec.publicValue);
-	    if (rv != SECSuccess) break;
-	    pubk->u.ec.ecParams.arena = arena;
-	    /* Copy the rest of the params */
-	    rv = LGEC_CopyParams(arena, &(pubk->u.ec.ecParams),
-			       &(privk->u.ec.ecParams));
-	    if (rv == SECSuccess) return pubk;
-	}
-	break;
-#endif /* NSS_ENABLE_ECC */
-	/* No Fortezza in Low Key implementations (Fortezza keys aren't
-	 * stored in our data base */
-    default:
-	break;
-    }
-
-    PORT_FreeArena (arena, PR_FALSE);
-    return NULL;
-}
-

mozilla/security/nss/lib/softoken/legacydb/lowkeyi.h

@@ -1,198 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *   Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-/* $Id: lowkeyi.h,v 1.1.2.1 2007-04-03 22:50:02 rrelyea%redhat.com Exp $ */
-
-#ifndef _LOWKEYI_H_
-#define _LOWKEYI_H_
-
-#include "prtypes.h"
-#include "seccomon.h"
-#include "secoidt.h"
-#include "pcertt.h"
-#include "lowkeyti.h"
-#include "sdb.h" 
-
-SEC_BEGIN_PROTOS
-
-/*
- * See bugzilla bug 125359
- * Since NSS (via PKCS#11) wants to handle big integers as unsigned ints,
- * all of the templates above that en/decode into integers must be converted
- * from ASN.1's signed integer type.  This is done by marking either the
- * source or destination (encoding or decoding, respectively) type as
- * siUnsignedInteger.
- */
-extern void prepare_low_rsa_priv_key_for_asn1(NSSLOWKEYPrivateKey *key);
-extern void prepare_low_pqg_params_for_asn1(PQGParams *params);
-extern void prepare_low_dsa_priv_key_for_asn1(NSSLOWKEYPrivateKey *key);
-extern void prepare_low_dsa_priv_key_export_for_asn1(NSSLOWKEYPrivateKey *key);
-extern void prepare_low_dh_priv_key_for_asn1(NSSLOWKEYPrivateKey *key);
-#ifdef NSS_ENABLE_ECC
-extern void prepare_low_ec_priv_key_for_asn1(NSSLOWKEYPrivateKey *key);
-extern void prepare_low_ecparams_for_asn1(ECParams *params);
-#endif /* NSS_ENABLE_ECC */
-
-typedef char * (* NSSLOWKEYDBNameFunc)(void *arg, int dbVersion);
-    
-/*
-** Open a key database.
-*/
-extern NSSLOWKEYDBHandle *nsslowkey_OpenKeyDB(PRBool readOnly,
-					   const char *domain,
-					   const char *prefix,
-					   NSSLOWKEYDBNameFunc namecb,
-					   void *cbarg);
-
-/*
-** Close the specified key database.
-*/
-extern void nsslowkey_CloseKeyDB(NSSLOWKEYDBHandle *handle);
-
-/*
- * Get the version number of the database
- */
-extern int nsslowkey_GetKeyDBVersion(NSSLOWKEYDBHandle *handle);
-
-/*
-** Delete a key from the database
-*/
-extern SECStatus nsslowkey_DeleteKey(NSSLOWKEYDBHandle *handle, 
-				  const SECItem *pubkey);
-
-/*
-** Store a key in the database, indexed by its public key modulus.
-**	"pk" is the private key to store
-**	"f" is a the callback function for getting the password
-**	"arg" is the argument for the callback
-*/
-extern SECStatus nsslowkey_StoreKeyByPublicKey(NSSLOWKEYDBHandle *handle, 
-					    NSSLOWKEYPrivateKey *pk,
-					    SECItem *pubKeyData,
-					    char *nickname,
-					    SDB *sdb);
-
-/* does the key for this cert exist in the database filed by modulus */
-extern PRBool nsslowkey_KeyForCertExists(NSSLOWKEYDBHandle *handle,
-					 NSSLOWCERTCertificate *cert);
-/* does a key with this ID already exist? */
-extern PRBool nsslowkey_KeyForIDExists(NSSLOWKEYDBHandle *handle, SECItem *id);
-
-/*
-** Destroy a private key object.
-**	"key" the object
-**	"freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void nsslowkey_DestroyPrivateKey(NSSLOWKEYPrivateKey *key);
-
-/*
-** Destroy a public key object.
-**	"key" the object
-**	"freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void nsslowkey_DestroyPublicKey(NSSLOWKEYPublicKey *key);
-
-/*
-** Return the modulus length of "pubKey".
-*/
-extern unsigned int nsslowkey_PublicModulusLen(NSSLOWKEYPublicKey *pubKey);
-
-
-/*
-** Return the modulus length of "privKey".
-*/
-extern unsigned int nsslowkey_PrivateModulusLen(NSSLOWKEYPrivateKey *privKey);
-
-
-/*
-** Convert a low private key "privateKey" into a public low key
-*/
-extern NSSLOWKEYPublicKey 
-		*nsslowkey_ConvertToPublicKey(NSSLOWKEYPrivateKey *privateKey);
-
-
-SECStatus
-nsslowkey_UpdateNickname(NSSLOWKEYDBHandle *handle,
-                           NSSLOWKEYPrivateKey *privkey,
-                           SECItem *pubKeyData,
-                           char *nickname,
-                           SDB *sdb);
-
-/* Store key by modulus and specify an encryption algorithm to use.
- *   handle is the pointer to the key database,
- *   privkey is the private key to be stored,
- *   f and arg are the function and arguments to the callback
- *       to get a password,
- *   algorithm is the algorithm which the privKey is to be stored.
- * A return of anything but SECSuccess indicates failure.
- */
-extern SECStatus 
-nsslowkey_StoreKeyByPublicKeyAlg(NSSLOWKEYDBHandle *handle, 
-			      NSSLOWKEYPrivateKey *privkey, 
-			      SECItem *pubKeyData,
-			      char *nickname,
-			      SDB *sdb,
-                              PRBool update); 
-
-/* Find key by modulus.  This function is the inverse of store key
- * by modulus.  An attempt to locate the key with "modulus" is 
- * performed.  If the key is found, the private key is returned,
- * else NULL is returned.
- *   modulus is the modulus to locate
- */
-extern NSSLOWKEYPrivateKey *
-nsslowkey_FindKeyByPublicKey(NSSLOWKEYDBHandle *handle, SECItem *modulus, 
-			  SDB *sdb);
-
-extern char *
-nsslowkey_FindKeyNicknameByPublicKey(NSSLOWKEYDBHandle *handle,
-                                        SECItem *modulus, SDB *sdb);
-
-#ifdef NSS_ENABLE_ECC
-/*
- * smaller version of EC_FillParams. In this code, we only need
- * oid and DER data.
- */
-SECStatus LGEC_FillParams(PRArenaPool *arena, const SECItem *encodedParams, 
-    ECParams *params);
-
-/* Copy all of the fields from srcParams into dstParams */
-SECStatus LGEC_CopyParams(PRArenaPool *arena, ECParams *dstParams,
-	      const ECParams *srcParams);
-#endif
-SEC_END_PROTOS
-
-#endif /* _LOWKEYI_H_ */

mozilla/security/nss/lib/softoken/legacydb/lowkeyti.h

@@ -1,161 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *   Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-#ifndef _LOWKEYTI_H_
-#define _LOWKEYTI_H_ 1
-
-#include "blapit.h"
-#include "prtypes.h"
-#include "plarena.h"
-#include "secitem.h"
-#include "secasn1t.h"
-#include "secoidt.h"
-
-
-/*
- * a key in/for the data base
- */
-struct NSSLOWKEYDBKeyStr {
-    PLArenaPool *arena;
-    int version;
-    char *nickname;
-    SECItem salt;
-    SECItem derPK;
-};
-typedef struct NSSLOWKEYDBKeyStr NSSLOWKEYDBKey;
-
-typedef struct NSSLOWKEYDBHandleStr NSSLOWKEYDBHandle;
-
-#ifdef NSS_USE_KEY4_DB
-#define NSSLOWKEY_DB_FILE_VERSION 4
-#else
-#define NSSLOWKEY_DB_FILE_VERSION 3
-#endif
-
-#define NSSLOWKEY_VERSION	    0	/* what we *create* */
-
-/*
-** Typedef for callback to get a password "key".
-*/
-extern const SEC_ASN1Template nsslowkey_PQGParamsTemplate[];
-extern const SEC_ASN1Template nsslowkey_RSAPrivateKeyTemplate[];
-extern const SEC_ASN1Template nsslowkey_DSAPrivateKeyTemplate[];
-extern const SEC_ASN1Template nsslowkey_DSAPrivateKeyExportTemplate[];
-extern const SEC_ASN1Template nsslowkey_DHPrivateKeyTemplate[];
-extern const SEC_ASN1Template nsslowkey_DHPrivateKeyExportTemplate[];
-#ifdef NSS_ENABLE_ECC
-#define NSSLOWKEY_EC_PRIVATE_KEY_VERSION   1  /* as per SECG 1 C.4 */
-extern const SEC_ASN1Template nsslowkey_ECParamsTemplate[];
-extern const SEC_ASN1Template nsslowkey_ECPrivateKeyTemplate[];
-#endif /* NSS_ENABLE_ECC */
-
-extern const SEC_ASN1Template nsslowkey_PrivateKeyInfoTemplate[];
-extern const SEC_ASN1Template nsslowkey_EncryptedPrivateKeyInfoTemplate[];
-
-/*
- * PKCS #8 attributes
- */
-struct NSSLOWKEYAttributeStr {
-    SECItem attrType;
-    SECItem *attrValue;
-};
-typedef struct NSSLOWKEYAttributeStr NSSLOWKEYAttribute;
-
-/*
-** A PKCS#8 private key info object
-*/
-struct NSSLOWKEYPrivateKeyInfoStr {
-    PLArenaPool *arena;
-    SECItem version;
-    SECAlgorithmID algorithm;
-    SECItem privateKey;
-    NSSLOWKEYAttribute **attributes;
-};
-typedef struct NSSLOWKEYPrivateKeyInfoStr NSSLOWKEYPrivateKeyInfo;
-#define NSSLOWKEY_PRIVATE_KEY_INFO_VERSION	0	/* what we *create* */
-
-/*
-** A PKCS#8 private key info object
-*/
-struct NSSLOWKEYEncryptedPrivateKeyInfoStr {
-    PLArenaPool *arena;
-    SECAlgorithmID algorithm;
-    SECItem encryptedData;
-};
-typedef struct NSSLOWKEYEncryptedPrivateKeyInfoStr NSSLOWKEYEncryptedPrivateKeyInfo;
-
-
-typedef enum { 
-    NSSLOWKEYNullKey = 0, 
-    NSSLOWKEYRSAKey = 1, 
-    NSSLOWKEYDSAKey = 2, 
-    NSSLOWKEYDHKey = 4,
-    NSSLOWKEYECKey = 5
-} NSSLOWKEYType;
-
-/*
-** An RSA public key object.
-*/
-struct NSSLOWKEYPublicKeyStr {
-    PLArenaPool *arena;
-    NSSLOWKEYType keyType ;
-    union {
-        RSAPublicKey rsa;
-	DSAPublicKey dsa;
-	DHPublicKey  dh;
-	ECPublicKey  ec;
-    } u;
-};
-typedef struct NSSLOWKEYPublicKeyStr NSSLOWKEYPublicKey;
-
-/*
-** Low Level private key object
-** This is only used by the raw Crypto engines (crypto), keydb (keydb),
-** and PKCS #11. Everyone else uses the high level key structure.
-*/
-struct NSSLOWKEYPrivateKeyStr {
-    PLArenaPool *arena;
-    NSSLOWKEYType keyType;
-    union {
-        RSAPrivateKey rsa;
-	DSAPrivateKey dsa;
-	DHPrivateKey  dh;
-	ECPrivateKey  ec;
-    } u;
-};
-typedef struct NSSLOWKEYPrivateKeyStr NSSLOWKEYPrivateKey;
-
-#endif	/* _LOWKEYTI_H_ */

mozilla/security/nss/lib/softoken/legacydb/manifest.mn

@@ -1,68 +0,0 @@
-# 
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-CORE_DEPTH = ../../../..
-
-MODULE = nss
-
-REQUIRES = dbm 
-
-LIBRARY_NAME = lgdbm
-LIBRARY_VERSION = 3
-MAPFILE = $(OBJDIR)/lgdbm.def
-
-DEFINES += -DSHLIB_SUFFIX=\"$(DLL_SUFFIX)\" -DSHLIB_PREFIX=\"$(DLL_PREFIX)\" -DSOFTOKEN_LIB_NAME=\"$(notdir $(SHARED_LIBRARY))\"
-
-
-CSRCS = \
-	dbmshim.c \
-	keydb.c \
-	lgattr.c \
-	lgcreate.c \
-	lgdestroy.c \
-	lgfind.c \
-	lginit.c \
-	lgutil.c \
-	lowcert.c \
-	lowkey.c \
-	pcertdb.c \
-	pk11db.c \
-	$(NULL)
-
-ifdef NSS_ENABLE_ECC
-DEFINES += -DNSS_ENABLE_ECC
-endif
-

mozilla/security/nss/lib/softoken/legacydb/pcert.h

@@ -1,261 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-#ifndef _PCERTDB_H_
-#define _PCERTDB_H_
-
-#include "plarena.h"
-#include "prlong.h"
-#include "pcertt.h"
-
-#include "lowkeyti.h" 	/* for struct NSSLOWKEYPublicKeyStr */
-
-SEC_BEGIN_PROTOS
-
-/*
- * initialize any global certificate locks
- */
-SECStatus nsslowcert_InitLocks(void);
-
-/*
-** Add a DER encoded certificate to the permanent database.
-**	"derCert" is the DER encoded certificate.
-**	"nickname" is the nickname to use for the cert
-**	"trust" is the trust parameters for the cert
-*/
-SECStatus nsslowcert_AddPermCert(NSSLOWCERTCertDBHandle *handle, 
-			NSSLOWCERTCertificate *cert,
-				char *nickname, NSSLOWCERTCertTrust *trust);
-SECStatus nsslowcert_AddPermNickname(NSSLOWCERTCertDBHandle *dbhandle,
-				NSSLOWCERTCertificate *cert, char *nickname);
-
-SECStatus nsslowcert_DeletePermCertificate(NSSLOWCERTCertificate *cert);
-
-typedef SECStatus (PR_CALLBACK * PermCertCallback)(NSSLOWCERTCertificate *cert,
-                                                   SECItem *k, void *pdata);
-/*
-** Traverse the entire permanent database, and pass the certs off to a
-** user supplied function.
-**	"certfunc" is the user function to call for each certificate
-**	"udata" is the user's data, which is passed through to "certfunc"
-*/
-SECStatus
-nsslowcert_TraversePermCerts(NSSLOWCERTCertDBHandle *handle,
-		      PermCertCallback certfunc,
-		      void *udata );
-
-PRBool
-nsslowcert_CertDBKeyConflict(SECItem *derCert, NSSLOWCERTCertDBHandle *handle);
-
-certDBEntryRevocation *
-nsslowcert_FindCrlByKey(NSSLOWCERTCertDBHandle *handle,
-					 SECItem *crlKey, PRBool isKRL);
-
-SECStatus
-nsslowcert_DeletePermCRL(NSSLOWCERTCertDBHandle *handle,const SECItem *derName,
-								PRBool isKRL);
-SECStatus
-nsslowcert_AddCrl(NSSLOWCERTCertDBHandle *handle, SECItem *derCrl ,
-				SECItem *derKey, char *url, PRBool isKRL);
-
-NSSLOWCERTCertDBHandle *nsslowcert_GetDefaultCertDB();
-NSSLOWKEYPublicKey *nsslowcert_ExtractPublicKey(NSSLOWCERTCertificate *);
-
-NSSLOWCERTCertificate *
-nsslowcert_NewTempCertificate(NSSLOWCERTCertDBHandle *handle, SECItem *derCert,
-                        char *nickname, PRBool isperm, PRBool copyDER);
-NSSLOWCERTCertificate *
-nsslowcert_DupCertificate(NSSLOWCERTCertificate *cert);
-void nsslowcert_DestroyCertificate(NSSLOWCERTCertificate *cert);
-void nsslowcert_DestroyTrust(NSSLOWCERTTrust *Trust);
-
-/*
- * Lookup a certificate in the databases without locking
- *	"certKey" is the database key to look for
- *
- * XXX - this should be internal, but pkcs 11 needs to call it during a
- * traversal.
- */
-NSSLOWCERTCertificate *
-nsslowcert_FindCertByKey(NSSLOWCERTCertDBHandle *handle, const SECItem *certKey);
-
-/*
- * Lookup trust for a certificate in the databases without locking
- *	"certKey" is the database key to look for
- *
- * XXX - this should be internal, but pkcs 11 needs to call it during a
- * traversal.
- */
-NSSLOWCERTTrust *
-nsslowcert_FindTrustByKey(NSSLOWCERTCertDBHandle *handle, const SECItem *certKey);
-
-/*
-** Generate a certificate key from the issuer and serialnumber, then look it
-** up in the database.  Return the cert if found.
-**	"issuerAndSN" is the issuer and serial number to look for
-*/
-extern NSSLOWCERTCertificate *
-nsslowcert_FindCertByIssuerAndSN (NSSLOWCERTCertDBHandle *handle, NSSLOWCERTIssuerAndSN *issuerAndSN);
-
-/*
-** Generate a certificate key from the issuer and serialnumber, then look it
-** up in the database.  Return the cert if found.
-**	"issuerAndSN" is the issuer and serial number to look for
-*/
-extern NSSLOWCERTTrust *
-nsslowcert_FindTrustByIssuerAndSN (NSSLOWCERTCertDBHandle *handle, NSSLOWCERTIssuerAndSN *issuerAndSN);
-
-/*
-** Find a certificate in the database by a DER encoded certificate
-**	"derCert" is the DER encoded certificate
-*/
-extern NSSLOWCERTCertificate *
-nsslowcert_FindCertByDERCert(NSSLOWCERTCertDBHandle *handle, SECItem *derCert);
-
-/* convert an email address to lower case */
-char *nsslowcert_FixupEmailAddr(char *emailAddr);
-
-/*
-** Decode a DER encoded certificate into an NSSLOWCERTCertificate structure
-**      "derSignedCert" is the DER encoded signed certificate
-**      "copyDER" is true if the DER should be copied, false if the
-**              existing copy should be referenced
-**      "nickname" is the nickname to use in the database.  If it is NULL
-**              then a temporary nickname is generated.
-*/
-extern NSSLOWCERTCertificate *
-nsslowcert_DecodeDERCertificate (SECItem *derSignedCert, char *nickname);
-
-SECStatus
-nsslowcert_KeyFromDERCert(PRArenaPool *arena, SECItem *derCert, SECItem *key);
-
-certDBEntrySMime *
-nsslowcert_ReadDBSMimeEntry(NSSLOWCERTCertDBHandle *certHandle,
-							 char *emailAddr);
-void
-nsslowcert_DestroyDBEntry(certDBEntry *entry);
-
-SECStatus
-nsslowcert_OpenCertDB(NSSLOWCERTCertDBHandle *handle, PRBool readOnly,
-		const char *domain, const char *prefix,
-                NSSLOWCERTDBNameFunc namecb, void *cbarg, PRBool openVolatile);
-
-void
-nsslowcert_ClosePermCertDB(NSSLOWCERTCertDBHandle *handle);
-
-/*
- * is certa newer than certb?  If one is expired, pick the other one.
- */
-PRBool
-nsslowcert_IsNewer(NSSLOWCERTCertificate *certa, NSSLOWCERTCertificate *certb);
-
-
-SECStatus
-nsslowcert_TraverseDBEntries(NSSLOWCERTCertDBHandle *handle,
-		      certDBEntryType type,
-		      SECStatus (* callback)(SECItem *data, SECItem *key,
-					    certDBEntryType type, void *pdata),
-		      void *udata );
-SECStatus
-nsslowcert_TraversePermCertsForSubject(NSSLOWCERTCertDBHandle *handle,
-				 SECItem *derSubject,
-				 NSSLOWCERTCertCallback cb, void *cbarg);
-int
-nsslowcert_NumPermCertsForSubject(NSSLOWCERTCertDBHandle *handle,
-							 SECItem *derSubject);
-SECStatus
-nsslowcert_TraversePermCertsForNickname(NSSLOWCERTCertDBHandle *handle,
-	 	char *nickname, NSSLOWCERTCertCallback cb, void *cbarg);
-
-int
-nsslowcert_NumPermCertsForNickname(NSSLOWCERTCertDBHandle *handle, 
-							char *nickname);
-SECStatus
-nsslowcert_GetCertTrust(NSSLOWCERTCertificate *cert,
-					 NSSLOWCERTCertTrust *trust);
-
-SECStatus
-nsslowcert_SaveSMimeProfile(NSSLOWCERTCertDBHandle *dbhandle, char *emailAddr, 
-	SECItem *derSubject, SECItem *emailProfile, SECItem *profileTime);
-
-/*
- * Change the trust attributes of a certificate and make them permanent
- * in the database.
- */
-SECStatus
-nsslowcert_ChangeCertTrust(NSSLOWCERTCertDBHandle *handle, 
-	  	NSSLOWCERTCertificate *cert, NSSLOWCERTCertTrust *trust);
-
-PRBool
-nsslowcert_needDBVerify(NSSLOWCERTCertDBHandle *handle);
-
-void
-nsslowcert_setDBVerify(NSSLOWCERTCertDBHandle *handle, PRBool value);
-
-PRBool
-nsslowcert_hasTrust(NSSLOWCERTCertTrust *trust);
-
-void
-nsslowcert_DestroyFreeLists(void);
-
-void
-nsslowcert_DestroyGlobalLocks(void);
-
-void
-pkcs11_freeNickname(char *nickname, char *space);
-
-char *
-pkcs11_copyNickname(char *nickname, char *space, int spaceLen);
-
-void
-pkcs11_freeStaticData(unsigned char *data, unsigned char *space);
-
-unsigned char *
-pkcs11_allocStaticData(int datalen, unsigned char *space, int spaceLen);
-
-unsigned char *
-pkcs11_copyStaticData(unsigned char *data, int datalen, unsigned char *space,
-						int spaceLen);
-NSSLOWCERTCertificate *
-nsslowcert_CreateCert(void);
-
-certDBEntry *
-nsslowcert_DecodeAnyDBEntry(SECItem *dbData, const SECItem *dbKey, 
-                            certDBEntryType entryType, void *pdata);
-
-SEC_END_PROTOS
-
- #endif /* _PCERTDB_H_ */

mozilla/security/nss/lib/softoken/legacydb/pcertt.h

@@ -1,450 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-/*
- * certt.h - public data structures for the certificate library
- *
- * $Id: pcertt.h,v 1.1.2.2 2007-05-15 21:59:52 rrelyea%redhat.com Exp $
- */
-#ifndef _PCERTT_H_
-#define _PCERTT_H_
-
-#include "prclist.h"
-#include "pkcs11t.h"
-#include "seccomon.h"
-#include "secoidt.h"
-#include "plarena.h"
-#include "prcvar.h"
-#include "nssilock.h"
-#include "prio.h"
-#include "prmon.h"
-
-/* Non-opaque objects */
-typedef struct NSSLOWCERTCertDBHandleStr               NSSLOWCERTCertDBHandle;
-typedef struct NSSLOWCERTCertKeyStr                    NSSLOWCERTCertKey;
-
-typedef struct NSSLOWCERTTrustStr                      NSSLOWCERTTrust;
-typedef struct NSSLOWCERTCertTrustStr                  NSSLOWCERTCertTrust;
-typedef struct NSSLOWCERTCertificateStr                NSSLOWCERTCertificate;
-typedef struct NSSLOWCERTCertificateListStr            NSSLOWCERTCertificateList;
-typedef struct NSSLOWCERTIssuerAndSNStr                NSSLOWCERTIssuerAndSN;
-typedef struct NSSLOWCERTSignedDataStr                 NSSLOWCERTSignedData;
-typedef struct NSSLOWCERTSubjectPublicKeyInfoStr       NSSLOWCERTSubjectPublicKeyInfo;
-typedef struct NSSLOWCERTValidityStr                   NSSLOWCERTValidity;
-
-/*
-** An X.509 validity object
-*/
-struct NSSLOWCERTValidityStr {
-    PRArenaPool *arena;
-    SECItem notBefore;
-    SECItem notAfter;
-};
-
-/*
- * A serial number and issuer name, which is used as a database key
- */
-struct NSSLOWCERTCertKeyStr {
-    SECItem serialNumber;
-    SECItem derIssuer;
-};
-
-/*
-** A signed data object. Used to implement the "signed" macro used
-** in the X.500 specs.
-*/
-struct NSSLOWCERTSignedDataStr {
-    SECItem data;
-    SECAlgorithmID signatureAlgorithm;
-    SECItem signature;
-};
-
-/*
-** An X.509 subject-public-key-info object
-*/
-struct NSSLOWCERTSubjectPublicKeyInfoStr {
-    PRArenaPool *arena;
-    SECAlgorithmID algorithm;
-    SECItem subjectPublicKey;
-};
-
-typedef struct _certDBEntryCert certDBEntryCert;
-typedef struct _certDBEntryRevocation certDBEntryRevocation;
-
-struct NSSLOWCERTCertTrustStr {
-    unsigned int sslFlags;
-    unsigned int emailFlags;
-    unsigned int objectSigningFlags;
-};
-
-/*
-** PKCS11 Trust representation
-*/
-struct NSSLOWCERTTrustStr {
-    NSSLOWCERTTrust *next;
-    NSSLOWCERTCertDBHandle *dbhandle;
-    SECItem dbKey;			/* database key for this cert */
-    certDBEntryCert *dbEntry;		/* database entry struct */
-    NSSLOWCERTCertTrust *trust;
-    SECItem *derCert;			/* original DER for the cert */
-    unsigned char dbKeySpace[512];
-};
-
-/*
-** An X.509 certificate object (the unsigned form)
-*/
-struct NSSLOWCERTCertificateStr {
-    /* the arena is used to allocate any data structures that have the same
-     * lifetime as the cert.  This is all stuff that hangs off of the cert
-     * structure, and is all freed at the same time.  I is used when the
-     * cert is decoded, destroyed, and at some times when it changes
-     * state
-     */
-    NSSLOWCERTCertificate *next;
-    NSSLOWCERTCertDBHandle *dbhandle;
-
-    SECItem derCert;			/* original DER for the cert */
-    SECItem derIssuer;			/* DER for issuer name */
-    SECItem derSN;
-    SECItem serialNumber;
-    SECItem derSubject;			/* DER for subject name */
-    SECItem derSubjKeyInfo;
-    NSSLOWCERTSubjectPublicKeyInfo *subjectPublicKeyInfo;
-    SECItem certKey;			/* database key for this cert */
-    SECItem validity;
-    certDBEntryCert *dbEntry;		/* database entry struct */
-    SECItem subjectKeyID;	/* x509v3 subject key identifier */
-    SECItem extensions;
-    char *nickname;
-    char *emailAddr;
-    NSSLOWCERTCertTrust *trust;
-
-    /* the reference count is modified whenever someone looks up, dups
-     * or destroys a certificate
-     */
-    int referenceCount;
-
-    char nicknameSpace[200];
-    char emailAddrSpace[200];
-    unsigned char certKeySpace[512];
-};
-
-#define SEC_CERTIFICATE_VERSION_1		0	/* default created */
-#define SEC_CERTIFICATE_VERSION_2		1	/* v2 */
-#define SEC_CERTIFICATE_VERSION_3		2	/* v3 extensions */
-
-#define SEC_CRL_VERSION_1		0	/* default */
-#define SEC_CRL_VERSION_2		1	/* v2 extensions */
-
-struct NSSLOWCERTIssuerAndSNStr {
-    SECItem derIssuer;
-    SECItem serialNumber;
-};
-
-typedef SECStatus (* NSSLOWCERTCertCallback)(NSSLOWCERTCertificate *cert, void *arg);
-
-/* This is the typedef for the callback passed to nsslowcert_OpenCertDB() */
-/* callback to return database name based on version number */
-typedef char * (*NSSLOWCERTDBNameFunc)(void *arg, int dbVersion);
-
-/* XXX Lisa thinks the template declarations belong in cert.h, not here? */
-
-#include "secasn1t.h"	/* way down here because I expect template stuff to
-			 * move out of here anyway */
-
-/*
- * Certificate Database related definitions and data structures
- */
-
-/* version number of certificate database */
-#define CERT_DB_FILE_VERSION		8
-#define CERT_DB_V7_FILE_VERSION		7
-#define CERT_DB_CONTENT_VERSION		2
-
-#define SEC_DB_ENTRY_HEADER_LEN		3
-#define SEC_DB_KEY_HEADER_LEN		1
-
-/* All database entries have this form:
- * 	
- *	byte offset	field
- *	-----------	-----
- *	0		version
- *	1		type
- *	2		flags
- */
-
-/* database entry types */
-typedef enum {
-    certDBEntryTypeVersion = 0,
-    certDBEntryTypeCert = 1,
-    certDBEntryTypeNickname = 2,
-    certDBEntryTypeSubject = 3,
-    certDBEntryTypeRevocation = 4,
-    certDBEntryTypeKeyRevocation = 5,
-    certDBEntryTypeSMimeProfile = 6,
-    certDBEntryTypeContentVersion = 7,
-    certDBEntryTypeBlob = 8
-} certDBEntryType;
-
-typedef struct {
-    certDBEntryType type;
-    unsigned int version;
-    unsigned int flags;
-    PRArenaPool *arena;
-} certDBEntryCommon;
-
-/*
- * Certificate entry:
- *
- *	byte offset	field
- *	-----------	-----
- *	0		sslFlags-msb
- *	1		sslFlags-lsb
- *	2		emailFlags-msb
- *	3		emailFlags-lsb
- *	4		objectSigningFlags-msb
- *	5		objectSigningFlags-lsb
- *	6		derCert-len-msb
- *	7		derCert-len-lsb
- *	8		nickname-len-msb
- *	9		nickname-len-lsb
- *	...		derCert
- *	...		nickname
- *
- * NOTE: the nickname string as stored in the database is null terminated,
- *		in other words, the last byte of the db entry is always 0
- *		if a nickname is present.
- * NOTE: if nickname is not present, then nickname-len-msb and
- *		nickname-len-lsb will both be zero.
- */
-struct _certDBEntryCert {
-    certDBEntryCommon common;
-    certDBEntryCert *next;
-    NSSLOWCERTCertTrust trust;
-    SECItem derCert;
-    char *nickname;
-    char nicknameSpace[200];
-    unsigned char derCertSpace[2048];
-};
-
-/*
- * Certificate Nickname entry:
- *
- *	byte offset	field
- *	-----------	-----
- *	0		subjectname-len-msb
- *	1	        subjectname-len-lsb
- *	2...		subjectname
- *
- * The database key for this type of entry is a nickname string
- * The "subjectname" value is the DER encoded DN of the identity
- *   that matches this nickname.
- */
-typedef struct {
-    certDBEntryCommon common;
-    char *nickname;
-    SECItem subjectName;
-} certDBEntryNickname;
-
-#define DB_NICKNAME_ENTRY_HEADER_LEN 2
-
-/*
- * Certificate Subject entry:
- *
- *	byte offset	field
- *	-----------	-----
- *	0		ncerts-msb
- *	1		ncerts-lsb
- *	2		nickname-msb
- *	3		nickname-lsb
- *	4		emailAddr-msb
- *	5		emailAddr-lsb
- *	...		nickname
- *	...		emailAddr
- *	...+2*i		certkey-len-msb
- *	...+1+2*i       certkey-len-lsb
- *	...+2*ncerts+2*i keyid-len-msb
- *	...+1+2*ncerts+2*i keyid-len-lsb
- *	...		certkeys
- *	...		keyids
- *
- * The database key for this type of entry is the DER encoded subject name
- * The "certkey" value is an array of  certificate database lookup keys that
- *   points to the database entries for the certificates that matche
- *   this subject.
- *
- */
-typedef struct _certDBEntrySubject {
-    certDBEntryCommon common;
-    SECItem derSubject;
-    unsigned int ncerts;
-    char *nickname;
-    SECItem *certKeys;
-    SECItem *keyIDs;
-    char **emailAddrs;
-    unsigned int nemailAddrs;
-} certDBEntrySubject;
-
-#define DB_SUBJECT_ENTRY_HEADER_LEN 6
-
-/*
- * Certificate SMIME profile entry:
- *
- *	byte offset	field
- *	-----------	-----
- *	0		subjectname-len-msb
- *	1	        subjectname-len-lsb
- *	2		smimeoptions-len-msb
- *	3		smimeoptions-len-lsb
- *	4		options-date-len-msb
- *	5		options-date-len-lsb
- *	6...		subjectname
- *	...		smimeoptions
- *	...		options-date
- *
- * The database key for this type of entry is the email address string
- * The "subjectname" value is the DER encoded DN of the identity
- *   that matches this nickname.
- * The "smimeoptions" value is a string that represents the algorithm
- *   capabilities on the remote user.
- * The "options-date" is the date that the smime options value was created.
- *   This is generally the signing time of the signed message that contained
- *   the options.  It is a UTCTime value.
- */
-typedef struct {
-    certDBEntryCommon common;
-    char *emailAddr;
-    SECItem subjectName;
-    SECItem smimeOptions;
-    SECItem optionsDate;
-} certDBEntrySMime;
-
-#define DB_SMIME_ENTRY_HEADER_LEN 6
-
-/*
- * Crl/krl entry:
- *
- *	byte offset	field
- *	-----------	-----
- *	0		derCert-len-msb
- *	1		derCert-len-lsb
- *	2		url-len-msb
- *	3		url-len-lsb
- *	...		derCert
- *	...		url
- *
- * NOTE: the url string as stored in the database is null terminated,
- *		in other words, the last byte of the db entry is always 0
- *		if a nickname is present. 
- * NOTE: if url is not present, then url-len-msb and
- *		url-len-lsb will both be zero.
- */
-#define DB_CRL_ENTRY_HEADER_LEN	4
-struct _certDBEntryRevocation {
-    certDBEntryCommon common;
-    SECItem	derCrl;
-    char	*url;	/* where to load the crl from */
-};
-
-/*
- * Database Version Entry:
- *
- *	byte offset	field
- *	-----------	-----
- *	only the low level header...
- *
- * The database key for this type of entry is the string "Version"
- */
-typedef struct {
-    certDBEntryCommon common;
-} certDBEntryVersion;
-
-#define SEC_DB_VERSION_KEY "Version"
-#define SEC_DB_VERSION_KEY_LEN sizeof(SEC_DB_VERSION_KEY)
-
-/*
- * Database Content Version Entry:
- *
- *	byte offset	field
- *	-----------	-----
- *	0		contentVersion
- *
- * The database key for this type of entry is the string "ContentVersion"
- */
-typedef struct {
-    certDBEntryCommon common;
-    char contentVersion;
-} certDBEntryContentVersion;
-
-#define SEC_DB_CONTENT_VERSION_KEY "ContentVersion"
-#define SEC_DB_CONTENT_VERSION_KEY_LEN sizeof(SEC_DB_CONTENT_VERSION_KEY)
-
-typedef union {
-    certDBEntryCommon         common;
-    certDBEntryCert           cert;
-    certDBEntryContentVersion content;
-    certDBEntryNickname       nickname;
-    certDBEntryRevocation     revocation;
-    certDBEntrySMime          smime;
-    certDBEntrySubject        subject;
-    certDBEntryVersion        version;
-} certDBEntry;
-
-/* length of the fixed part of a database entry */
-#define DBCERT_V4_HEADER_LEN	7
-#define DB_CERT_V5_ENTRY_HEADER_LEN	7
-#define DB_CERT_V6_ENTRY_HEADER_LEN	7
-#define DB_CERT_ENTRY_HEADER_LEN	10
-
-/* common flags for all types of certificates */
-#define CERTDB_VALID_PEER	(1<<0)
-#define CERTDB_TRUSTED		(1<<1)
-#define CERTDB_SEND_WARN	(1<<2)
-#define CERTDB_VALID_CA		(1<<3)
-#define CERTDB_TRUSTED_CA	(1<<4) /* trusted for issuing server certs */
-#define CERTDB_NS_TRUSTED_CA	(1<<5)
-#define CERTDB_USER		(1<<6)
-#define CERTDB_TRUSTED_CLIENT_CA (1<<7) /* trusted for issuing client certs */
-#define CERTDB_INVISIBLE_CA	(1<<8) /* don't show in UI */
-#define CERTDB_GOVT_APPROVED_CA	(1<<9) /* can do strong crypto in export ver */
-#define CERTDB_NOT_TRUSTED	(1<<10) /* explicitly don't trust this cert */
-#define CERTDB_TRUSTED_UNKNOWN	(1<<11) /* accept trust from another source */
-
-/* bits not affected by the CKO_NETSCAPE_TRUST object */
-#define CERTDB_PRESERVE_TRUST_BITS (CERTDB_USER | CERTDB_VALID_PEER | \
-        CERTDB_NS_TRUSTED_CA | CERTDB_VALID_CA | CERTDB_INVISIBLE_CA | \
-                                        CERTDB_GOVT_APPROVED_CA)
-
-#endif /* _PCERTT_H_ */

mozilla/security/nss/lib/softoken/legacydb/pk11db.c

@@ -1,773 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-/* 
- *  The following code handles the storage of PKCS 11 modules used by the
- * NSS. This file is written to abstract away how the modules are
- * stored so we can deside that later.
- */
-
-#include "pk11pars.h"
-#include "lgdb.h"
-#include "mcom_db.h"
-#include "secerr.h"
-
-#define FREE_CLEAR(p) if (p) { PORT_Free(p); p = NULL; }
-
-/* Construct a database key for a given module */
-static SECStatus secmod_MakeKey(DBT *key, char * module) {
-    int len = 0;
-    char *commonName;
-
-    commonName = secmod_argGetParamValue("name",module);
-    if (commonName == NULL) {
-	commonName = secmod_argGetParamValue("library",module);
-    }
-    if (commonName == NULL) return SECFailure;
-    len = PORT_Strlen(commonName);
-    key->data = commonName;
-    key->size = len;
-    return SECSuccess;
-}
-
-/* free out constructed database key */
-static void 
-secmod_FreeKey(DBT *key) 
-{
-    if (key->data) {
-	PORT_Free(key->data);
-    }
-    key->data = NULL;
-    key->size = 0;
-}
-
-typedef struct secmodDataStr secmodData;
-typedef struct secmodSlotDataStr secmodSlotData;
-struct secmodDataStr {
-    unsigned char major;
-    unsigned char minor;
-    unsigned char nameStart[2];
-    unsigned char slotOffset[2];
-    unsigned char internal;
-    unsigned char fips;
-    unsigned char ssl[8];
-    unsigned char trustOrder[4];
-    unsigned char cipherOrder[4];
-    unsigned char reserved1;
-    unsigned char isModuleDB;
-    unsigned char isModuleDBOnly;
-    unsigned char isCritical;
-    unsigned char reserved[4];
-    unsigned char names[6];	/* enough space for the length fields */
-};
-
-struct secmodSlotDataStr {
-    unsigned char slotID[4];
-    unsigned char defaultFlags[4];
-    unsigned char timeout[4];
-    unsigned char askpw;
-    unsigned char hasRootCerts;
-    unsigned char reserved[18]; /* this makes it a round 32 bytes */
-};
-
-#define SECMOD_DB_VERSION_MAJOR 0
-#define SECMOD_DB_VERSION_MINOR 6
-#define SECMOD_DB_EXT1_VERSION_MAJOR 0
-#define SECMOD_DB_EXT1_VERSION_MINOR 6
-#define SECMOD_DB_NOUI_VERSION_MAJOR 0
-#define SECMOD_DB_NOUI_VERSION_MINOR 4
-
-#define SECMOD_PUTSHORT(dest,src) \
-	(dest)[1] = (unsigned char) ((src)&0xff); \
-	(dest)[0] = (unsigned char) (((src) >> 8) & 0xff);
-#define SECMOD_PUTLONG(dest,src) \
-	(dest)[3] = (unsigned char) ((src)&0xff); \
-	(dest)[2] = (unsigned char) (((src) >> 8) & 0xff); \
-	(dest)[1] = (unsigned char) (((src) >> 16) & 0xff); \
-	(dest)[0] = (unsigned char) (((src) >> 24) & 0xff);
-#define SECMOD_GETSHORT(src) \
-	((unsigned short) (((src)[0] << 8) | (src)[1]))
-#define SECMOD_GETLONG(src) \
-	((unsigned long) (( (unsigned long) (src)[0] << 24) | \
-			( (unsigned long) (src)[1] << 16)  | \
-			( (unsigned long) (src)[2] << 8) | \
-			(unsigned long) (src)[3]))
-
-/*
- * build a data base entry from a module 
- */
-static SECStatus 
-secmod_EncodeData(DBT *data, char * module) 
-{
-    secmodData *encoded = NULL;
-    secmodSlotData *slot;
-    unsigned char *dataPtr;
-    unsigned short len, len2 = 0, len3 = 0;
-    int count = 0;
-    unsigned short offset;
-    int dataLen, i;
-    unsigned long order;
-    unsigned long  ssl[2];
-    char *commonName = NULL , *dllName = NULL, *param = NULL, *nss = NULL;
-    char *slotParams, *ciphers;
-    PK11PreSlotInfo *slotInfo = NULL;
-    SECStatus rv = SECFailure;
-
-    rv = secmod_argParseModuleSpec(module,&dllName,&commonName,&param,&nss);
-    if (rv != SECSuccess) return rv;
-    rv = SECFailure;
-
-    if (commonName == NULL) {
-	/* set error */
-	goto loser;
-    }
-
-    len = PORT_Strlen(commonName);
-    if (dllName) {
-    	len2 = PORT_Strlen(dllName);
-    }
-    if (param) {
-	len3 = PORT_Strlen(param);
-    }
-
-    slotParams = secmod_argGetParamValue("slotParams",nss); 
-    slotInfo = secmod_argParseSlotInfo(NULL,slotParams,&count);
-    if (slotParams) PORT_Free(slotParams);
-
-    if (count && slotInfo == NULL) {
-	/* set error */
-	goto loser;
-    }
-
-    dataLen = sizeof(secmodData) + len + len2 + len3 + sizeof(unsigned short) +
-				 count*sizeof(secmodSlotData);
-
-    data->data = (unsigned char *) PORT_ZAlloc(dataLen);
-    encoded = (secmodData *)data->data;
-    dataPtr = (unsigned char *) data->data;
-    data->size = dataLen;
-
-    if (encoded == NULL) {
-	/* set error */
-	goto loser;
-    }
-
-    encoded->major = SECMOD_DB_VERSION_MAJOR;
-    encoded->minor = SECMOD_DB_VERSION_MINOR;
-    encoded->internal = (unsigned char) 
-			(secmod_argHasFlag("flags","internal",nss) ? 1 : 0);
-    encoded->fips = (unsigned char) 
-			(secmod_argHasFlag("flags","FIPS",nss) ? 1 : 0);
-    encoded->isModuleDB = (unsigned char) 
-			(secmod_argHasFlag("flags","isModuleDB",nss) ? 1 : 0);
-    encoded->isModuleDBOnly = (unsigned char) 
-		    (secmod_argHasFlag("flags","isModuleDBOnly",nss) ? 1 : 0);
-    encoded->isCritical = (unsigned char) 
-			(secmod_argHasFlag("flags","critical",nss) ? 1 : 0);
-
-    order = secmod_argReadLong("trustOrder", nss, SECMOD_DEFAULT_TRUST_ORDER, 
-                               NULL);
-    SECMOD_PUTLONG(encoded->trustOrder,order);
-    order = secmod_argReadLong("cipherOrder", nss, SECMOD_DEFAULT_CIPHER_ORDER, 
-                               NULL);
-    SECMOD_PUTLONG(encoded->cipherOrder,order);
-
-   
-    ciphers = secmod_argGetParamValue("ciphers",nss); 
-    secmod_argSetNewCipherFlags(&ssl[0], ciphers);
-    SECMOD_PUTLONG(encoded->ssl,ssl[0]);
-    SECMOD_PUTLONG(&encoded->ssl[4],ssl[1]);
-    if (ciphers) PORT_Free(ciphers);
-
-    offset = (unsigned short) &(((secmodData *)0)->names[0]);
-    SECMOD_PUTSHORT(encoded->nameStart,offset);
-    offset = offset + len + len2 + len3 + 3*sizeof(unsigned short);
-    SECMOD_PUTSHORT(encoded->slotOffset,offset);
-
-
-    SECMOD_PUTSHORT(&dataPtr[offset],((unsigned short)count));
-    slot = (secmodSlotData *)(dataPtr+offset+sizeof(unsigned short));
-
-    offset = 0;
-    SECMOD_PUTSHORT(encoded->names,len);
-    offset += sizeof(unsigned short);
-    PORT_Memcpy(&encoded->names[offset],commonName,len);
-    offset += len;
-
-
-    SECMOD_PUTSHORT(&encoded->names[offset],len2);
-    offset += sizeof(unsigned short);
-    if (len2) PORT_Memcpy(&encoded->names[offset],dllName,len2);
-    offset += len2;
-
-    SECMOD_PUTSHORT(&encoded->names[offset],len3);
-    offset += sizeof(unsigned short);
-    if (len3) PORT_Memcpy(&encoded->names[offset],param,len3);
-    offset += len3;
-
-    if (count) {
-	for (i=0; i < count; i++) {
-	    SECMOD_PUTLONG(slot[i].slotID, slotInfo[i].slotID);
-	    SECMOD_PUTLONG(slot[i].defaultFlags,
-					slotInfo[i].defaultFlags);
-	    SECMOD_PUTLONG(slot[i].timeout,slotInfo[i].timeout);
-	    slot[i].askpw = slotInfo[i].askpw;
-	    slot[i].hasRootCerts = slotInfo[i].hasRootCerts;
-	    PORT_Memset(slot[i].reserved, 0, sizeof(slot[i].reserved));
-	}
-    }
-    rv = SECSuccess;
-
-loser:
-    if (commonName) PORT_Free(commonName);
-    if (dllName) PORT_Free(dllName);
-    if (param) PORT_Free(param);
-    if (slotInfo) PORT_Free(slotInfo);
-    if (nss) PORT_Free(nss);
-    return rv;
-
-}
-
-static void 
-secmod_FreeData(DBT *data)
-{
-    if (data->data) {
-	PORT_Free(data->data);
-    }
-}
-
-static void
-secmod_FreeSlotStrings(char **slotStrings, int count)
-{
-    int i;
-
-    for (i=0; i < count; i++) {
-	if (slotStrings[i]) {
-	    PR_smprintf_free(slotStrings[i]);
-	    slotStrings[i] = NULL;
-	}
-    }
-}
-
-/*
- * build a module from the data base entry.
- */
-static char *
-secmod_DecodeData(char *defParams, DBT *data, PRBool *retInternal)
-{
-    secmodData *encoded;
-    secmodSlotData *slots;
-    PLArenaPool *arena;
-    char *commonName 		= NULL;
-    char *dllName    		= NULL;
-    char *parameters 		= NULL;
-    char *nss;
-    char *moduleSpec;
-    char **slotStrings 		= NULL;
-    unsigned char *names;
-    unsigned long slotCount;
-    unsigned long ssl0		=0;
-    unsigned long ssl1		=0;
-    unsigned long slotID;
-    unsigned long defaultFlags;
-    unsigned long timeout;
-    unsigned long trustOrder	=SECMOD_DEFAULT_TRUST_ORDER;
-    unsigned long cipherOrder	=SECMOD_DEFAULT_CIPHER_ORDER;
-    unsigned short len;
-    unsigned short namesOffset  = 0;	/* start of the names block */
-    unsigned long namesRunningOffset;	/* offset to name we are 
-					 * currently processing */
-    unsigned short slotOffset;
-    PRBool isOldVersion  	= PR_FALSE;
-    PRBool internal;
-    PRBool isFIPS;
-    PRBool isModuleDB    	=PR_FALSE;
-    PRBool isModuleDBOnly	=PR_FALSE;
-    PRBool extended      	=PR_FALSE;
-    int i;
-
-
-    arena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
-    if (arena == NULL) 
-    	return NULL;
-
-#define CHECK_SIZE(x) \
-    if ((unsigned int) data->size < (unsigned int)(x)) goto db_loser
-
-    /* -------------------------------------------------------------
-    ** Process the buffer header, which is the secmodData struct. 
-    ** It may be an old or new version.  Check the length for each. 
-    */
-
-    CHECK_SIZE( offsetof(secmodData, trustOrder[0]) );
-
-    encoded = (secmodData *)data->data;
-
-    internal = (encoded->internal != 0) ? PR_TRUE: PR_FALSE;
-    isFIPS   = (encoded->fips     != 0) ? PR_TRUE: PR_FALSE;
-
-    if (retInternal)
-	*retInternal = internal;
-    if (internal) {
-	parameters = PORT_ArenaStrdup(arena,defParams);
-	if (parameters == NULL) 
-	    goto loser;
-    }
-    if (internal && (encoded->major == SECMOD_DB_NOUI_VERSION_MAJOR) &&
- 	(encoded->minor <= SECMOD_DB_NOUI_VERSION_MINOR)) {
-	isOldVersion = PR_TRUE;
-    }
-    if ((encoded->major == SECMOD_DB_EXT1_VERSION_MAJOR) &&
-	(encoded->minor >= SECMOD_DB_EXT1_VERSION_MINOR)) {
-	CHECK_SIZE( sizeof(secmodData));
-	trustOrder     = SECMOD_GETLONG(encoded->trustOrder);
-	cipherOrder    = SECMOD_GETLONG(encoded->cipherOrder);
-	isModuleDB     = (encoded->isModuleDB != 0) ? PR_TRUE: PR_FALSE;
-	isModuleDBOnly = (encoded->isModuleDBOnly != 0) ? PR_TRUE: PR_FALSE;
-	extended       = PR_TRUE;
-    } 
-    if (internal && !extended) {
-	trustOrder = 0;
-	cipherOrder = 100;
-    }
-    /* decode SSL cipher enable flags */
-    ssl0 = SECMOD_GETLONG(encoded->ssl);
-    ssl1 = SECMOD_GETLONG(encoded->ssl + 4);
-
-    slotOffset  = SECMOD_GETSHORT(encoded->slotOffset);
-    namesOffset = SECMOD_GETSHORT(encoded->nameStart);
-
-
-    /*--------------------------------------------------------------
-    ** Now process the variable length set of names.                
-    ** The names have this structure:
-    ** struct {
-    **     BYTE  commonNameLen[ 2 ];
-    **     BYTE  commonName   [ commonNameLen ];
-    **     BTTE  libNameLen   [ 2 ];
-    **     BYTE  libName      [ libNameLen ];
-    ** If it is "extended" it also has these members:
-    **     BYTE  initStringLen[ 2 ];
-    **     BYTE  initString   [ initStringLen ];
-    ** }
-    */
-
-    namesRunningOffset = namesOffset;
-    /* copy the module's common name */
-    CHECK_SIZE( namesRunningOffset + 2);
-    names = (unsigned char *)data->data;
-    len   = SECMOD_GETSHORT(names+namesRunningOffset);
-
-    CHECK_SIZE( namesRunningOffset + 2 + len);
-    commonName = (char*)PORT_ArenaAlloc(arena,len+1);
-    if (commonName == NULL) 
-	goto loser;
-    PORT_Memcpy(commonName, names + namesRunningOffset + 2, len);
-    commonName[len] = 0;
-    namesRunningOffset += len + 2;
-
-    /* copy the module's shared library file name. */
-    CHECK_SIZE( namesRunningOffset + 2);
-    len = SECMOD_GETSHORT(names + namesRunningOffset);
-    if (len) {
-	CHECK_SIZE( namesRunningOffset + 2 + len);
-	dllName = (char*)PORT_ArenaAlloc(arena,len + 1);
-	if (dllName == NULL) 
-	    goto loser;
-	PORT_Memcpy(dllName, names + namesRunningOffset + 2, len);
-	dllName[len] = 0;
-    }
-    namesRunningOffset += len + 2;
-
-    /* copy the module's initialization string, if present. */
-    if (!internal && extended) {
-	CHECK_SIZE( namesRunningOffset + 2);
-	len = SECMOD_GETSHORT(names+namesRunningOffset);
-	if (len) {
-	    CHECK_SIZE( namesRunningOffset + 2 + len );
-	    parameters = (char*)PORT_ArenaAlloc(arena,len + 1);
-	    if (parameters == NULL) 
-		goto loser;
-	    PORT_Memcpy(parameters,names + namesRunningOffset + 2, len);
-	    parameters[len] = 0;
-	}
-	namesRunningOffset += len + 2;
-    }
-
-    /* 
-     * Consistency check: Make sure the slot and names blocks don't
-     * overlap. These blocks can occur in any order, so this check is made 
-     * in 2 parts. First we check the case where the slot block starts 
-     * after the name block. Later, when we have the slot block length,
-     * we check the case where slot block starts before the name block.
-     * NOTE: in most cases any overlap will likely be detected by invalid 
-     * data read from the blocks, but it's better to find out sooner 
-     * than later.
-     */
-    if (slotOffset >= namesOffset) { /* slot block starts after name block */
-	if (slotOffset < namesRunningOffset) {
-	    goto db_loser;
-	}
-    }
-
-    /* ------------------------------------------------------------------
-    ** Part 3, process the slot table.
-    ** This part has this structure:
-    ** struct {
-    **     BYTE slotCount [ 2 ];
-    **     secmodSlotData [ slotCount ];
-    ** {
-    */
-
-    CHECK_SIZE( slotOffset + 2 );
-    slotCount = SECMOD_GETSHORT((unsigned char *)data->data + slotOffset);
-
-    /* 
-     * Consistency check: Part 2. We now have the slot block length, we can 
-     * check the case where the slotblock procedes the name block.
-     */
-    if (slotOffset < namesOffset) { /* slot block starts before name block */
-	if (namesOffset < slotOffset + 2 + slotCount*sizeof(secmodSlotData)) {
-	    goto db_loser;
-	}
-    }
-
-    CHECK_SIZE( (slotOffset + 2 + slotCount * sizeof(secmodSlotData)));
-    slots = (secmodSlotData *) ((unsigned char *)data->data + slotOffset + 2);
-
-    /*  slotCount; */
-    slotStrings = (char **)PORT_ArenaZAlloc(arena, slotCount * sizeof(char *));
-    if (slotStrings == NULL)
-	goto loser;
-    for (i=0; i < (int) slotCount; i++, slots++) {
-	PRBool hasRootCerts	=PR_FALSE;
-	PRBool hasRootTrust	=PR_FALSE;
-	slotID       = SECMOD_GETLONG(slots->slotID);
-	defaultFlags = SECMOD_GETLONG(slots->defaultFlags);
-	timeout      = SECMOD_GETLONG(slots->timeout);
-	hasRootCerts = slots->hasRootCerts;
-	if (isOldVersion && internal && (slotID != 2)) {
-		unsigned long internalFlags=
-			secmod_argSlotFlags("slotFlags",SECMOD_SLOT_FLAGS);
-		defaultFlags |= internalFlags;
-	}
-	if (hasRootCerts && !extended) {
-	    trustOrder = 100;
-	}
-
-	slotStrings[i] = secmod_mkSlotString(slotID, defaultFlags, timeout, 
-	                                   (unsigned char)slots->askpw, 
-	                                   hasRootCerts, hasRootTrust);
-	if (slotStrings[i] == NULL) {
-	    secmod_FreeSlotStrings(slotStrings,i);
-	    goto loser;
-	}
-    }
-
-    nss = secmod_mkNSS(slotStrings, slotCount, internal, isFIPS, isModuleDB, 
-		     isModuleDBOnly, internal, trustOrder, cipherOrder, 
-		     ssl0, ssl1);
-    secmod_FreeSlotStrings(slotStrings,slotCount);
-    /* it's permissible (and normal) for nss to be NULL. it simply means
-     * there are no NSS specific parameters in the database */
-    moduleSpec = secmod_mkNewModuleSpec(dllName,commonName,parameters,nss);
-    PR_smprintf_free(nss);
-    PORT_FreeArena(arena,PR_TRUE);
-    return moduleSpec;
-
-db_loser:
-    PORT_SetError(SEC_ERROR_BAD_DATABASE);
-loser:
-    PORT_FreeArena(arena,PR_TRUE);
-    return NULL;
-}
-
-static DB *
-secmod_OpenDB(const char *appName, const char *filename, const char *dbName, 
-				PRBool readOnly, PRBool update)
-{
-    DB *pkcs11db = NULL;
-
-
-    if (appName) {
-	char *secname = PORT_Strdup(filename);
-	int len = strlen(secname);
-	int status = RDB_FAIL;
-
-	if (len >= 3 && PORT_Strcmp(&secname[len-3],".db") == 0) {
-	   secname[len-3] = 0;
-	}
-    	pkcs11db=
-	   rdbopen(appName, "", secname, readOnly ? NO_RDONLY:NO_RDWR, NULL);
-	if (update && !pkcs11db) {
-	    DB *updatedb;
-
-    	    pkcs11db = rdbopen(appName, "", secname, NO_CREATE, &status);
-	    if (!pkcs11db) {
-		if (status == RDB_RETRY) {
- 		    pkcs11db= rdbopen(appName, "", secname, 
-					readOnly ? NO_RDONLY:NO_RDWR, NULL);
-		}
-		PORT_Free(secname);
-		return pkcs11db;
-	    }
-	    updatedb = dbopen(dbName, NO_RDONLY, 0600, DB_HASH, 0);
-	    if (updatedb) {
-		db_Copy(pkcs11db,updatedb);
-		(*updatedb->close)(updatedb);
-	    } else {
-		(*pkcs11db->close)(pkcs11db);
-		PORT_Free(secname);
-		return NULL;
-	   }
-	}
-	PORT_Free(secname);
-	return pkcs11db;
-    }
-  
-    /* I'm sure we should do more checks here sometime... */
-    pkcs11db = dbopen(dbName, readOnly ? NO_RDONLY : NO_RDWR, 0600, DB_HASH, 0);
-
-    /* didn't exist? create it */
-    if (pkcs11db == NULL) {
-	 if (readOnly) 
-	     return NULL;
-
-	 pkcs11db = dbopen( dbName, NO_CREATE, 0600, DB_HASH, 0 );
-	 if (pkcs11db) 
-	     (* pkcs11db->sync)(pkcs11db, 0);
-    }
-    return pkcs11db;
-}
-
-static void 
-secmod_CloseDB(DB *pkcs11db) 
-{
-     (*pkcs11db->close)(pkcs11db);
-}
-
-static char *
-secmod_addEscape(const char *string, char quote)
-{
-    char *newString = 0;
-    int escapes = 0, size = 0;
-    const char *src;
-    char *dest;
-
-    for (src=string; *src ; src++) {
-	if ((*src == quote) || (*src == '\\')) escapes++;
-	size++;
-    }
-
-    newString = PORT_ZAlloc(escapes+size+1); 
-    if (newString == NULL) {
-	return NULL;
-    }
-
-    for (src=string, dest=newString; *src; src++,dest++) {
-	if ((*src == '\\') || (*src == quote)) {
-	    *dest++ = '\\';
-	}
-	*dest = *src;
-    }
-
-    return newString;
-}
-
-SECStatus legacy_AddSecmodDB(const char *appName, const char *filename, 
-			const char *dbname, char *module, PRBool rw);
-
-#define SECMOD_STEP 10
-#define SFTK_DEFAULT_INTERNAL_INIT "library= name=\"NSS Internal PKCS #11 Module\" parameters=\"%s\" NSS=\"Flags=internal,critical trustOrder=75 cipherOrder=100 slotParams=(1={%s askpw=any timeout=30})\""
-/*
- * Read all the existing modules in
- */
-char **
-legacy_ReadSecmodDB(const char *appName, const char *filename,
-				const char *dbname, char *params, PRBool rw)
-{
-    DBT key,data;
-    int ret;
-    DB *pkcs11db = NULL;
-    char **moduleList = NULL, **newModuleList = NULL;
-    int moduleCount = 1;
-    int useCount = SECMOD_STEP;
-
-    moduleList = (char **) PORT_ZAlloc(useCount*sizeof(char **));
-    if (moduleList == NULL) return NULL;
-
-    pkcs11db = secmod_OpenDB(appName,filename,dbname,PR_TRUE,rw);
-    if (pkcs11db == NULL) goto done;
-
-    /* read and parse the file or data base */
-    ret = (*pkcs11db->seq)(pkcs11db, &key, &data, R_FIRST);
-    if (ret)  goto done;
-
-
-    do {
-	char *moduleString;
-	PRBool internal = PR_FALSE;
-	if ((moduleCount+1) >= useCount) {
-	    useCount += SECMOD_STEP;
-	    newModuleList =
-		(char **)PORT_Realloc(moduleList,useCount*sizeof(char *));
-	    if (newModuleList == NULL) goto done;
-	    moduleList = newModuleList;
-	    PORT_Memset(&moduleList[moduleCount+1],0,
-						sizeof(char *)*SECMOD_STEP);
-	}
-	moduleString = secmod_DecodeData(params,&data,&internal);
-	if (internal) {
-	    moduleList[0] = moduleString;
-	} else {
-	    moduleList[moduleCount] = moduleString;
-	    moduleCount++;
-	}
-    } while ( (*pkcs11db->seq)(pkcs11db, &key, &data, R_NEXT) == 0);
-
-done:
-    if (!moduleList[0]) {
-	char * newparams = secmod_addEscape(params,'"');
-	if (newparams) {
-	    moduleList[0] = PR_smprintf(SFTK_DEFAULT_INTERNAL_INIT,newparams,
-						SECMOD_SLOT_FLAGS);
-	    PORT_Free(newparams);
-	}
-    }
-    /* deal with trust cert db here */
-
-    if (pkcs11db) {
-	secmod_CloseDB(pkcs11db);
-    } else if (moduleList[0] && rw) {
-	legacy_AddSecmodDB(appName,filename,dbname,moduleList[0], rw) ;
-    }
-    if (!moduleList[0]) {
-	PORT_Free(moduleList);
-	moduleList = NULL;
-    }
-    return moduleList;
-}
-
-SECStatus
-legacy_ReleaseSecmodDBData(const char *appName, const char *filename, 
-			const char *dbname, char **moduleSpecList, PRBool rw)
-{
-    if (moduleSpecList) {
-	char **index;
-	for(index = moduleSpecList; *index; index++) {
-	    PR_smprintf_free(*index);
-	}
-	PORT_Free(moduleSpecList);
-    }
-    return SECSuccess;
-}
-
-/*
- * Delete a module from the Data Base
- */
-SECStatus
-legacy_DeleteSecmodDB(const char *appName, const char *filename, 
-			const char *dbname, char *args, PRBool rw)
-{
-    DBT key;
-    SECStatus rv = SECFailure;
-    DB *pkcs11db = NULL;
-    int ret;
-
-    if (!rw) return SECFailure;
-
-    /* make sure we have a db handle */
-    pkcs11db = secmod_OpenDB(appName,filename,dbname,PR_FALSE,PR_FALSE);
-    if (pkcs11db == NULL) {
-	return SECFailure;
-    }
-
-    rv = secmod_MakeKey(&key,args);
-    if (rv != SECSuccess) goto done;
-    rv = SECFailure;
-    ret = (*pkcs11db->del)(pkcs11db, &key, 0);
-    secmod_FreeKey(&key);
-    if (ret != 0) goto done;
-
-
-    ret = (*pkcs11db->sync)(pkcs11db, 0);
-    if (ret == 0) rv = SECSuccess;
-
-done:
-    secmod_CloseDB(pkcs11db);
-    return rv;
-}
-
-/*
- * Add a module to the Data base 
- */
-SECStatus
-legacy_AddSecmodDB(const char *appName, const char *filename, 
-			const char *dbname, char *module, PRBool rw)
-{
-    DBT key,data;
-    SECStatus rv = SECFailure;
-    DB *pkcs11db = NULL;
-    int ret;
-
-
-    if (!rw) return SECFailure;
-
-    /* make sure we have a db handle */
-    pkcs11db = secmod_OpenDB(appName,filename,dbname,PR_FALSE,PR_FALSE);
-    if (pkcs11db == NULL) {
-	return SECFailure;
-    }
-
-    rv = secmod_MakeKey(&key,module);
-    if (rv != SECSuccess) goto done;
-    rv = secmod_EncodeData(&data,module);
-    if (rv != SECSuccess) {
-	secmod_FreeKey(&key);
-	goto done;
-    }
-    rv = SECFailure;
-    ret = (*pkcs11db->put)(pkcs11db, &key, &data, 0);
-    secmod_FreeKey(&key);
-    secmod_FreeData(&data);
-    if (ret != 0) goto done;
-
-    ret = (*pkcs11db->sync)(pkcs11db, 0);
-    if (ret == 0) rv = SECSuccess;
-
-done:
-    secmod_CloseDB(pkcs11db);
-    return rv;
-}

mozilla/security/nss/lib/softoken/lgglue.c

@@ -1,341 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-/* 
- *  The following code handles the storage of PKCS 11 modules used by the
- * NSS. This file is written to abstract away how the modules are
- * stored so we can deside that later.
- */
-#include "sftkdb.h"
-#include "sdb.h"
-#include "prsystem.h"
-#include "prprf.h" 
-#include "lgglue.h"
-#include "secerr.h"
-
-static LGOpenFunc legacy_glue_open = NULL;
-static LGReadSecmodFunc legacy_glue_readSecmod = NULL;
-static LGReleaseSecmodFunc legacy_glue_releaseSecmod = NULL;
-static LGDeleteSecmodFunc legacy_glue_deleteSecmod = NULL;
-static LGAddSecmodFunc legacy_glue_addSecmod = NULL;
-static LGShutdownFunc legacy_glue_shutdown = NULL;
-
-/*
- * The following 3 functions duplicate the work done by bl_LoadLibrary.
- * We should make bl_LoadLibrary a global and replace the call to
- * sftkdb_LoadLibrary(const char *libname) with it.
- */
-#ifdef XP_UNIX
-#include <unistd.h>
-#define LG_MAX_LINKS 20
-static char *
-sftkdb_resolvePath(const char *orig)
-{
-    int count = 0;
-    int len =0;
-    int ret = -1;
-    char *resolved = NULL;
-    char *source = NULL;
-
-    len = 1025; /* MAX PATH +1*/
-    if (strlen(orig)+1 > len) {
-	/* PATH TOO LONG */
-	return NULL;
-    }
-    resolved = PORT_Alloc(len);
-    if (!resolved) {
-	return NULL;
-    }
-    source = PORT_Alloc(len);
-    if (!source) {
-	goto loser;
-    }
-    PORT_Strcpy(source, orig);
-    /* Walk down all the links */
-    while ( count++ < LG_MAX_LINKS) {
-	char *tmp;
-	/* swap our previous sorce out with resolved */
-	/* read it */
-	ret = readlink(source, resolved, len-1);
-	if (ret  < 0) {
-	    break;
- 	}
-	resolved[ret] = 0;
-	tmp = source; source = resolved; resolved = tmp;
-    }
-    if (count > 1) {
-	ret = 0;
-    }
-loser:
-    if (resolved) {
-	PORT_Free(resolved);
-    }
-    if (ret < 0) {
-	if (source) {
-	    PORT_Free(source);
-	    source = NULL;
-	}
-    }
-    return source;
-}
-
-#endif
-
-static PRLibrary *
-sftkdb_LoadFromPath(const char *path, const char *libname)
-{
-    char *c;
-    int pathLen, nameLen, fullPathLen;
-    char *fullPathName = NULL;
-    PRLibSpec libSpec;
-    PRLibrary *lib = NULL;
-
-
-    /* strip of our parent's library name */ 
-    c = strrchr(path, PR_GetDirectorySeparator());
-    if (!c) {
-	return NULL; /* invalid path */
-    }
-    pathLen = (c-path)+1;
-    nameLen = strlen(libname);
-    fullPathLen = pathLen + nameLen +1;
-    fullPathName = (char *)PORT_Alloc(fullPathLen);
-    if (fullPathName == NULL) {
-	return NULL; /* memory allocation error */
-    }
-    PORT_Memcpy(fullPathName, path, pathLen);
-    PORT_Memcpy(fullPathName+pathLen, libname, nameLen);
-    fullPathName[fullPathLen-1] = 0;
-
-    libSpec.type = PR_LibSpec_Pathname;
-    libSpec.value.pathname = fullPathName;
-    lib = PR_LoadLibraryWithFlags(libSpec, PR_LD_NOW | PR_LD_LOCAL);
-    PORT_Free(fullPathName);
-    return lib;
-}
-
-static PRLibrary *
-sftkdb_LoadLibrary(const char *libname)
-{
-    PRLibrary *lib = NULL;
-    PRFuncPtr fn_addr;
-    char *parentLibPath = NULL;
-
-    fn_addr  = (PRFuncPtr) &sftkdb_LoadLibrary;
-    parentLibPath = PR_GetLibraryFilePathname(SOFTOKEN_LIB_NAME, fn_addr);
-
-    if (!parentLibPath) {
-	goto done;
-    }
-
-    lib = sftkdb_LoadFromPath(parentLibPath, libname);
-#ifdef XP_UNIX
-    /* handle symbolic link case */
-    if (!lib) {
-	char *trueParentLibPath = sftkdb_resolvePath(parentLibPath);
-	if (!trueParentLibPath) {
-	    goto done;
-	}
-    	lib = sftkdb_LoadFromPath(trueParentLibPath, libname);
-	PORT_Free(trueParentLibPath);
-    }
-#endif
-    PORT_Free(parentLibPath);
-
-done:
-    /* still couldn't load it, try the generic path */
-    if (!lib) {
-	PRLibSpec libSpec;
-	libSpec.type = PR_LibSpec_Pathname;
-	libSpec.value.pathname = libname;
-	lib = PR_LoadLibraryWithFlags(libSpec, PR_LD_NOW | PR_LD_LOCAL);
-    }
-    return lib;
-}
-
-static PRLibrary *legacy_glue_lib = NULL;
-static SECStatus 
-sftkdbLoad_Legacy()
-{
-    PRLibrary *lib = NULL;
-    LGSetCryptFunc setCryptFunction = NULL;
-
-    if (legacy_glue_lib) {
-	return SECSuccess;
-    }
-
-    lib = sftkdb_LoadLibrary(SHLIB_PREFIX"lgdbm"SHLIB_VERSION"."SHLIB_SUFFIX);
-    if (lib == NULL) {
-	return SECFailure;
-    }
-    
-    legacy_glue_open = (LGOpenFunc)PR_FindFunctionSymbol(lib, "legacy_Open");
-    legacy_glue_readSecmod = (LGReadSecmodFunc) PR_FindFunctionSymbol(lib,
-						 "legacy_ReadSecmodDB");
-    legacy_glue_releaseSecmod = (LGReleaseSecmodFunc) PR_FindFunctionSymbol(lib,
-					 	 "legacy_ReleaseSecmodDBData");
-    legacy_glue_deleteSecmod = (LGDeleteSecmodFunc) PR_FindFunctionSymbol(lib,
-						 "legacy_DeleteSecmodDB");
-    legacy_glue_addSecmod = (LGAddSecmodFunc)PR_FindFunctionSymbol(lib, 
-						 "legacy_AddSecmodDB");
-    legacy_glue_shutdown = (LGShutdownFunc) PR_FindFunctionSymbol(lib, 
-						"legacy_Shutdown");
-    setCryptFunction = (LGSetCryptFunc) PR_FindFunctionSymbol(lib, 
-						"legacy_SetCryptFunctions");
-
-    if (!legacy_glue_open || !legacy_glue_readSecmod || 
-	    !legacy_glue_releaseSecmod || !legacy_glue_deleteSecmod || 
-	    !legacy_glue_addSecmod || !setCryptFunction) {
-	PR_UnloadLibrary(lib);
-	return SECFailure;
-    }
-    setCryptFunction(sftkdb_encrypt_stub,sftkdb_decrypt_stub);
-    legacy_glue_lib = lib;
-    return SECSuccess;
-}
-
-CK_RV
-sftkdbCall_open(const char *dir, const char *certPrefix, const char *keyPrefix, 
-		int certVersion, int keyVersion, int flags, 
-		SDB **certDB, SDB **keyDB)
-{
-    SECStatus rv;
-
-    rv = sftkdbLoad_Legacy();
-    if (rv != SECSuccess) {
-	return CKR_GENERAL_ERROR;
-    }
-    if (!legacy_glue_open) {
-	PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-	return SECFailure;
-    }
-    return (*legacy_glue_open)(dir, certPrefix, keyPrefix, 
-				certVersion, keyVersion,
-				flags, certDB, keyDB);
-}
-
-char **
-sftkdbCall_ReadSecmodDB(const char *appName, const char *filename, 
-			const char *dbname, char *params, PRBool rw)
-{
-    SECStatus rv;
-
-    rv = sftkdbLoad_Legacy();
-    if (rv != SECSuccess) {
-	return NULL;
-    }
-    if (!legacy_glue_readSecmod) {
-	PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-	return NULL;
-    }
-    return (*legacy_glue_readSecmod)(appName, filename, dbname, params, rw);
-}
-
-SECStatus
-sftkdbCall_ReleaseSecmodDBData(const char *appName, 
-			const char *filename, const char *dbname, 
-			char **moduleSpecList, PRBool rw)
-{
-    SECStatus rv;
-
-    rv = sftkdbLoad_Legacy();
-    if (rv != SECSuccess) {
-	return rv;
-    }
-    if (!legacy_glue_releaseSecmod) {
-	PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-	return SECFailure;
-    }
-    return (*legacy_glue_releaseSecmod)(appName, filename, dbname, 
-					  moduleSpecList, rw);
-}
-
-SECStatus
-sftkdbCall_DeleteSecmodDB(const char *appName, 
-		      const char *filename, const char *dbname, 
-		      char *args, PRBool rw)
-{
-    SECStatus rv;
-
-    rv = sftkdbLoad_Legacy();
-    if (rv != SECSuccess) {
-	return rv;
-    }
-    if (!legacy_glue_deleteSecmod) {
-	PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-	return SECFailure;
-    }
-    return (*legacy_glue_deleteSecmod)(appName, filename, dbname, args, rw);
-}
-
-SECStatus
-sftkdbCall_AddSecmodDB(const char *appName, 
-		   const char *filename, const char *dbname, 
-		   char *module, PRBool rw)
-{
-    SECStatus rv;
-
-    rv = sftkdbLoad_Legacy();
-    if (rv != SECSuccess) {
-	return rv;
-    }
-    if (!legacy_glue_addSecmod) {
-	PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-	return SECFailure;
-    }
-    return (*legacy_glue_addSecmod)(appName, filename, dbname, module, rw);
-}
-
-CK_RV
-sftkdbCall_Shutdown(void)
-{
-    CK_RV crv = CKR_OK;
-    if (legacy_glue_lib) {
-	return CKR_OK;
-    }
-    if (legacy_glue_shutdown) {
-	crv = (*legacy_glue_shutdown)();
-    }
-    PR_UnloadLibrary(legacy_glue_lib);
-    legacy_glue_lib = NULL;
-    legacy_glue_open = NULL;
-    legacy_glue_readSecmod = NULL;
-    legacy_glue_releaseSecmod = NULL;
-    legacy_glue_deleteSecmod = NULL;
-    legacy_glue_addSecmod = NULL;
-    return crv;
-}
-    
-

mozilla/security/nss/lib/softoken/lgglue.h

@@ -1,92 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-/* 
- * This code defines the glue layer between softoken and the legacy DB library
- */
-#include "sdb.h"
-
-/*
- * function prototypes for the callbacks into softoken from the legacyDB
- */
-
-typedef SECStatus (*LGEncryptFunc)(PRArenaPool *arena, SDB *sdb, 
-				  SECItem *plainText, SECItem **cipherText);
-typedef SECStatus (*LGDecryptFunc)(SDB *sdb, SECItem *cipherText, 
-				   SECItem **plainText);
-
-/*
- * function prototypes for the exported functions.
- */
-typedef CK_RV (*LGOpenFunc) (const char *dir, const char *certPrefix, 
-		const char *keyPrefix, 
-		int certVersion, int keyVersion, int flags, 
-		SDB **certDB, SDB **keyDB);
-typedef char ** (*LGReadSecmodFunc)(const char *appName, 
-			const char *filename, 
-			const char *dbname, char *params, PRBool rw);
-typedef SECStatus (*LGReleaseSecmodFunc)(const char *appName,
-			const char *filename, 
-			const char *dbname, char **params, PRBool rw);
-typedef SECStatus (*LGDeleteSecmodFunc)(const char *appName,
-			const char *filename, 
-			const char *dbname, char *params, PRBool rw);
-typedef SECStatus (*LGAddSecmodFunc)(const char *appName, 
-			const char *filename, 
-			const char *dbname, char *params, PRBool rw);
-typedef SECStatus (*LGShutdownFunc)(void);
-typedef void (*LGSetCryptFunc)(LGEncryptFunc, LGDecryptFunc);
-
-
-/*
- * Softoken Glue Functions
- */
-CK_RV sftkdbCall_open(const char *dir, const char *certPrefix, 
-		const char *keyPrefix, 
-		int certVersion, int keyVersion, int flags, 
-		SDB **certDB, SDB **keyDB);
-char ** sftkdbCall_ReadSecmodDB(const char *appName, const char *filename, 
-			const char *dbname, char *params, PRBool rw);
-SECStatus sftkdbCall_ReleaseSecmodDBData(const char *appName, 
-			const char *filename, const char *dbname, 
-			char **moduleSpecList, PRBool rw);
-SECStatus sftkdbCall_DeleteSecmodDB(const char *appName, 
-		      const char *filename, const char *dbname, 
-		      char *args, PRBool rw);
-SECStatus sftkdbCall_AddSecmodDB(const char *appName, 
-		   const char *filename, const char *dbname, 
-		   char *module, PRBool rw);
-CK_RV sftkdbCall_Shutdown(void);
-

mozilla/security/nss/lib/softoken/lowkey.c

@@ -1,517 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *   Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-#include "lowkeyi.h"
-#include "secoid.h"
-#include "secitem.h"
-#include "secder.h"
-#include "base64.h"
-#include "secasn1.h"
-#include "secerr.h"
-
-#ifdef NSS_ENABLE_ECC
-#include "softoken.h"
-#endif
-
-const SEC_ASN1Template nsslowkey_AttributeTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 
-	0, NULL, sizeof(NSSLOWKEYAttribute) },
-    { SEC_ASN1_OBJECT_ID, offsetof(NSSLOWKEYAttribute, attrType) },
-    { SEC_ASN1_SET_OF, offsetof(NSSLOWKEYAttribute, attrValue), 
-	SEC_AnyTemplate },
-    { 0 }
-};
-
-const SEC_ASN1Template nsslowkey_SetOfAttributeTemplate[] = {
-    { SEC_ASN1_SET_OF, 0, nsslowkey_AttributeTemplate },
-};
-/* ASN1 Templates for new decoder/encoder */
-const SEC_ASN1Template nsslowkey_PrivateKeyInfoTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	0, NULL, sizeof(NSSLOWKEYPrivateKeyInfo) },
-    { SEC_ASN1_INTEGER,
-	offsetof(NSSLOWKEYPrivateKeyInfo,version) },
-    { SEC_ASN1_INLINE,
-	offsetof(NSSLOWKEYPrivateKeyInfo,algorithm),
-	SECOID_AlgorithmIDTemplate },
-    { SEC_ASN1_OCTET_STRING,
-	offsetof(NSSLOWKEYPrivateKeyInfo,privateKey) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
-	offsetof(NSSLOWKEYPrivateKeyInfo, attributes),
-	nsslowkey_SetOfAttributeTemplate },
-    { 0 }
-};
-
-const SEC_ASN1Template nsslowkey_PQGParamsTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(PQGParams) },
-    { SEC_ASN1_INTEGER, offsetof(PQGParams,prime) },
-    { SEC_ASN1_INTEGER, offsetof(PQGParams,subPrime) },
-    { SEC_ASN1_INTEGER, offsetof(PQGParams,base) },
-    { 0, }
-};
-
-const SEC_ASN1Template nsslowkey_RSAPrivateKeyTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPrivateKey) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.version) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.modulus) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.publicExponent) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.privateExponent) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.prime1) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.prime2) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.exponent1) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.exponent2) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.coefficient) },
-    { 0 }                                                                     
-};                                                                            
-
-
-const SEC_ASN1Template nsslowkey_DSAPrivateKeyTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPrivateKey) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dsa.publicValue) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dsa.privateValue) },
-    { 0, }
-};
-
-const SEC_ASN1Template nsslowkey_DSAPrivateKeyExportTemplate[] = {
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dsa.privateValue) },
-};
-
-const SEC_ASN1Template nsslowkey_DHPrivateKeyTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPrivateKey) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dh.publicValue) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dh.privateValue) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dh.base) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dh.prime) },
-    { 0, }
-};
-
-#ifdef NSS_ENABLE_ECC
-
-/* XXX This is just a placeholder for later when we support
- * generic curves and need full-blown support for parsing EC
- * parameters. For now, we only support named curves in which
- * EC params are simply encoded as an object ID and we don't
- * use nsslowkey_ECParamsTemplate.
- */
-const SEC_ASN1Template nsslowkey_ECParamsTemplate[] = {
-    { SEC_ASN1_CHOICE, offsetof(ECParams,type), NULL, sizeof(ECParams) },
-    { SEC_ASN1_OBJECT_ID, offsetof(ECParams,curveOID), NULL, ec_params_named },
-    { 0, }
-};
-
-
-/* NOTE: The SECG specification allows the private key structure
- * to contain curve parameters but recommends that they be stored
- * in the PrivateKeyAlgorithmIdentifier field of the PrivateKeyInfo
- * instead.
- */
-const SEC_ASN1Template nsslowkey_ECPrivateKeyTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPrivateKey) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.ec.version) },
-    { SEC_ASN1_OCTET_STRING, 
-      offsetof(NSSLOWKEYPrivateKey,u.ec.privateValue) },
-    /* XXX The following template works for now since we only
-     * support named curves for which the parameters are
-     * encoded as an object ID. When we support generic curves,
-     * we'll need to define nsslowkey_ECParamsTemplate
-     */
-#if 1
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED |
-      SEC_ASN1_EXPLICIT | SEC_ASN1_CONTEXT_SPECIFIC | 0, 
-      offsetof(NSSLOWKEYPrivateKey,u.ec.ecParams.curveOID), 
-      SEC_ObjectIDTemplate }, 
-#else
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED |
-      SEC_ASN1_EXPLICIT | SEC_ASN1_CONTEXT_SPECIFIC | 0, 
-      offsetof(NSSLOWKEYPrivateKey,u.ec.ecParams), 
-      nsslowkey_ECParamsTemplate }, 
-#endif
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED |
-      SEC_ASN1_EXPLICIT | SEC_ASN1_CONTEXT_SPECIFIC | 1, 
-      offsetof(NSSLOWKEYPrivateKey,u.ec.publicValue),
-      SEC_BitStringTemplate }, 
-    { 0, }
-};
-#endif /* NSS_ENABLE_ECC */
-/*
- * See bugzilla bug 125359
- * Since NSS (via PKCS#11) wants to handle big integers as unsigned ints,
- * all of the templates above that en/decode into integers must be converted
- * from ASN.1's signed integer type.  This is done by marking either the
- * source or destination (encoding or decoding, respectively) type as
- * siUnsignedInteger.
- */
-
-void
-prepare_low_rsa_priv_key_for_asn1(NSSLOWKEYPrivateKey *key)
-{
-    key->u.rsa.modulus.type = siUnsignedInteger;
-    key->u.rsa.publicExponent.type = siUnsignedInteger;
-    key->u.rsa.privateExponent.type = siUnsignedInteger;
-    key->u.rsa.prime1.type = siUnsignedInteger;
-    key->u.rsa.prime2.type = siUnsignedInteger;
-    key->u.rsa.exponent1.type = siUnsignedInteger;
-    key->u.rsa.exponent2.type = siUnsignedInteger;
-    key->u.rsa.coefficient.type = siUnsignedInteger;
-}
-
-void
-prepare_low_pqg_params_for_asn1(PQGParams *params)
-{
-    params->prime.type = siUnsignedInteger;
-    params->subPrime.type = siUnsignedInteger;
-    params->base.type = siUnsignedInteger;
-}
-
-void
-prepare_low_dsa_priv_key_for_asn1(NSSLOWKEYPrivateKey *key)
-{
-    key->u.dsa.publicValue.type = siUnsignedInteger;
-    key->u.dsa.privateValue.type = siUnsignedInteger;
-    key->u.dsa.params.prime.type = siUnsignedInteger;
-    key->u.dsa.params.subPrime.type = siUnsignedInteger;
-    key->u.dsa.params.base.type = siUnsignedInteger;
-}
-
-void
-prepare_low_dsa_priv_key_export_for_asn1(NSSLOWKEYPrivateKey *key)
-{
-    key->u.dsa.privateValue.type = siUnsignedInteger;
-}
-
-void
-prepare_low_dh_priv_key_for_asn1(NSSLOWKEYPrivateKey *key)
-{
-    key->u.dh.prime.type = siUnsignedInteger;
-    key->u.dh.base.type = siUnsignedInteger;
-    key->u.dh.publicValue.type = siUnsignedInteger;
-    key->u.dh.privateValue.type = siUnsignedInteger;
-}
-
-#ifdef NSS_ENABLE_ECC
-void
-prepare_low_ecparams_for_asn1(ECParams *params)
-{
-    params->DEREncoding.type = siUnsignedInteger;
-    params->curveOID.type = siUnsignedInteger;
-}
-
-void
-prepare_low_ec_priv_key_for_asn1(NSSLOWKEYPrivateKey *key)
-{
-    key->u.ec.version.type = siUnsignedInteger;
-    key->u.ec.ecParams.DEREncoding.type = siUnsignedInteger;
-    key->u.ec.ecParams.curveOID.type = siUnsignedInteger;
-    key->u.ec.privateValue.type = siUnsignedInteger;
-    key->u.ec.publicValue.type = siUnsignedInteger;
-}
-#endif /* NSS_ENABLE_ECC */
-
-void
-nsslowkey_DestroyPrivateKey(NSSLOWKEYPrivateKey *privk)
-{
-    if (privk && privk->arena) {
-	PORT_FreeArena(privk->arena, PR_TRUE);
-    }
-}
-
-void
-nsslowkey_DestroyPublicKey(NSSLOWKEYPublicKey *pubk)
-{
-    if (pubk && pubk->arena) {
-	PORT_FreeArena(pubk->arena, PR_FALSE);
-    }
-}
-unsigned
-nsslowkey_PublicModulusLen(NSSLOWKEYPublicKey *pubk)
-{
-    unsigned char b0;
-
-    /* interpret modulus length as key strength... in
-     * fortezza that's the public key length */
-
-    switch (pubk->keyType) {
-    case NSSLOWKEYRSAKey:
-    	b0 = pubk->u.rsa.modulus.data[0];
-    	return b0 ? pubk->u.rsa.modulus.len : pubk->u.rsa.modulus.len - 1;
-    default:
-	break;
-    }
-    return 0;
-}
-
-unsigned
-nsslowkey_PrivateModulusLen(NSSLOWKEYPrivateKey *privk)
-{
-
-    unsigned char b0;
-
-    switch (privk->keyType) {
-    case NSSLOWKEYRSAKey:
-	b0 = privk->u.rsa.modulus.data[0];
-	return b0 ? privk->u.rsa.modulus.len : privk->u.rsa.modulus.len - 1;
-    default:
-	break;
-    }
-    return 0;
-}
-
-NSSLOWKEYPublicKey *
-nsslowkey_ConvertToPublicKey(NSSLOWKEYPrivateKey *privk)
-{
-    NSSLOWKEYPublicKey *pubk;
-    PLArenaPool *arena;
-
-
-    arena = PORT_NewArena (DER_DEFAULT_CHUNKSIZE);
-    if (arena == NULL) {
-        PORT_SetError (SEC_ERROR_NO_MEMORY);
-        return NULL;
-    }
-
-    switch(privk->keyType) {
-      case NSSLOWKEYRSAKey:
-      case NSSLOWKEYNullKey:
-	pubk = (NSSLOWKEYPublicKey *)PORT_ArenaZAlloc(arena,
-						sizeof (NSSLOWKEYPublicKey));
-	if (pubk != NULL) {
-	    SECStatus rv;
-
-	    pubk->arena = arena;
-	    pubk->keyType = privk->keyType;
-	    if (privk->keyType == NSSLOWKEYNullKey) return pubk;
-	    rv = SECITEM_CopyItem(arena, &pubk->u.rsa.modulus,
-				  &privk->u.rsa.modulus);
-	    if (rv == SECSuccess) {
-		rv = SECITEM_CopyItem (arena, &pubk->u.rsa.publicExponent,
-				       &privk->u.rsa.publicExponent);
-		if (rv == SECSuccess)
-		    return pubk;
-	    }
-	} else {
-	    PORT_SetError (SEC_ERROR_NO_MEMORY);
-	}
-	break;
-      case NSSLOWKEYDSAKey:
-	pubk = (NSSLOWKEYPublicKey *)PORT_ArenaZAlloc(arena,
-						    sizeof(NSSLOWKEYPublicKey));
-	if (pubk != NULL) {
-	    SECStatus rv;
-
-	    pubk->arena = arena;
-	    pubk->keyType = privk->keyType;
-	    rv = SECITEM_CopyItem(arena, &pubk->u.dsa.publicValue,
-				  &privk->u.dsa.publicValue);
-	    if (rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.prime,
-				  &privk->u.dsa.params.prime);
-	    if (rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.subPrime,
-				  &privk->u.dsa.params.subPrime);
-	    if (rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.base,
-				  &privk->u.dsa.params.base);
-	    if (rv == SECSuccess) return pubk;
-	}
-	break;
-      case NSSLOWKEYDHKey:
-	pubk = (NSSLOWKEYPublicKey *)PORT_ArenaZAlloc(arena,
-						    sizeof(NSSLOWKEYPublicKey));
-	if (pubk != NULL) {
-	    SECStatus rv;
-
-	    pubk->arena = arena;
-	    pubk->keyType = privk->keyType;
-	    rv = SECITEM_CopyItem(arena, &pubk->u.dh.publicValue,
-				  &privk->u.dh.publicValue);
-	    if (rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(arena, &pubk->u.dh.prime,
-				  &privk->u.dh.prime);
-	    if (rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(arena, &pubk->u.dh.base,
-				  &privk->u.dh.base);
-	    if (rv == SECSuccess) return pubk;
-	}
-	break;
-#ifdef NSS_ENABLE_ECC
-      case NSSLOWKEYECKey:
-	pubk = (NSSLOWKEYPublicKey *)PORT_ArenaZAlloc(arena,
-						    sizeof(NSSLOWKEYPublicKey));
-	if (pubk != NULL) {
-	    SECStatus rv;
-
-	    pubk->arena = arena;
-	    pubk->keyType = privk->keyType;
-	    rv = SECITEM_CopyItem(arena, &pubk->u.ec.publicValue,
-				  &privk->u.ec.publicValue);
-	    if (rv != SECSuccess) break;
-	    pubk->u.ec.ecParams.arena = arena;
-	    /* Copy the rest of the params */
-	    rv = EC_CopyParams(arena, &(pubk->u.ec.ecParams),
-			       &(privk->u.ec.ecParams));
-	    if (rv == SECSuccess) return pubk;
-	}
-	break;
-#endif /* NSS_ENABLE_ECC */
-	/* No Fortezza in Low Key implementations (Fortezza keys aren't
-	 * stored in our data base */
-    default:
-	break;
-    }
-
-    PORT_FreeArena (arena, PR_FALSE);
-    return NULL;
-}
-
-NSSLOWKEYPrivateKey *
-nsslowkey_CopyPrivateKey(NSSLOWKEYPrivateKey *privKey)
-{
-    NSSLOWKEYPrivateKey *returnKey = NULL;
-    SECStatus rv = SECFailure;
-    PLArenaPool *poolp;
-
-    if(!privKey) {
-	return NULL;
-    }
-
-    poolp = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if(!poolp) {
-	return NULL;
-    }
-
-    returnKey = (NSSLOWKEYPrivateKey*)PORT_ArenaZAlloc(poolp, sizeof(NSSLOWKEYPrivateKey));
-    if(!returnKey) {
-	rv = SECFailure;
-	goto loser;
-    }
-
-    returnKey->keyType = privKey->keyType;
-    returnKey->arena = poolp;
-
-    switch(privKey->keyType) {
-	case NSSLOWKEYRSAKey:
-	    rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.modulus), 
-	    				&(privKey->u.rsa.modulus));
-	    if(rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.version), 
-	    				&(privKey->u.rsa.version));
-	    if(rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.publicExponent), 
-	    				&(privKey->u.rsa.publicExponent));
-	    if(rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.privateExponent), 
-	    				&(privKey->u.rsa.privateExponent));
-	    if(rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.prime1), 
-	    				&(privKey->u.rsa.prime1));
-	    if(rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.prime2), 
-	    				&(privKey->u.rsa.prime2));
-	    if(rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.exponent1), 
-	    				&(privKey->u.rsa.exponent1));
-	    if(rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.exponent2), 
-	    				&(privKey->u.rsa.exponent2));
-	    if(rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.coefficient), 
-	    				&(privKey->u.rsa.coefficient));
-	    if(rv != SECSuccess) break;
-	    break;
-	case NSSLOWKEYDSAKey:
-	    rv = SECITEM_CopyItem(poolp, &(returnKey->u.dsa.publicValue),
-	    				&(privKey->u.dsa.publicValue));
-	    if(rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(poolp, &(returnKey->u.dsa.privateValue),
-	    				&(privKey->u.dsa.privateValue));
-	    if(rv != SECSuccess) break;
-	    returnKey->u.dsa.params.arena = poolp;
-	    rv = SECITEM_CopyItem(poolp, &(returnKey->u.dsa.params.prime),
-					&(privKey->u.dsa.params.prime));
-	    if(rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(poolp, &(returnKey->u.dsa.params.subPrime),
-					&(privKey->u.dsa.params.subPrime));
-	    if(rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(poolp, &(returnKey->u.dsa.params.base),
-					&(privKey->u.dsa.params.base));
-	    if(rv != SECSuccess) break;
-	    break;
-	case NSSLOWKEYDHKey:
-	    rv = SECITEM_CopyItem(poolp, &(returnKey->u.dh.publicValue),
-	    				&(privKey->u.dh.publicValue));
-	    if(rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(poolp, &(returnKey->u.dh.privateValue),
-	    				&(privKey->u.dh.privateValue));
-	    if(rv != SECSuccess) break;
-	    returnKey->u.dsa.params.arena = poolp;
-	    rv = SECITEM_CopyItem(poolp, &(returnKey->u.dh.prime),
-					&(privKey->u.dh.prime));
-	    if(rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(poolp, &(returnKey->u.dh.base),
-					&(privKey->u.dh.base));
-	    if(rv != SECSuccess) break;
-	    break;
-#ifdef NSS_ENABLE_ECC
-	case NSSLOWKEYECKey:
-	    rv = SECITEM_CopyItem(poolp, &(returnKey->u.ec.version),
-	    				&(privKey->u.ec.version));
-	    if(rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(poolp, &(returnKey->u.ec.publicValue),
-	    				&(privKey->u.ec.publicValue));
-	    if(rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(poolp, &(returnKey->u.ec.privateValue),
-	    				&(privKey->u.ec.privateValue));
-	    if(rv != SECSuccess) break;
-	    returnKey->u.ec.ecParams.arena = poolp;
-	    /* Copy the rest of the params */
-	    rv = EC_CopyParams(poolp, &(returnKey->u.ec.ecParams),
-			       &(privKey->u.ec.ecParams));
-	    if (rv != SECSuccess) break;
-	    break;
-#endif /* NSS_ENABLE_ECC */
-	default:
-	    rv = SECFailure;
-    }
-
-loser:
-
-    if(rv != SECSuccess) {
-	PORT_FreeArena(poolp, PR_TRUE);
-	returnKey = NULL;
-    }
-
-    return returnKey;
-}

mozilla/security/nss/lib/softoken/lowkeyi.h

@@ -1,108 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *   Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-/* $Id: lowkeyi.h,v 1.10.70.3 2007-02-28 20:44:54 rrelyea%redhat.com Exp $ */
-
-#ifndef _LOWKEYI_H_
-#define _LOWKEYI_H_
-
-#include "prtypes.h"
-#include "seccomon.h"
-#include "secoidt.h"
-#include "lowkeyti.h"
-
-SEC_BEGIN_PROTOS
-
-/*
- * See bugzilla bug 125359
- * Since NSS (via PKCS#11) wants to handle big integers as unsigned ints,
- * all of the templates above that en/decode into integers must be converted
- * from ASN.1's signed integer type.  This is done by marking either the
- * source or destination (encoding or decoding, respectively) type as
- * siUnsignedInteger.
- */
-extern void prepare_low_rsa_priv_key_for_asn1(NSSLOWKEYPrivateKey *key);
-extern void prepare_low_pqg_params_for_asn1(PQGParams *params);
-extern void prepare_low_dsa_priv_key_for_asn1(NSSLOWKEYPrivateKey *key);
-extern void prepare_low_dsa_priv_key_export_for_asn1(NSSLOWKEYPrivateKey *key);
-extern void prepare_low_dh_priv_key_for_asn1(NSSLOWKEYPrivateKey *key);
-#ifdef NSS_ENABLE_ECC
-extern void prepare_low_ec_priv_key_for_asn1(NSSLOWKEYPrivateKey *key);
-extern void prepare_low_ecparams_for_asn1(ECParams *params);
-#endif /* NSS_ENABLE_ECC */
-
-/*
-** Destroy a private key object.
-**	"key" the object
-**	"freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void nsslowkey_DestroyPrivateKey(NSSLOWKEYPrivateKey *key);
-
-/*
-** Destroy a public key object.
-**	"key" the object
-**	"freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void nsslowkey_DestroyPublicKey(NSSLOWKEYPublicKey *key);
-
-/*
-** Return the modulus length of "pubKey".
-*/
-extern unsigned int nsslowkey_PublicModulusLen(NSSLOWKEYPublicKey *pubKey);
-
-
-/*
-** Return the modulus length of "privKey".
-*/
-extern unsigned int nsslowkey_PrivateModulusLen(NSSLOWKEYPrivateKey *privKey);
-
-
-/*
-** Convert a low private key "privateKey" into a public low key
-*/
-extern NSSLOWKEYPublicKey 
-		*nsslowkey_ConvertToPublicKey(NSSLOWKEYPrivateKey *privateKey);
-
-/* Make a copy of a low private key in it's own arena.
- * a return of NULL indicates an error.
- */
-extern NSSLOWKEYPrivateKey *
-nsslowkey_CopyPrivateKey(NSSLOWKEYPrivateKey *privKey);
-
-
-SEC_END_PROTOS
-
-#endif /* _LOWKEYI_H_ */

mozilla/security/nss/lib/softoken/lowkeyti.h

@@ -1,127 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *   Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-#ifndef _LOWKEYTI_H_
-#define _LOWKEYTI_H_ 1
-
-#include "blapit.h"
-#include "prtypes.h"
-#include "plarena.h"
-#include "secitem.h"
-#include "secasn1t.h"
-#include "secoidt.h"
-
-/*
-** Typedef for callback to get a password "key".
-*/
-extern const SEC_ASN1Template nsslowkey_PQGParamsTemplate[];
-extern const SEC_ASN1Template nsslowkey_RSAPrivateKeyTemplate[];
-extern const SEC_ASN1Template nsslowkey_DSAPrivateKeyTemplate[];
-extern const SEC_ASN1Template nsslowkey_DSAPrivateKeyExportTemplate[];
-extern const SEC_ASN1Template nsslowkey_DHPrivateKeyTemplate[];
-extern const SEC_ASN1Template nsslowkey_DHPrivateKeyExportTemplate[];
-#ifdef NSS_ENABLE_ECC
-#define NSSLOWKEY_EC_PRIVATE_KEY_VERSION   1  /* as per SECG 1 C.4 */
-extern const SEC_ASN1Template nsslowkey_ECParamsTemplate[];
-extern const SEC_ASN1Template nsslowkey_ECPrivateKeyTemplate[];
-#endif /* NSS_ENABLE_ECC */
-
-extern const SEC_ASN1Template nsslowkey_PrivateKeyInfoTemplate[];
-extern const SEC_ASN1Template nsslowkey_EncryptedPrivateKeyInfoTemplate[];
-
-/*
- * PKCS #8 attributes
- */
-struct NSSLOWKEYAttributeStr {
-    SECItem attrType;
-    SECItem *attrValue;
-};
-typedef struct NSSLOWKEYAttributeStr NSSLOWKEYAttribute;
-
-/*
-** A PKCS#8 private key info object
-*/
-struct NSSLOWKEYPrivateKeyInfoStr {
-    PLArenaPool *arena;
-    SECItem version;
-    SECAlgorithmID algorithm;
-    SECItem privateKey;
-    NSSLOWKEYAttribute **attributes;
-};
-typedef struct NSSLOWKEYPrivateKeyInfoStr NSSLOWKEYPrivateKeyInfo;
-#define NSSLOWKEY_PRIVATE_KEY_INFO_VERSION	0	/* what we *create* */
-
-typedef enum { 
-    NSSLOWKEYNullKey = 0, 
-    NSSLOWKEYRSAKey = 1, 
-    NSSLOWKEYDSAKey = 2, 
-    NSSLOWKEYDHKey = 4,
-    NSSLOWKEYECKey = 5
-} NSSLOWKEYType;
-
-/*
-** An RSA public key object.
-*/
-struct NSSLOWKEYPublicKeyStr {
-    PLArenaPool *arena;
-    NSSLOWKEYType keyType ;
-    union {
-        RSAPublicKey rsa;
-	DSAPublicKey dsa;
-	DHPublicKey  dh;
-	ECPublicKey  ec;
-    } u;
-};
-typedef struct NSSLOWKEYPublicKeyStr NSSLOWKEYPublicKey;
-
-/*
-** Low Level private key object
-** This is only used by the raw Crypto engines (crypto), keydb (keydb),
-** and PKCS #11. Everyone else uses the high level key structure.
-*/
-struct NSSLOWKEYPrivateKeyStr {
-    PLArenaPool *arena;
-    NSSLOWKEYType keyType;
-    union {
-        RSAPrivateKey rsa;
-	DSAPrivateKey dsa;
-	DHPrivateKey  dh;
-	ECPrivateKey  ec;
-    } u;
-};
-typedef struct NSSLOWKEYPrivateKeyStr NSSLOWKEYPrivateKey;
-
-#endif	/* _LOWKEYTI_H_ */

mozilla/security/nss/lib/softoken/lowpbe.h

@@ -1,135 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-#ifndef _SECPKCS5_H_
-#define _SECPKCS5_H_
-
-#include "plarena.h"
-#include "secitem.h"
-#include "seccomon.h"
-#include "secoidt.h"
-#include "hasht.h"
-
-typedef SECItem * (* SEC_PKCS5GetPBEPassword)(void *arg);
-
-/* used for V2 PKCS 12 Draft Spec */ 
-typedef enum {
-    pbeBitGenIDNull = 0,
-    pbeBitGenCipherKey = 0x01,
-    pbeBitGenCipherIV = 0x02,
-    pbeBitGenIntegrityKey = 0x03
-} PBEBitGenID;
-
-typedef enum {
-    NSSPKCS5_PBKDF1 = 0,
-    NSSPKCS5_PBKDF2 = 1,
-    NSSPKCS5_PKCS12_V2 = 2
-} NSSPKCS5PBEType;
-
-typedef struct NSSPKCS5PBEParameterStr NSSPKCS5PBEParameter;
-
-struct NSSPKCS5PBEParameterStr {
-    PRArenaPool *poolp;
-    SECItem	salt;		/* octet string */
-    SECItem	iteration;	/* integer */
-
-    /* used locally */
-    int		iter;
-    int 	keyLen;
-    int		ivLen;
-    HASH_HashType hashType;
-    NSSPKCS5PBEType pbeType;
-    PBEBitGenID	keyID;
-    SECOidTag	encAlg;
-    PRBool	is2KeyDES;
-};
-
-
-SEC_BEGIN_PROTOS
-/* Create a PKCS5 Algorithm ID
- * The algorithm ID is set up using the PKCS #5 parameter structure
- *  algorithm is the PBE algorithm ID for the desired algorithm
- *  pbe is a pbe param block with all the info needed to create the 
- *   algorithm id.
- * If an error occurs or the algorithm specified is not supported 
- * or is not a password based encryption algorithm, NULL is returned.
- * Otherwise, a pointer to the algorithm id is returned.
- */
-extern SECAlgorithmID *
-nsspkcs5_CreateAlgorithmID(PRArenaPool *arena, SECOidTag algorithm, 
-						NSSPKCS5PBEParameter *pbe);
-
-/*
- * Convert an Algorithm ID to a PBE Param.
- * NOTE: this does not suppport PKCS 5 v2 because it's only used for the
- * keyDB which only support PKCS 5 v1, PFX, and PKCS 12.
- */
-NSSPKCS5PBEParameter *
-nsspkcs5_AlgidToParam(SECAlgorithmID *algid);
-
-/*
- * Convert an Algorithm ID to a PBE Param.
- * NOTE: this does not suppport PKCS 5 v2 because it's only used for the
- * keyDB which only support PKCS 5 v1, PFX, and PKCS 12.
- */
-NSSPKCS5PBEParameter *
-nsspkcs5_NewParam(SECOidTag alg, SECItem *salt, int iterator);
-
-
-/* Encrypt/Decrypt data using password based encryption.  
- *  algid is the PBE algorithm identifier,
- *  pwitem is the password,
- *  src is the source for encryption/decryption,
- *  encrypt is PR_TRUE for encryption, PR_FALSE for decryption.
- * The key and iv are generated based upon PKCS #5 then the src
- * is either encrypted or decrypted.  If an error occurs, NULL
- * is returned, otherwise the ciphered contents is returned.
- */
-extern SECItem *
-nsspkcs5_CipherData(NSSPKCS5PBEParameter *, SECItem *pwitem,
-		    SECItem *src, PRBool encrypt, PRBool *update);
-
-extern SECItem *
-nsspkcs5_ComputeKeyAndIV(NSSPKCS5PBEParameter *, SECItem *pwitem,
-		    			SECItem *iv, PRBool faulty3DES);
-
-/* Destroys PBE parameter */
-extern void
-nsspkcs5_DestroyPBEParameter(NSSPKCS5PBEParameter *param);
-
-SEC_END_PROTOS
-
-#endif

mozilla/security/nss/lib/softoken/manifest.mn

@@ -1,98 +0,0 @@
-# 
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-CORE_DEPTH = ../../..
-
-MODULE = nss
-DIRS = legacydb
-
-REQUIRES = dbm
-
-LIBRARY_NAME = softokn
-LIBRARY_VERSION = 3
-MAPFILE = $(OBJDIR)/softokn.def
-
-DEFINES += -DSHLIB_SUFFIX=\"$(DLL_SUFFIX)\" -DSHLIB_PREFIX=\"$(DLL_PREFIX)\" -DSOFTOKEN_LIB_NAME=\"$(notdir $(SHARED_LIBRARY))\" -DSHLIB_VERSION=\"$(LIBRARY_VERSION)\"
-
-
-EXPORTS = \
-	pkcs11.h \
-	pkcs11f.h \
-	pkcs11p.h \
-	pkcs11t.h \
-	pkcs11n.h \
-	pkcs11u.h \
-	sdb.h \
-	sftkdbt.h \
-	$(NULL)
-
-PRIVATE_EXPORTS = \
-	lgglue.h  \
-	pk11pars.h \
-	pkcs11ni.h \
-	softoken.h \
-	softoknt.h \
-	softkver.h \
-	$(NULL)
-
-CSRCS = \
-	ecdecode.c \
-	fipsaudt.c \
-	fipstest.c \
-	fipstokn.c \
-	lgglue.c   \
-	lowkey.c   \
-	lowpbe.c   \
-	padbuf.c   \
-	pkcs11.c   \
-	pkcs11c.c  \
-	pkcs11u.c  \
-	rsawrapr.c  \
-	sdb.c  \
-	sftkdb.c  \
-	sftkpars.c  \
-	softkver.c  \
-	tlsprf.c   \
-	$(NULL)
-
-ifdef NSS_ENABLE_ECC
-DEFINES += -DNSS_ENABLE_ECC
-endif
-
-ifdef SQLITE_UNSAFE_THREADS
-DEFINES += -DSQLITE_UNSAFE_THREADS
-endif
-

mozilla/security/nss/lib/softoken/padbuf.c

@@ -1,80 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-#include "blapit.h"
-#include "secport.h"
-#include "secerr.h"
-
-/*
- * Prepare a buffer for DES encryption, growing to the appropriate boundary,
- * filling with the appropriate padding.
- *
- * NOTE: If arena is non-NULL, we re-allocate from there, otherwise
- * we assume (and use) XP memory (re)allocation.
- */
-unsigned char *
-DES_PadBuffer(PRArenaPool *arena, unsigned char *inbuf, unsigned int inlen,
-	      unsigned int *outlen)
-{
-    unsigned char *outbuf;
-    unsigned int   des_len;
-    unsigned int   i;
-    unsigned char  des_pad_len;
-
-    /*
-     * We need from 1 to DES_KEY_LENGTH bytes -- we *always* grow.
-     * The extra bytes contain the value of the length of the padding:
-     * if we have 2 bytes of padding, then the padding is "0x02, 0x02".
-     */
-    des_len = (inlen + DES_KEY_LENGTH) & ~(DES_KEY_LENGTH - 1);
-
-    if (arena != NULL) {
-	outbuf = (unsigned char*)PORT_ArenaGrow (arena, inbuf, inlen, des_len);
-    } else {
-	outbuf = (unsigned char*)PORT_Realloc (inbuf, des_len);
-    }
-
-    if (outbuf == NULL) {
-	PORT_SetError (SEC_ERROR_NO_MEMORY);
-	return NULL;
-    }
-
-    des_pad_len = des_len - inlen;
-    for (i = inlen; i < des_len; i++)
-	outbuf[i] = des_pad_len;
-
-    *outlen = des_len;
-    return outbuf;
-}

mozilla/security/nss/lib/softoken/pk11pars.h

@@ -1,871 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 2001
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-/*
- * The following handles the loading, unloading and management of
- * various PCKS #11 modules
- */
-
-
-/*
- * this header file contains routines for parsing PKCS #11 module spec
- * strings. It contains 'C' code and should only be included in one module.
- * Currently it is included in both softoken and the wrapper.
- */
-#include <ctype.h>
-#include "pkcs11.h"
-#include "seccomon.h"
-#include "prprf.h"
-#include "secmodt.h"
-#include "pk11init.h"
-
-#define SECMOD_ARG_LIBRARY_PARAMETER "library="
-#define SECMOD_ARG_NAME_PARAMETER "name="
-#define SECMOD_ARG_MODULE_PARAMETER "parameters="
-#define SECMOD_ARG_NSS_PARAMETER "NSS="
-#define SECMOD_ARG_FORTEZZA_FLAG "FORTEZZA"
-#define SECMOD_ARG_ESCAPE '\\'
-
-struct secmodargSlotFlagTable {
-    char *name;
-    int len;
-    unsigned long value;
-};
-
-#define SECMOD_DEFAULT_CIPHER_ORDER 0
-#define SECMOD_DEFAULT_TRUST_ORDER 50
-
-
-#define SECMOD_ARG_ENTRY(arg,flag) \
-{ #arg , sizeof(#arg)-1, flag }
-static struct secmodargSlotFlagTable secmod_argSlotFlagTable[] = {
-	SECMOD_ARG_ENTRY(RSA,SECMOD_RSA_FLAG),
-	SECMOD_ARG_ENTRY(DSA,SECMOD_RSA_FLAG),
-	SECMOD_ARG_ENTRY(RC2,SECMOD_RC4_FLAG),
-	SECMOD_ARG_ENTRY(RC4,SECMOD_RC2_FLAG),
-	SECMOD_ARG_ENTRY(DES,SECMOD_DES_FLAG),
-	SECMOD_ARG_ENTRY(DH,SECMOD_DH_FLAG),
-	SECMOD_ARG_ENTRY(FORTEZZA,SECMOD_FORTEZZA_FLAG),
-	SECMOD_ARG_ENTRY(RC5,SECMOD_RC5_FLAG),
-	SECMOD_ARG_ENTRY(SHA1,SECMOD_SHA1_FLAG),
-	SECMOD_ARG_ENTRY(MD5,SECMOD_MD5_FLAG),
-	SECMOD_ARG_ENTRY(MD2,SECMOD_MD2_FLAG),
-	SECMOD_ARG_ENTRY(SSL,SECMOD_SSL_FLAG),
-	SECMOD_ARG_ENTRY(TLS,SECMOD_TLS_FLAG),
-	SECMOD_ARG_ENTRY(AES,SECMOD_AES_FLAG),
-	SECMOD_ARG_ENTRY(Camellia,SECMOD_CAMELLIA_FLAG),
-	SECMOD_ARG_ENTRY(PublicCerts,SECMOD_FRIENDLY_FLAG),
-	SECMOD_ARG_ENTRY(RANDOM,SECMOD_RANDOM_FLAG),
-};
-
-#define SECMOD_HANDLE_STRING_ARG(param,target,value,command) \
-    if (PORT_Strncasecmp(param,value,sizeof(value)-1) == 0) { \
-	param += sizeof(value)-1; \
-	if (target) PORT_Free(target); \
-	target = secmod_argFetchValue(param,&next); \
-	param += next; \
-	command ;\
-    } else  
-
-#define SECMOD_HANDLE_FINAL_ARG(param) \
-    { param = secmod_argSkipParameter(param); } param = secmod_argStrip(param);
-	
-
-static int secmod_argSlotFlagTableSize = 
-	sizeof(secmod_argSlotFlagTable)/sizeof(secmod_argSlotFlagTable[0]);
-
-
-static PRBool secmod_argGetPair(char c) {
-    switch (c) {
-    case '\'': return c;
-    case '\"': return c;
-    case '<': return '>';
-    case '{': return '}';
-    case '[': return ']';
-    case '(': return ')';
-    default: break;
-    }
-    return ' ';
-}
-
-static PRBool secmod_argIsBlank(char c) {
-   return isspace(c);
-}
-
-static PRBool secmod_argIsEscape(char c) {
-    return c == '\\';
-}
-
-static PRBool secmod_argIsQuote(char c) {
-    switch (c) {
-    case '\'':
-    case '\"':
-    case '<':
-    case '{': /* } end curly to keep vi bracket matching working */
-    case '(': /* ) */
-    case '[': /* ] */ return PR_TRUE;
-    default: break;
-    }
-    return PR_FALSE;
-}
-
-static PRBool secmod_argHasChar(char *v, char c)
-{
-   for ( ;*v; v++) {
-	if (*v == c) return PR_TRUE;
-   }
-   return PR_FALSE;
-}
-
-static PRBool secmod_argHasBlanks(char *v)
-{
-   for ( ;*v; v++) {
-	if (secmod_argIsBlank(*v)) return PR_TRUE;
-   }
-   return PR_FALSE;
-}
-
-static char *secmod_argStrip(char *c) {
-   while (*c && secmod_argIsBlank(*c)) c++;
-   return c;
-}
-
-static char *
-secmod_argFindEnd(char *string) {
-    char endChar = ' ';
-    PRBool lastEscape = PR_FALSE;
-
-    if (secmod_argIsQuote(*string)) {
-	endChar = secmod_argGetPair(*string);
-	string++;
-    }
-
-    for (;*string; string++) {
-	if (lastEscape) {
-	    lastEscape = PR_FALSE;
-	    continue;
-	}
-	if (secmod_argIsEscape(*string) && !lastEscape) {
-	    lastEscape = PR_TRUE;
-	    continue;
-	} 
-	if ((endChar == ' ') && secmod_argIsBlank(*string)) break;
-	if (*string == endChar) {
-	    break;
-	}
-    }
-
-    return string;
-}
-
-static char *
-secmod_argFetchValue(char *string, int *pcount)
-{
-    char *end = secmod_argFindEnd(string);
-    char *retString, *copyString;
-    PRBool lastEscape = PR_FALSE;
-    int len;
-
-    len = end - string;
-    if (len == 0) {
-	*pcount = 0;
-	return NULL;
-    }
-
-    copyString = retString = (char *)PORT_Alloc(len+1);
-
-    if (*end) len++;
-    *pcount = len;
-    if (retString == NULL) return NULL;
-
-
-    if (secmod_argIsQuote(*string)) string++;
-    for (; string < end; string++) {
-	if (secmod_argIsEscape(*string) && !lastEscape) {
-	    lastEscape = PR_TRUE;
-	    continue;
-	}
-	lastEscape = PR_FALSE;
-	*copyString++ = *string;
-    }
-    *copyString = 0;
-    return retString;
-}
-
-static char *
-secmod_argSkipParameter(char *string) 
-{
-     char *end;
-     /* look for the end of the <name>= */
-     for (;*string; string++) {
-	if (*string == '=') { string++; break; }
-	if (secmod_argIsBlank(*string)) return(string); 
-     }
-
-     end = secmod_argFindEnd(string);
-     if (*end) end++;
-     return end;
-}
-
-
-static SECStatus
-secmod_argParseModuleSpec(char *modulespec, char **lib, char **mod, 
-					char **parameters, char **nss)
-{
-    int next;
-    modulespec = secmod_argStrip(modulespec);
-
-    *lib = *mod = *parameters = *nss = 0;
-
-    while (*modulespec) {
-	SECMOD_HANDLE_STRING_ARG(modulespec,*lib,SECMOD_ARG_LIBRARY_PARAMETER,;)
-	SECMOD_HANDLE_STRING_ARG(modulespec,*mod,SECMOD_ARG_NAME_PARAMETER,;)
-	SECMOD_HANDLE_STRING_ARG(modulespec,*parameters,
-						SECMOD_ARG_MODULE_PARAMETER,;)
-	SECMOD_HANDLE_STRING_ARG(modulespec,*nss,SECMOD_ARG_NSS_PARAMETER,;)
-	SECMOD_HANDLE_FINAL_ARG(modulespec)
-   }
-   return SECSuccess;
-}
-
-
-static char *
-secmod_argGetParamValue(char *paramName,char *parameters)
-{
-    char searchValue[256];
-    int paramLen = strlen(paramName);
-    char *returnValue = NULL;
-    int next;
-
-    if ((parameters == NULL) || (*parameters == 0)) return NULL;
-
-    PORT_Assert(paramLen+2 < sizeof(searchValue));
-
-    PORT_Strcpy(searchValue,paramName);
-    PORT_Strcat(searchValue,"=");
-    while (*parameters) {
-	if (PORT_Strncasecmp(parameters,searchValue,paramLen+1) == 0) {
-	    parameters += paramLen+1;
-	    returnValue = secmod_argFetchValue(parameters,&next);
-	    break;
-	} else {
-	    parameters = secmod_argSkipParameter(parameters);
-	}
-	parameters = secmod_argStrip(parameters);
-   }
-   return returnValue;
-}
-    
-
-static char *
-secmod_argNextFlag(char *flags)
-{
-    for (; *flags ; flags++) {
-	if (*flags == ',') {
-	    flags++;
-	    break;
-	}
-    }
-    return flags;
-}
-
-static PRBool
-secmod_argHasFlag(char *label, char *flag, char *parameters)
-{
-    char *flags,*index;
-    int len = strlen(flag);
-    PRBool found = PR_FALSE;
-
-    flags = secmod_argGetParamValue(label,parameters);
-    if (flags == NULL) return PR_FALSE;
-
-    for (index=flags; *index; index=secmod_argNextFlag(index)) {
-	if (PORT_Strncasecmp(index,flag,len) == 0) {
-	    found=PR_TRUE;
-	    break;
-	}
-    }
-    PORT_Free(flags);
-    return found;
-}
-
-static void
-secmod_argSetNewCipherFlags(unsigned long *newCiphers,char *cipherList)
-{
-    newCiphers[0] = newCiphers[1] = 0;
-    if ((cipherList == NULL) || (*cipherList == 0)) return;
-
-    for (;*cipherList; cipherList=secmod_argNextFlag(cipherList)) {
-	if (PORT_Strncasecmp(cipherList,SECMOD_ARG_FORTEZZA_FLAG,
-				sizeof(SECMOD_ARG_FORTEZZA_FLAG)-1) == 0) {
-	    newCiphers[0] |= SECMOD_FORTEZZA_FLAG;
-	} 
-
-	/* add additional flags here as necessary */
-	/* direct bit mapping escape */
-	if (*cipherList == 0) {
-	   if (cipherList[1] == 'l') {
-		newCiphers[1] |= atoi(&cipherList[2]);
-	   } else {
-		newCiphers[0] |= atoi(&cipherList[2]);
-	   }
-	}
-    }
-}
-
-
-/*
- * decode a number. handle octal (leading '0'), hex (leading '0x') or decimal
- */
-static long
-secmod_argDecodeNumber(char *num)
-{
-    int	radix = 10;
-    unsigned long value = 0;
-    long retValue = 0;
-    int sign = 1;
-    int digit;
-
-    if (num == NULL) return retValue;
-
-    num = secmod_argStrip(num);
-
-    if (*num == '-') {
-	sign = -1;
-	num++;
-    }
-
-    if (*num == '0') {
-	radix = 8;
-	num++;
-	if ((*num == 'x') || (*num == 'X')) {
-	    radix = 16;
-	    num++;
-	}
-    }
-
-   
-    for ( ;*num; num++ ) {
-	if (isdigit(*num)) {
-	    digit = *num - '0';
-	} else if ((*num >= 'a') && (*num <= 'f'))  {
-	    digit = *num - 'a' + 10;
-	} else if ((*num >= 'A') && (*num <= 'F'))  {
-	    digit = *num - 'A' + 10;
-	} else {
-	    break;
-	}
-	if (digit >= radix) break;
-	value = value*radix + digit;
-    }
-
-    retValue = ((int) value) * sign;
-    return retValue;
-}
-
-static long
-secmod_argReadLong(char *label,char *params, long defValue, PRBool *isdefault)
-{
-    char *value;
-    long retValue;
-    if (isdefault) *isdefault = PR_FALSE; 
-
-    value = secmod_argGetParamValue(label,params);
-    if (value == NULL) {
-	if (isdefault) *isdefault = PR_TRUE;
-	return defValue;
-    }
-    retValue = secmod_argDecodeNumber(value);
-    if (value) PORT_Free(value);
-
-    return retValue;
-}
-
-
-static unsigned long
-secmod_argSlotFlags(char *label,char *params)
-{
-    char *flags,*index;
-    unsigned long retValue = 0;
-    int i;
-    PRBool all = PR_FALSE;
-
-    flags = secmod_argGetParamValue(label,params);
-    if (flags == NULL) return 0;
-
-    if (PORT_Strcasecmp(flags,"all") == 0) all = PR_TRUE;
-
-    for (index=flags; *index; index=secmod_argNextFlag(index)) {
-	for (i=0; i < secmod_argSlotFlagTableSize; i++) {
-	    if (all || (PORT_Strncasecmp(index, secmod_argSlotFlagTable[i].name,
-				secmod_argSlotFlagTable[i].len) == 0)) {
-		retValue |= secmod_argSlotFlagTable[i].value;
-	    }
-	}
-    }
-    PORT_Free(flags);
-    return retValue;
-}
-
-
-static void
-secmod_argDecodeSingleSlotInfo(char *name, char *params, 
-                               PK11PreSlotInfo *slotInfo)
-{
-    char *askpw;
-
-    slotInfo->slotID=secmod_argDecodeNumber(name);
-    slotInfo->defaultFlags=secmod_argSlotFlags("slotFlags",params);
-    slotInfo->timeout=secmod_argReadLong("timeout",params, 0, NULL);
-
-    askpw = secmod_argGetParamValue("askpw",params);
-    slotInfo->askpw = 0;
-
-    if (askpw) {
-	if (PORT_Strcasecmp(askpw,"every") == 0) {
-    	    slotInfo->askpw = -1;
-	} else if (PORT_Strcasecmp(askpw,"timeout") == 0) {
-    	    slotInfo->askpw = 1;
-	} 
-	PORT_Free(askpw);
-	slotInfo->defaultFlags |= PK11_OWN_PW_DEFAULTS;
-    }
-    slotInfo->hasRootCerts = secmod_argHasFlag("rootFlags", "hasRootCerts", 
-                                               params);
-    slotInfo->hasRootTrust = secmod_argHasFlag("rootFlags", "hasRootTrust", 
-                                               params);
-}
-
-static char *
-secmod_argGetName(char *inString, int *next) 
-{
-    char *name=NULL;
-    char *string;
-    int len;
-
-    /* look for the end of the <name>= */
-    for (string = inString;*string; string++) {
-	if (*string == '=') { break; }
-	if (secmod_argIsBlank(*string)) break;
-    }
-
-    len = string - inString;
-
-    *next = len; 
-    if (*string == '=') (*next) += 1;
-    if (len > 0) {
-	name = PORT_Alloc(len+1);
-	PORT_Strncpy(name,inString,len);
-	name[len] = 0;
-    }
-    return name;
-}
-
-static PK11PreSlotInfo *
-secmod_argParseSlotInfo(PRArenaPool *arena, char *slotParams, int *retCount)
-{
-    char *slotIndex;
-    PK11PreSlotInfo *slotInfo = NULL;
-    int i=0,count = 0,next;
-
-    *retCount = 0;
-    if ((slotParams == NULL) || (*slotParams == 0))  return NULL;
-
-    /* first count the number of slots */
-    for (slotIndex = secmod_argStrip(slotParams); *slotIndex; 
-	 slotIndex = secmod_argStrip(secmod_argSkipParameter(slotIndex))) {
-	count++;
-    }
-
-    /* get the data structures */
-    if (arena) {
-	slotInfo = (PK11PreSlotInfo *) 
-			PORT_ArenaAlloc(arena,count*sizeof(PK11PreSlotInfo));
-	PORT_Memset(slotInfo,0,count*sizeof(PK11PreSlotInfo));
-    } else {
-	slotInfo = (PK11PreSlotInfo *) 
-			PORT_ZAlloc(count*sizeof(PK11PreSlotInfo));
-    }
-    if (slotInfo == NULL) return NULL;
-
-    for (slotIndex = secmod_argStrip(slotParams), i = 0; 
-					*slotIndex && i < count ; ) {
-	char *name;
-	name = secmod_argGetName(slotIndex,&next);
-	slotIndex += next;
-
-	if (!secmod_argIsBlank(*slotIndex)) {
-	    char *args = secmod_argFetchValue(slotIndex,&next);
-	    slotIndex += next;
-	    if (args) {
-		secmod_argDecodeSingleSlotInfo(name,args,&slotInfo[i]);
-		i++;
-		PORT_Free(args);
-	    }
-	}
-	if (name) PORT_Free(name);
-	slotIndex = secmod_argStrip(slotIndex);
-    }
-    *retCount = i;
-    return slotInfo;
-}
-
-static char *secmod_nullString = "";
-
-static char *
-secmod_formatValue(PRArenaPool *arena, char *value, char quote)
-{
-    char *vp,*vp2,*retval;
-    int size = 0, escapes = 0;
-
-    for (vp=value; *vp ;vp++) {
-	if ((*vp == quote) || (*vp == SECMOD_ARG_ESCAPE)) escapes++;
-	size++;
-    }
-    if (arena) {
-	retval = PORT_ArenaZAlloc(arena,size+escapes+1);
-    } else {
-	retval = PORT_ZAlloc(size+escapes+1);
-    }
-    if (retval == NULL) return NULL;
-    vp2 = retval;
-    for (vp=value; *vp; vp++) {
-	if ((*vp == quote) || (*vp == SECMOD_ARG_ESCAPE)) 
-				*vp2++ = SECMOD_ARG_ESCAPE;
-	*vp2++ = *vp;
-    }
-    return retval;
-}
-    
-static char *secmod_formatPair(char *name,char *value, char quote)
-{
-    char openQuote = quote;
-    char closeQuote = secmod_argGetPair(quote);
-    char *newValue = NULL;
-    char *returnValue;
-    PRBool need_quote = PR_FALSE;
-
-    if (!value || (*value == 0)) return secmod_nullString;
-
-    if (secmod_argHasBlanks(value) || secmod_argIsQuote(value[0]))
-							 need_quote=PR_TRUE;
-
-    if ((need_quote && secmod_argHasChar(value,closeQuote))
-				 || secmod_argHasChar(value,SECMOD_ARG_ESCAPE)) {
-	value = newValue = secmod_formatValue(NULL, value,quote);
-	if (newValue == NULL) return secmod_nullString;
-    }
-    if (need_quote) {
-    	returnValue = PR_smprintf("%s=%c%s%c",name,openQuote,value,closeQuote);
-    } else {
-    	returnValue = PR_smprintf("%s=%s",name,value);
-    }
-    if (returnValue == NULL) returnValue = secmod_nullString;
-
-    if (newValue) PORT_Free(newValue);
-
-    return returnValue;
-}
-
-static char *secmod_formatIntPair(char *name, unsigned long value, 
-                                  unsigned long def)
-{
-    char *returnValue;
-
-    if (value == def) return secmod_nullString;
-
-    returnValue = PR_smprintf("%s=%d",name,value);
-
-    return returnValue;
-}
-
-static void
-secmod_freePair(char *pair)
-{
-    if (pair && pair != secmod_nullString) {
-	PR_smprintf_free(pair);
-    }
-}
-
-#define MAX_FLAG_SIZE  sizeof("internal")+sizeof("FIPS")+sizeof("moduleDB")+\
-				sizeof("moduleDBOnly")+sizeof("critical")
-static char *
-secmod_mkNSSFlags(PRBool internal, PRBool isFIPS,
-		PRBool isModuleDB, PRBool isModuleDBOnly, PRBool isCritical)
-{
-    char *flags = (char *)PORT_ZAlloc(MAX_FLAG_SIZE);
-    PRBool first = PR_TRUE;
-
-    PORT_Memset(flags,0,MAX_FLAG_SIZE);
-    if (internal) {
-	PORT_Strcat(flags,"internal");
-	first = PR_FALSE;
-    }
-    if (isFIPS) {
-	if (!first) PORT_Strcat(flags,",");
-	PORT_Strcat(flags,"FIPS");
-	first = PR_FALSE;
-    }
-    if (isModuleDB) {
-	if (!first) PORT_Strcat(flags,",");
-	PORT_Strcat(flags,"moduleDB");
-	first = PR_FALSE;
-    }
-    if (isModuleDBOnly) {
-	if (!first) PORT_Strcat(flags,",");
-	PORT_Strcat(flags,"moduleDBOnly");
-	first = PR_FALSE;
-    }
-    if (isCritical) {
-	if (!first) PORT_Strcat(flags,",");
-	PORT_Strcat(flags,"critical");
-	first = PR_FALSE;
-    }
-    return flags;
-}
-
-static char *
-secmod_mkCipherFlags(unsigned long ssl0, unsigned long ssl1)
-{
-    char *cipher = NULL;
-    int i;
-
-    for (i=0; i < sizeof(ssl0)*8; i++) {
-	if (ssl0 & (1<<i)) {
-	    char *string;
-	    if ((1<<i) == SECMOD_FORTEZZA_FLAG) {
-		string = PR_smprintf("%s","FORTEZZA");
-	    } else {
-		string = PR_smprintf("0h0x%08x",1<<i);
-	    }
-	    if (cipher) {
-		char *tmp;
-		tmp = PR_smprintf("%s,%s",cipher,string);
-		PR_smprintf_free(cipher);
-		PR_smprintf_free(string);
-		cipher = tmp;
-	    } else {
-		cipher = string;
-	    }
-	}
-    }
-    for (i=0; i < sizeof(ssl0)*8; i++) {
-	if (ssl1 & (1<<i)) {
-	    if (cipher) {
-		char *tmp;
-		tmp = PR_smprintf("%s,0l0x%08x",cipher,1<<i);
-		PR_smprintf_free(cipher);
-		cipher = tmp;
-	    } else {
-		cipher = PR_smprintf("0l0x%08x",1<<i);
-	    }
-	}
-    }
-
-    return cipher;
-}
-
-static char *
-secmod_mkSlotFlags(unsigned long defaultFlags)
-{
-    char *flags=NULL;
-    int i,j;
-
-    for (i=0; i < sizeof(defaultFlags)*8; i++) {
-	if (defaultFlags & (1<<i)) {
-	    char *string = NULL;
-
-	    for (j=0; j < secmod_argSlotFlagTableSize; j++) {
-		if (secmod_argSlotFlagTable[j].value == ( 1UL << i )) {
-		    string = secmod_argSlotFlagTable[j].name;
-		    break;
-		}
-	    }
-	    if (string) {
-		if (flags) {
-		    char *tmp;
-		    tmp = PR_smprintf("%s,%s",flags,string);
-		    PR_smprintf_free(flags);
-		    flags = tmp;
-		} else {
-		    flags = PR_smprintf("%s",string);
-		}
-	    }
-	}
-    }
-
-    return flags;
-}
-
-#define SECMOD_MAX_ROOT_FLAG_SIZE  sizeof("hasRootCerts")+sizeof("hasRootTrust")
-
-static char *
-secmod_mkRootFlags(PRBool hasRootCerts, PRBool hasRootTrust)
-{
-    char *flags= (char *)PORT_ZAlloc(SECMOD_MAX_ROOT_FLAG_SIZE);
-    PRBool first = PR_TRUE;
-
-    PORT_Memset(flags,0,SECMOD_MAX_ROOT_FLAG_SIZE);
-    if (hasRootCerts) {
-	PORT_Strcat(flags,"hasRootCerts");
-	first = PR_FALSE;
-    }
-    if (hasRootTrust) {
-	if (!first) PORT_Strcat(flags,",");
-	PORT_Strcat(flags,"hasRootTrust");
-	first = PR_FALSE;
-    }
-    return flags;
-}
-
-static char *
-secmod_mkSlotString(unsigned long slotID, unsigned long defaultFlags,
-		  unsigned long timeout, unsigned char askpw_in,
-		  PRBool hasRootCerts, PRBool hasRootTrust) {
-    char *askpw,*flags,*rootFlags,*slotString;
-    char *flagPair,*rootFlagsPair;
-	
-    switch (askpw_in) {
-    case 0xff:
-	askpw = "every";
-	break;
-    case 1:
-	askpw = "timeout";
-	break;
-    default:
-	askpw = "any";
-	break;
-    }
-    flags = secmod_mkSlotFlags(defaultFlags);
-    rootFlags = secmod_mkRootFlags(hasRootCerts,hasRootTrust);
-    flagPair=secmod_formatPair("slotFlags",flags,'\'');
-    rootFlagsPair=secmod_formatPair("rootFlags",rootFlags,'\'');
-    if (flags) PR_smprintf_free(flags);
-    if (rootFlags) PORT_Free(rootFlags);
-    if (defaultFlags & PK11_OWN_PW_DEFAULTS) {
-    	slotString = PR_smprintf("0x%08lx=[%s askpw=%s timeout=%d %s]",
-				(PRUint32)slotID,flagPair,askpw,timeout,
-				rootFlagsPair);
-    } else {
-    	slotString = PR_smprintf("0x%08lx=[%s %s]",
-				(PRUint32)slotID,flagPair,rootFlagsPair);
-    }
-    secmod_freePair(flagPair);
-    secmod_freePair(rootFlagsPair);
-    return slotString;
-}
-
-static char *
-secmod_mkNSS(char **slotStrings, int slotCount, PRBool internal, PRBool isFIPS,
-	  PRBool isModuleDB,  PRBool isModuleDBOnly, PRBool isCritical, 
-	  unsigned long trustOrder, unsigned long cipherOrder,
-				unsigned long ssl0, unsigned long ssl1) {
-    int slotLen, i;
-    char *slotParams, *ciphers, *nss, *nssFlags, *tmp;
-    char *trustOrderPair,*cipherOrderPair,*slotPair,*cipherPair,*flagPair;
-
-
-    /* now let's build up the string
-     * first the slot infos
-     */
-    slotLen=0;
-    for (i=0; i < (int)slotCount; i++) {
-	slotLen += PORT_Strlen(slotStrings[i])+1;
-    }
-    slotLen += 1; /* space for the final NULL */
-
-    slotParams = (char *)PORT_ZAlloc(slotLen);
-    PORT_Memset(slotParams,0,slotLen);
-    for (i=0; i < (int)slotCount; i++) {
-	PORT_Strcat(slotParams,slotStrings[i]);
-	PORT_Strcat(slotParams," ");
-	PR_smprintf_free(slotStrings[i]);
-	slotStrings[i]=NULL;
-    }
-    
-    /*
-     * now the NSS structure
-     */
-    nssFlags = secmod_mkNSSFlags(internal,isFIPS,isModuleDB,isModuleDBOnly,
-							isCritical); 
-	/* for now only the internal module is critical */
-    ciphers = secmod_mkCipherFlags(ssl0, ssl1);
-
-    trustOrderPair=secmod_formatIntPair("trustOrder",trustOrder,
-					SECMOD_DEFAULT_TRUST_ORDER);
-    cipherOrderPair=secmod_formatIntPair("cipherOrder",cipherOrder,
-					SECMOD_DEFAULT_CIPHER_ORDER);
-    slotPair=secmod_formatPair("slotParams",slotParams,'{'); /* } */
-    if (slotParams) PORT_Free(slotParams);
-    cipherPair=secmod_formatPair("ciphers",ciphers,'\'');
-    if (ciphers) PR_smprintf_free(ciphers);
-    flagPair=secmod_formatPair("Flags",nssFlags,'\'');
-    if (nssFlags) PORT_Free(nssFlags);
-    nss = PR_smprintf("%s %s %s %s %s",trustOrderPair,
-			cipherOrderPair,slotPair,cipherPair,flagPair);
-    secmod_freePair(trustOrderPair);
-    secmod_freePair(cipherOrderPair);
-    secmod_freePair(slotPair);
-    secmod_freePair(cipherPair);
-    secmod_freePair(flagPair);
-    tmp = secmod_argStrip(nss);
-    if (*tmp == '\0') {
-	PR_smprintf_free(nss);
-	nss = NULL;
-    }
-    return nss;
-}
-
-static char *
-secmod_mkNewModuleSpec(char *dllName, char *commonName, char *parameters, 
-								char *NSS) {
-    char *moduleSpec;
-    char *lib,*name,*param,*nss;
-
-    /*
-     * now the final spec
-     */
-    lib = secmod_formatPair("library",dllName,'\"');
-    name = secmod_formatPair("name",commonName,'\"');
-    param = secmod_formatPair("parameters",parameters,'\"');
-    nss = secmod_formatPair("NSS",NSS,'\"');
-    moduleSpec = PR_smprintf("%s %s %s %s", lib,name,param,nss);
-    secmod_freePair(lib);
-    secmod_freePair(name);
-    secmod_freePair(param);
-    secmod_freePair(nss);
-    return (moduleSpec);
-}
-

mozilla/security/nss/lib/softoken/pkcs11.h

@@ -1,323 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *   RSA Labs
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-/*
- * Copyright (C) 1994-1999 RSA Security Inc. Licence to copy this document
- * is granted provided that it is identified as "RSA Security In.c Public-Key
- * Cryptography Standards (PKCS)" in all material mentioning or referencing
- * this document.
- *
- * The latest version of this header can be found at:
- *    http://www.rsalabs.com/pkcs/pkcs-11/index.html
- */
-#ifndef _PKCS11_H_
-#define _PKCS11_H_ 1
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* Before including this file (pkcs11.h) (or pkcs11t.h by
- * itself), 6 platform-specific macros must be defined.  These
- * macros are described below, and typical definitions for them
- * are also given.  Be advised that these definitions can depend
- * on both the platform and the compiler used (and possibly also
- * on whether a PKCS #11 library is linked statically or
- * dynamically).
- *
- * In addition to defining these 6 macros, the packing convention
- * for PKCS #11 structures should be set.  The PKCS #11
- * convention on packing is that structures should be 1-byte
- * aligned.
- *
- * In a Win32 environment, this might be done by using the
- * following preprocessor directive before including pkcs11.h
- * or pkcs11t.h:
- *
- * #pragma pack(push, cryptoki, 1)
- *
- * and using the following preprocessor directive after including
- * pkcs11.h or pkcs11t.h:
- *
- * #pragma pack(pop, cryptoki)
- *
- * In a Win16 environment, this might be done by using the
- * following preprocessor directive before including pkcs11.h
- * or pkcs11t.h:
- *
- * #pragma pack(1)
- *
- * In a UNIX environment, you're on your own here.  You might
- * not need to do anything.
- *
- *
- * Now for the macros:
- *
- *
- * 1. CK_PTR: The indirection string for making a pointer to an
- * object.  It can be used like this:
- *
- * typedef CK_BYTE CK_PTR CK_BYTE_PTR;
- *
- * In a Win32 environment, it might be defined by
- *
- * #define CK_PTR *
- *
- * In a Win16 environment, it might be defined by
- *
- * #define CK_PTR far *
- *
- * In a UNIX environment, it might be defined by
- *
- * #define CK_PTR *
- *
- *
- * 2. CK_DEFINE_FUNCTION(returnType, name): A macro which makes
- * an exportable PKCS #11 library function definition out of a
- * return type and a function name.  It should be used in the
- * following fashion to define the exposed PKCS #11 functions in
- * a PKCS #11 library:
- *
- * CK_DEFINE_FUNCTION(CK_RV, C_Initialize)(
- *   CK_VOID_PTR pReserved
- * )
- * {
- *   ...
- * }
- *
- * For defining a function in a Win32 PKCS #11 .dll, it might be
- * defined by
- *
- * #define CK_DEFINE_FUNCTION(returnType, name) \
- *   returnType __declspec(dllexport) name
- *
- * For defining a function in a Win16 PKCS #11 .dll, it might be
- * defined by
- *
- * #define CK_DEFINE_FUNCTION(returnType, name) \
- *   returnType __export _far _pascal name
- *
- * In a UNIX environment, it might be defined by
- *
- * #define CK_DEFINE_FUNCTION(returnType, name) \
- *   returnType name
- *
- *
- * 3. CK_DECLARE_FUNCTION(returnType, name): A macro which makes
- * an importable PKCS #11 library function declaration out of a
- * return type and a function name.  It should be used in the
- * following fashion:
- *
- * extern CK_DECLARE_FUNCTION(CK_RV, C_Initialize)(
- *   CK_VOID_PTR pReserved
- * );
- *
- * For declaring a function in a Win32 PKCS #11 .dll, it might
- * be defined by
- *
- * #define CK_DECLARE_FUNCTION(returnType, name) \
- *   returnType __declspec(dllimport) name
- *
- * For declaring a function in a Win16 PKCS #11 .dll, it might
- * be defined by
- *
- * #define CK_DECLARE_FUNCTION(returnType, name) \
- *   returnType __export _far _pascal name
- *
- * In a UNIX environment, it might be defined by
- *
- * #define CK_DECLARE_FUNCTION(returnType, name) \
- *   returnType name
- *
- *
- * 4. CK_DECLARE_FUNCTION_POINTER(returnType, name): A macro
- * which makes a PKCS #11 API function pointer declaration or
- * function pointer type declaration out of a return type and a
- * function name.  It should be used in the following fashion:
- *
- * // Define funcPtr to be a pointer to a PKCS #11 API function
- * // taking arguments args and returning CK_RV.
- * CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtr)(args);
- *
- * or
- *
- * // Define funcPtrType to be the type of a pointer to a
- * // PKCS #11 API function taking arguments args and returning
- * // CK_RV, and then define funcPtr to be a variable of type
- * // funcPtrType.
- * typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtrType)(args);
- * funcPtrType funcPtr;
- *
- * For accessing functions in a Win32 PKCS #11 .dll, in might be
- * defined by
- *
- * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
- *   returnType __declspec(dllimport) (* name)
- *
- * For accessing functions in a Win16 PKCS #11 .dll, it might be
- * defined by
- *
- * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
- *   returnType __export _far _pascal (* name)
- *
- * In a UNIX environment, it might be defined by
- *
- * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
- *   returnType (* name)
- *
- *
- * 5. CK_CALLBACK_FUNCTION(returnType, name): A macro which makes
- * a function pointer type for an application callback out of
- * a return type for the callback and a name for the callback.
- * It should be used in the following fashion:
- *
- * CK_CALLBACK_FUNCTION(CK_RV, myCallback)(args);
- *
- * to declare a function pointer, myCallback, to a callback
- * which takes arguments args and returns a CK_RV.  It can also
- * be used like this:
- *
- * typedef CK_CALLBACK_FUNCTION(CK_RV, myCallbackType)(args);
- * myCallbackType myCallback;
- *
- * In a Win32 environment, it might be defined by
- *
- * #define CK_CALLBACK_FUNCTION(returnType, name) \
- *   returnType (* name)
- *
- * In a Win16 environment, it might be defined by
- *
- * #define CK_CALLBACK_FUNCTION(returnType, name) \
- *   returnType _far _pascal (* name)
- *
- * In a UNIX environment, it might be defined by
- *
- * #define CK_CALLBACK_FUNCTION(returnType, name) \
- *   returnType (* name)
- *
- *
- * 6. NULL_PTR: This macro is the value of a NULL pointer.
- *
- * In any ANSI/ISO C environment (and in many others as well),
- * this should be defined by
- *
- * #ifndef NULL_PTR
- * #define NULL_PTR 0
- * #endif
- */
-
-
-/* All the various PKCS #11 types and #define'd values are in the
- * file pkcs11t.h. */
-#include "pkcs11t.h"
-
-#define __PASTE(x,y)      x##y
-
-
-/* packing defines */
-#include "pkcs11p.h"
-/* ==============================================================
- * Define the "extern" form of all the entry points.
- * ==============================================================
- */
-
-#define CK_NEED_ARG_LIST  1
-#define CK_PKCS11_FUNCTION_INFO(name) \
-  CK_DECLARE_FUNCTION(CK_RV, name)
-
-/* pkcs11f.h has all the information about the PKCS #11
- * function prototypes. */
-#include "pkcs11f.h"
-
-#undef CK_NEED_ARG_LIST
-#undef CK_PKCS11_FUNCTION_INFO
-
-
-/* ==============================================================
- * Define the typedef form of all the entry points.  That is, for
- * each PKCS #11 function C_XXX, define a type CK_C_XXX which is
- * a pointer to that kind of function.
- * ==============================================================
- */
-
-#define CK_NEED_ARG_LIST  1
-#define CK_PKCS11_FUNCTION_INFO(name) \
-  typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, __PASTE(CK_,name))
-
-/* pkcs11f.h has all the information about the PKCS #11
- * function prototypes. */
-#include "pkcs11f.h"
-
-#undef CK_NEED_ARG_LIST
-#undef CK_PKCS11_FUNCTION_INFO
-
-
-/* ==============================================================
- * Define structed vector of entry points.  A CK_FUNCTION_LIST
- * contains a CK_VERSION indicating a library's PKCS #11 version
- * and then a whole slew of function pointers to the routines in
- * the library.  This type was declared, but not defined, in
- * pkcs11t.h.
- * ==============================================================
- */
-
-#define CK_PKCS11_FUNCTION_INFO(name) \
-  __PASTE(CK_,name) name;
-  
-struct CK_FUNCTION_LIST {
-
-  CK_VERSION    version;  /* PKCS #11 version */
-
-/* Pile all the function pointers into the CK_FUNCTION_LIST. */
-/* pkcs11f.h has all the information about the PKCS #11
- * function prototypes. */
-#include "pkcs11f.h" 
-
-};
-
-#undef CK_PKCS11_FUNCTION_INFO
-
-
-#undef __PASTE
-
-/* unpack */
-#include "pkcs11u.h"
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif

mozilla/security/nss/lib/softoken/pkcs11f.h

@@ -1,937 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * RSA Security INC.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-/*
- * Copyright (C) 1994-1999 RSA Security Inc. Licence to copy this document
- * is granted provided that it is identified as "RSA Security In.c Public-Key
- * Cryptography Standards (PKCS)" in all material mentioning or referencing
- * this document.
- */
-/* This function contains pretty much everything about all the */
-/* PKCS #11  function prototypes.  Because this information is */
-/* used for more than just declaring function prototypes, the */
-/* order of the functions appearing herein is important, and */
-/* should not be altered. */
-
-
-
-/* General-purpose */
-
-/* C_Initialize initializes the PKCS #11 library. */
-CK_PKCS11_FUNCTION_INFO(C_Initialize)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_VOID_PTR   pInitArgs  /* if this is not NULL_PTR, it gets
-                            * cast to CK_C_INITIALIZE_ARGS_PTR
-                            * and dereferenced */
-);
-#endif
-
-
-/* C_Finalize indicates that an application is done with the
- * PKCS #11 library. */
-CK_PKCS11_FUNCTION_INFO(C_Finalize)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_VOID_PTR   pReserved  /* reserved.  Should be NULL_PTR */
-);
-#endif
-
-
-/* C_GetInfo returns general information about PKCS #11. */
-CK_PKCS11_FUNCTION_INFO(C_GetInfo)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_INFO_PTR   pInfo  /* location that receives information */
-);
-#endif
-
-
-/* C_GetFunctionList returns the function list. */
-CK_PKCS11_FUNCTION_INFO(C_GetFunctionList)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_FUNCTION_LIST_PTR_PTR ppFunctionList  /* receives pointer to
-                                            * function list */
-);
-#endif
-
-
-
-/* Slot and token management */
-
-/* C_GetSlotList obtains a list of slots in the system. */
-CK_PKCS11_FUNCTION_INFO(C_GetSlotList)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_BBOOL       tokenPresent,  /* only slots with tokens? */
-  CK_SLOT_ID_PTR pSlotList,     /* receives array of slot IDs */
-  CK_ULONG_PTR   pulCount       /* receives number of slots */
-);
-#endif
-
-
-/* C_GetSlotInfo obtains information about a particular slot in
- * the system. */
-CK_PKCS11_FUNCTION_INFO(C_GetSlotInfo)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SLOT_ID       slotID,  /* the ID of the slot */
-  CK_SLOT_INFO_PTR pInfo    /* receives the slot information */
-);
-#endif
-
-
-/* C_GetTokenInfo obtains information about a particular token
- * in the system. */
-CK_PKCS11_FUNCTION_INFO(C_GetTokenInfo)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SLOT_ID        slotID,  /* ID of the token's slot */
-  CK_TOKEN_INFO_PTR pInfo    /* receives the token information */
-);
-#endif
-
-
-/* C_GetMechanismList obtains a list of mechanism types
- * supported by a token. */
-CK_PKCS11_FUNCTION_INFO(C_GetMechanismList)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SLOT_ID            slotID,          /* ID of token's slot */
-  CK_MECHANISM_TYPE_PTR pMechanismList,  /* gets mech. array */
-  CK_ULONG_PTR          pulCount         /* gets # of mechs. */
-);
-#endif
-
-
-/* C_GetMechanismInfo obtains information about a particular
- * mechanism possibly supported by a token. */
-CK_PKCS11_FUNCTION_INFO(C_GetMechanismInfo)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SLOT_ID            slotID,  /* ID of the token's slot */
-  CK_MECHANISM_TYPE     type,    /* type of mechanism */
-  CK_MECHANISM_INFO_PTR pInfo    /* receives mechanism info */
-);
-#endif
-
-
-/* C_InitToken initializes a token. */
-CK_PKCS11_FUNCTION_INFO(C_InitToken)
-#ifdef CK_NEED_ARG_LIST
-/* pLabel changed from CK_CHAR_PTR to CK_UTF8CHAR_PTR for v2.10 */
-(
-  CK_SLOT_ID         slotID,    /* ID of the token's slot */
-  CK_UTF8CHAR_PTR    pPin,      /* the SO's initial PIN */
-  CK_ULONG           ulPinLen,  /* length in bytes of the PIN */
-  CK_UTF8CHAR_PTR    pLabel     /* 32-byte token label (blank padded) */
-);
-#endif
-
-
-/* C_InitPIN initializes the normal user's PIN. */
-CK_PKCS11_FUNCTION_INFO(C_InitPIN)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,  /* the session's handle */
-  CK_UTF8CHAR_PTR   pPin,      /* the normal user's PIN */
-  CK_ULONG          ulPinLen   /* length in bytes of the PIN */
-);
-#endif
-
-
-/* C_SetPIN modifies the PIN of the user who is logged in. */
-CK_PKCS11_FUNCTION_INFO(C_SetPIN)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,  /* the session's handle */
-  CK_UTF8CHAR_PTR   pOldPin,   /* the old PIN */
-  CK_ULONG          ulOldLen,  /* length of the old PIN */
-  CK_UTF8CHAR_PTR   pNewPin,   /* the new PIN */
-  CK_ULONG          ulNewLen   /* length of the new PIN */
-);
-#endif
-
-
-
-/* Session management */
-
-/* C_OpenSession opens a session between an application and a
- * token. */
-CK_PKCS11_FUNCTION_INFO(C_OpenSession)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SLOT_ID            slotID,        /* the slot's ID */
-  CK_FLAGS              flags,         /* from CK_SESSION_INFO */
-  CK_VOID_PTR           pApplication,  /* passed to callback */
-  CK_NOTIFY             Notify,        /* callback function */
-  CK_SESSION_HANDLE_PTR phSession      /* gets session handle */
-);
-#endif
-
-
-/* C_CloseSession closes a session between an application and a
- * token. */
-CK_PKCS11_FUNCTION_INFO(C_CloseSession)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession  /* the session's handle */
-);
-#endif
-
-
-/* C_CloseAllSessions closes all sessions with a token. */
-CK_PKCS11_FUNCTION_INFO(C_CloseAllSessions)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SLOT_ID     slotID  /* the token's slot */
-);
-#endif
-
-
-/* C_GetSessionInfo obtains information about the session. */
-CK_PKCS11_FUNCTION_INFO(C_GetSessionInfo)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE   hSession,  /* the session's handle */
-  CK_SESSION_INFO_PTR pInfo      /* receives session info */
-);
-#endif
-
-
-/* C_GetOperationState obtains the state of the cryptographic operation
- * in a session. */
-CK_PKCS11_FUNCTION_INFO(C_GetOperationState)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,             /* session's handle */
-  CK_BYTE_PTR       pOperationState,      /* gets state */
-  CK_ULONG_PTR      pulOperationStateLen  /* gets state length */
-);
-#endif
-
-
-/* C_SetOperationState restores the state of the cryptographic
- * operation in a session. */
-CK_PKCS11_FUNCTION_INFO(C_SetOperationState)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,            /* session's handle */
-  CK_BYTE_PTR      pOperationState,      /* holds state */
-  CK_ULONG         ulOperationStateLen,  /* holds state length */
-  CK_OBJECT_HANDLE hEncryptionKey,       /* en/decryption key */
-  CK_OBJECT_HANDLE hAuthenticationKey    /* sign/verify key */
-);
-#endif
-
-
-/* C_Login logs a user into a token. */
-CK_PKCS11_FUNCTION_INFO(C_Login)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,  /* the session's handle */
-  CK_USER_TYPE      userType,  /* the user type */
-  CK_UTF8CHAR_PTR   pPin,      /* the user's PIN */
-  CK_ULONG          ulPinLen   /* the length of the PIN */
-);
-#endif
-
-
-/* C_Logout logs a user out from a token. */
-CK_PKCS11_FUNCTION_INFO(C_Logout)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession  /* the session's handle */
-);
-#endif
-
-
-
-/* Object management */
-
-/* C_CreateObject creates a new object. */
-CK_PKCS11_FUNCTION_INFO(C_CreateObject)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,    /* the session's handle */
-  CK_ATTRIBUTE_PTR  pTemplate,   /* the object's template */
-  CK_ULONG          ulCount,     /* attributes in template */
-  CK_OBJECT_HANDLE_PTR phObject  /* gets new object's handle. */
-);
-#endif
-
-
-/* C_CopyObject copies an object, creating a new object for the
- * copy. */
-CK_PKCS11_FUNCTION_INFO(C_CopyObject)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE    hSession,    /* the session's handle */
-  CK_OBJECT_HANDLE     hObject,     /* the object's handle */
-  CK_ATTRIBUTE_PTR     pTemplate,   /* template for new object */
-  CK_ULONG             ulCount,     /* attributes in template */
-  CK_OBJECT_HANDLE_PTR phNewObject  /* receives handle of copy */
-);
-#endif
-
-
-/* C_DestroyObject destroys an object. */
-CK_PKCS11_FUNCTION_INFO(C_DestroyObject)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,  /* the session's handle */
-  CK_OBJECT_HANDLE  hObject    /* the object's handle */
-);
-#endif
-
-
-/* C_GetObjectSize gets the size of an object in bytes. */
-CK_PKCS11_FUNCTION_INFO(C_GetObjectSize)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,  /* the session's handle */
-  CK_OBJECT_HANDLE  hObject,   /* the object's handle */
-  CK_ULONG_PTR      pulSize    /* receives size of object */
-);
-#endif
-
-
-/* C_GetAttributeValue obtains the value of one or more object
- * attributes. */
-CK_PKCS11_FUNCTION_INFO(C_GetAttributeValue)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,   /* the session's handle */
-  CK_OBJECT_HANDLE  hObject,    /* the object's handle */
-  CK_ATTRIBUTE_PTR  pTemplate,  /* specifies attrs; gets vals */
-  CK_ULONG          ulCount     /* attributes in template */
-);
-#endif
-
-
-/* C_SetAttributeValue modifies the value of one or more object
- * attributes */
-CK_PKCS11_FUNCTION_INFO(C_SetAttributeValue)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,   /* the session's handle */
-  CK_OBJECT_HANDLE  hObject,    /* the object's handle */
-  CK_ATTRIBUTE_PTR  pTemplate,  /* specifies attrs and values */
-  CK_ULONG          ulCount     /* attributes in template */
-);
-#endif
-
-
-/* C_FindObjectsInit initializes a search for token and session
- * objects that match a template. */
-CK_PKCS11_FUNCTION_INFO(C_FindObjectsInit)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,   /* the session's handle */
-  CK_ATTRIBUTE_PTR  pTemplate,  /* attribute values to match */
-  CK_ULONG          ulCount     /* attrs in search template */
-);
-#endif
-
-
-/* C_FindObjects continues a search for token and session
- * objects that match a template, obtaining additional object
- * handles. */
-CK_PKCS11_FUNCTION_INFO(C_FindObjects)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE    hSession,          /* session's handle */
- CK_OBJECT_HANDLE_PTR phObject,          /* gets obj. handles */
- CK_ULONG             ulMaxObjectCount,  /* max handles to get */
- CK_ULONG_PTR         pulObjectCount     /* actual # returned */
-);
-#endif
-
-
-/* C_FindObjectsFinal finishes a search for token and session
- * objects. */
-CK_PKCS11_FUNCTION_INFO(C_FindObjectsFinal)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession  /* the session's handle */
-);
-#endif
-
-
-
-/* Encryption and decryption */
-
-/* C_EncryptInit initializes an encryption operation. */
-CK_PKCS11_FUNCTION_INFO(C_EncryptInit)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,    /* the session's handle */
-  CK_MECHANISM_PTR  pMechanism,  /* the encryption mechanism */
-  CK_OBJECT_HANDLE  hKey         /* handle of encryption key */
-);
-#endif
-
-
-/* C_Encrypt encrypts single-part data. */
-CK_PKCS11_FUNCTION_INFO(C_Encrypt)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,            /* session's handle */
-  CK_BYTE_PTR       pData,               /* the plaintext data */
-  CK_ULONG          ulDataLen,           /* bytes of plaintext */
-  CK_BYTE_PTR       pEncryptedData,      /* gets ciphertext */
-  CK_ULONG_PTR      pulEncryptedDataLen  /* gets c-text size */
-);
-#endif
-
-
-/* C_EncryptUpdate continues a multiple-part encryption
- * operation. */
-CK_PKCS11_FUNCTION_INFO(C_EncryptUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,           /* session's handle */
-  CK_BYTE_PTR       pPart,              /* the plaintext data */
-  CK_ULONG          ulPartLen,          /* plaintext data len */
-  CK_BYTE_PTR       pEncryptedPart,     /* gets ciphertext */
-  CK_ULONG_PTR      pulEncryptedPartLen /* gets c-text size */
-);
-#endif
-
-
-/* C_EncryptFinal finishes a multiple-part encryption
- * operation. */
-CK_PKCS11_FUNCTION_INFO(C_EncryptFinal)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,                /* session handle */
-  CK_BYTE_PTR       pLastEncryptedPart,      /* last c-text */
-  CK_ULONG_PTR      pulLastEncryptedPartLen  /* gets last size */
-);
-#endif
-
-
-/* C_DecryptInit initializes a decryption operation. */
-CK_PKCS11_FUNCTION_INFO(C_DecryptInit)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,    /* the session's handle */
-  CK_MECHANISM_PTR  pMechanism,  /* the decryption mechanism */
-  CK_OBJECT_HANDLE  hKey         /* handle of decryption key */
-);
-#endif
-
-
-/* C_Decrypt decrypts encrypted data in a single part. */
-CK_PKCS11_FUNCTION_INFO(C_Decrypt)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,           /* session's handle */
-  CK_BYTE_PTR       pEncryptedData,     /* ciphertext */
-  CK_ULONG          ulEncryptedDataLen, /* ciphertext length */
-  CK_BYTE_PTR       pData,              /* gets plaintext */
-  CK_ULONG_PTR      pulDataLen          /* gets p-text size */
-);
-#endif
-
-
-/* C_DecryptUpdate continues a multiple-part decryption
- * operation. */
-CK_PKCS11_FUNCTION_INFO(C_DecryptUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,            /* session's handle */
-  CK_BYTE_PTR       pEncryptedPart,      /* encrypted data */
-  CK_ULONG          ulEncryptedPartLen,  /* input length */
-  CK_BYTE_PTR       pPart,               /* gets plaintext */
-  CK_ULONG_PTR      pulPartLen           /* p-text size */
-);
-#endif
-
-
-/* C_DecryptFinal finishes a multiple-part decryption
- * operation. */
-CK_PKCS11_FUNCTION_INFO(C_DecryptFinal)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,       /* the session's handle */
-  CK_BYTE_PTR       pLastPart,      /* gets plaintext */
-  CK_ULONG_PTR      pulLastPartLen  /* p-text size */
-);
-#endif
-
-
-
-/* Message digesting */
-
-/* C_DigestInit initializes a message-digesting operation. */
-CK_PKCS11_FUNCTION_INFO(C_DigestInit)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,   /* the session's handle */
-  CK_MECHANISM_PTR  pMechanism  /* the digesting mechanism */
-);
-#endif
-
-
-/* C_Digest digests data in a single part. */
-CK_PKCS11_FUNCTION_INFO(C_Digest)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,     /* the session's handle */
-  CK_BYTE_PTR       pData,        /* data to be digested */
-  CK_ULONG          ulDataLen,    /* bytes of data to digest */
-  CK_BYTE_PTR       pDigest,      /* gets the message digest */
-  CK_ULONG_PTR      pulDigestLen  /* gets digest length */
-);
-#endif
-
-
-/* C_DigestUpdate continues a multiple-part message-digesting
- * operation. */
-CK_PKCS11_FUNCTION_INFO(C_DigestUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,  /* the session's handle */
-  CK_BYTE_PTR       pPart,     /* data to be digested */
-  CK_ULONG          ulPartLen  /* bytes of data to be digested */
-);
-#endif
-
-
-/* C_DigestKey continues a multi-part message-digesting
- * operation, by digesting the value of a secret key as part of
- * the data already digested. */
-CK_PKCS11_FUNCTION_INFO(C_DigestKey)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,  /* the session's handle */
-  CK_OBJECT_HANDLE  hKey       /* secret key to digest */
-);
-#endif
-
-
-/* C_DigestFinal finishes a multiple-part message-digesting
- * operation. */
-CK_PKCS11_FUNCTION_INFO(C_DigestFinal)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,     /* the session's handle */
-  CK_BYTE_PTR       pDigest,      /* gets the message digest */
-  CK_ULONG_PTR      pulDigestLen  /* gets byte count of digest */
-);
-#endif
-
-
-
-/* Signing and MACing */
-
-/* C_SignInit initializes a signature (private key encryption)
- * operation, where the signature is (will be) an appendix to
- * the data, and plaintext cannot be recovered from the
- *signature. */
-CK_PKCS11_FUNCTION_INFO(C_SignInit)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,    /* the session's handle */
-  CK_MECHANISM_PTR  pMechanism,  /* the signature mechanism */
-  CK_OBJECT_HANDLE  hKey         /* handle of signature key */
-);
-#endif
-
-
-/* C_Sign signs (encrypts with private key) data in a single
- * part, where the signature is (will be) an appendix to the
- * data, and plaintext cannot be recovered from the signature. */
-CK_PKCS11_FUNCTION_INFO(C_Sign)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,        /* the session's handle */
-  CK_BYTE_PTR       pData,           /* the data to sign */
-  CK_ULONG          ulDataLen,       /* count of bytes to sign */
-  CK_BYTE_PTR       pSignature,      /* gets the signature */
-  CK_ULONG_PTR      pulSignatureLen  /* gets signature length */
-);
-#endif
-
-
-/* C_SignUpdate continues a multiple-part signature operation,
- * where the signature is (will be) an appendix to the data, 
- * and plaintext cannot be recovered from the signature. */
-CK_PKCS11_FUNCTION_INFO(C_SignUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,  /* the session's handle */
-  CK_BYTE_PTR       pPart,     /* the data to sign */
-  CK_ULONG          ulPartLen  /* count of bytes to sign */
-);
-#endif
-
-
-/* C_SignFinal finishes a multiple-part signature operation, 
- * returning the signature. */
-CK_PKCS11_FUNCTION_INFO(C_SignFinal)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,        /* the session's handle */
-  CK_BYTE_PTR       pSignature,      /* gets the signature */
-  CK_ULONG_PTR      pulSignatureLen  /* gets signature length */
-);
-#endif
-
-
-/* C_SignRecoverInit initializes a signature operation, where
- * the data can be recovered from the signature. */
-CK_PKCS11_FUNCTION_INFO(C_SignRecoverInit)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,   /* the session's handle */
-  CK_MECHANISM_PTR  pMechanism, /* the signature mechanism */
-  CK_OBJECT_HANDLE  hKey        /* handle of the signature key */
-);
-#endif
-
-
-/* C_SignRecover signs data in a single operation, where the
- * data can be recovered from the signature. */
-CK_PKCS11_FUNCTION_INFO(C_SignRecover)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,        /* the session's handle */
-  CK_BYTE_PTR       pData,           /* the data to sign */
-  CK_ULONG          ulDataLen,       /* count of bytes to sign */
-  CK_BYTE_PTR       pSignature,      /* gets the signature */
-  CK_ULONG_PTR      pulSignatureLen  /* gets signature length */
-);
-#endif
-
-
-
-/* Verifying signatures and MACs */
-
-/* C_VerifyInit initializes a verification operation, where the
- * signature is an appendix to the data, and plaintext cannot
- *  cannot be recovered from the signature (e.g. DSA). */
-CK_PKCS11_FUNCTION_INFO(C_VerifyInit)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,    /* the session's handle */
-  CK_MECHANISM_PTR  pMechanism,  /* the verification mechanism */
-  CK_OBJECT_HANDLE  hKey         /* verification key */ 
-);
-#endif
-
-
-/* C_Verify verifies a signature in a single-part operation, 
- * where the signature is an appendix to the data, and plaintext
- * cannot be recovered from the signature. */
-CK_PKCS11_FUNCTION_INFO(C_Verify)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,       /* the session's handle */
-  CK_BYTE_PTR       pData,          /* signed data */
-  CK_ULONG          ulDataLen,      /* length of signed data */
-  CK_BYTE_PTR       pSignature,     /* signature */
-  CK_ULONG          ulSignatureLen  /* signature length*/
-);
-#endif
-
-
-/* C_VerifyUpdate continues a multiple-part verification
- * operation, where the signature is an appendix to the data, 
- * and plaintext cannot be recovered from the signature. */
-CK_PKCS11_FUNCTION_INFO(C_VerifyUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,  /* the session's handle */
-  CK_BYTE_PTR       pPart,     /* signed data */
-  CK_ULONG          ulPartLen  /* length of signed data */
-);
-#endif
-
-
-/* C_VerifyFinal finishes a multiple-part verification
- * operation, checking the signature. */
-CK_PKCS11_FUNCTION_INFO(C_VerifyFinal)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,       /* the session's handle */
-  CK_BYTE_PTR       pSignature,     /* signature to verify */
-  CK_ULONG          ulSignatureLen  /* signature length */
-);
-#endif
-
-
-/* C_VerifyRecoverInit initializes a signature verification
- * operation, where the data is recovered from the signature. */
-CK_PKCS11_FUNCTION_INFO(C_VerifyRecoverInit)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,    /* the session's handle */
-  CK_MECHANISM_PTR  pMechanism,  /* the verification mechanism */
-  CK_OBJECT_HANDLE  hKey         /* verification key */
-);
-#endif
-
-
-/* C_VerifyRecover verifies a signature in a single-part
- * operation, where the data is recovered from the signature. */
-CK_PKCS11_FUNCTION_INFO(C_VerifyRecover)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,        /* the session's handle */
-  CK_BYTE_PTR       pSignature,      /* signature to verify */
-  CK_ULONG          ulSignatureLen,  /* signature length */
-  CK_BYTE_PTR       pData,           /* gets signed data */
-  CK_ULONG_PTR      pulDataLen       /* gets signed data len */
-);
-#endif
-
-
-
-/* Dual-function cryptographic operations */
-
-/* C_DigestEncryptUpdate continues a multiple-part digesting
- * and encryption operation. */
-CK_PKCS11_FUNCTION_INFO(C_DigestEncryptUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,            /* session's handle */
-  CK_BYTE_PTR       pPart,               /* the plaintext data */
-  CK_ULONG          ulPartLen,           /* plaintext length */
-  CK_BYTE_PTR       pEncryptedPart,      /* gets ciphertext */
-  CK_ULONG_PTR      pulEncryptedPartLen  /* gets c-text length */
-);
-#endif
-
-
-/* C_DecryptDigestUpdate continues a multiple-part decryption and
- * digesting operation. */
-CK_PKCS11_FUNCTION_INFO(C_DecryptDigestUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,            /* session's handle */
-  CK_BYTE_PTR       pEncryptedPart,      /* ciphertext */
-  CK_ULONG          ulEncryptedPartLen,  /* ciphertext length */
-  CK_BYTE_PTR       pPart,               /* gets plaintext */
-  CK_ULONG_PTR      pulPartLen           /* gets plaintext len */
-);
-#endif
-
-
-/* C_SignEncryptUpdate continues a multiple-part signing and
- * encryption operation. */
-CK_PKCS11_FUNCTION_INFO(C_SignEncryptUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,            /* session's handle */
-  CK_BYTE_PTR       pPart,               /* the plaintext data */
-  CK_ULONG          ulPartLen,           /* plaintext length */
-  CK_BYTE_PTR       pEncryptedPart,      /* gets ciphertext */
-  CK_ULONG_PTR      pulEncryptedPartLen  /* gets c-text length */
-);
-#endif
-
-
-/* C_DecryptVerifyUpdate continues a multiple-part decryption and
- * verify operation. */
-CK_PKCS11_FUNCTION_INFO(C_DecryptVerifyUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,            /* session's handle */
-  CK_BYTE_PTR       pEncryptedPart,      /* ciphertext */
-  CK_ULONG          ulEncryptedPartLen,  /* ciphertext length */
-  CK_BYTE_PTR       pPart,               /* gets plaintext */
-  CK_ULONG_PTR      pulPartLen           /* gets p-text length */
-);
-#endif
-
-
-
-/* Key management */
-
-/* C_GenerateKey generates a secret key, creating a new key
- * object. */
-CK_PKCS11_FUNCTION_INFO(C_GenerateKey)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE    hSession,    /* the session's handle */
-  CK_MECHANISM_PTR     pMechanism,  /* key generation mech. */
-  CK_ATTRIBUTE_PTR     pTemplate,   /* template for new key */
-  CK_ULONG             ulCount,     /* # of attrs in template */
-  CK_OBJECT_HANDLE_PTR phKey        /* gets handle of new key */
-);
-#endif
-
-
-/* C_GenerateKeyPair generates a public-key/private-key pair, 
- * creating new key objects. */
-CK_PKCS11_FUNCTION_INFO(C_GenerateKeyPair)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE    hSession,                    /* session
-                                                     * handle */
-  CK_MECHANISM_PTR     pMechanism,                  /* key-gen
-                                                     * mech. */
-  CK_ATTRIBUTE_PTR     pPublicKeyTemplate,          /* template
-                                                     * for pub.
-                                                     * key */
-  CK_ULONG             ulPublicKeyAttributeCount,   /* # pub.
-                                                     * attrs. */
-  CK_ATTRIBUTE_PTR     pPrivateKeyTemplate,         /* template
-                                                     * for priv.
-                                                     * key */
-  CK_ULONG             ulPrivateKeyAttributeCount,  /* # priv.
-                                                     * attrs. */
-  CK_OBJECT_HANDLE_PTR phPublicKey,                 /* gets pub.
-                                                     * key
-                                                     * handle */
-  CK_OBJECT_HANDLE_PTR phPrivateKey                 /* gets
-                                                     * priv. key
-                                                     * handle */
-);
-#endif
-
-
-/* C_WrapKey wraps (i.e., encrypts) a key. */
-CK_PKCS11_FUNCTION_INFO(C_WrapKey)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,        /* the session's handle */
-  CK_MECHANISM_PTR  pMechanism,      /* the wrapping mechanism */
-  CK_OBJECT_HANDLE  hWrappingKey,    /* wrapping key */
-  CK_OBJECT_HANDLE  hKey,            /* key to be wrapped */
-  CK_BYTE_PTR       pWrappedKey,     /* gets wrapped key */
-  CK_ULONG_PTR      pulWrappedKeyLen /* gets wrapped key size */
-);
-#endif
-
-
-/* C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new
- * key object. */
-CK_PKCS11_FUNCTION_INFO(C_UnwrapKey)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE    hSession,          /* session's handle */
-  CK_MECHANISM_PTR     pMechanism,        /* unwrapping mech. */
-  CK_OBJECT_HANDLE     hUnwrappingKey,    /* unwrapping key */
-  CK_BYTE_PTR          pWrappedKey,       /* the wrapped key */
-  CK_ULONG             ulWrappedKeyLen,   /* wrapped key len */
-  CK_ATTRIBUTE_PTR     pTemplate,         /* new key template */
-  CK_ULONG             ulAttributeCount,  /* template length */
-  CK_OBJECT_HANDLE_PTR phKey              /* gets new handle */
-);
-#endif
-
-
-/* C_DeriveKey derives a key from a base key, creating a new key
- * object. */
-CK_PKCS11_FUNCTION_INFO(C_DeriveKey)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE    hSession,          /* session's handle */
-  CK_MECHANISM_PTR     pMechanism,        /* key deriv. mech. */
-  CK_OBJECT_HANDLE     hBaseKey,          /* base key */
-  CK_ATTRIBUTE_PTR     pTemplate,         /* new key template */
-  CK_ULONG             ulAttributeCount,  /* template length */
-  CK_OBJECT_HANDLE_PTR phKey              /* gets new handle */
-);
-#endif
-
-
-
-/* Random number generation */
-
-/* C_SeedRandom mixes additional seed material into the token's
- * random number generator. */
-CK_PKCS11_FUNCTION_INFO(C_SeedRandom)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,  /* the session's handle */
-  CK_BYTE_PTR       pSeed,     /* the seed material */
-  CK_ULONG          ulSeedLen  /* length of seed material */
-);
-#endif
-
-
-/* C_GenerateRandom generates random data. */
-CK_PKCS11_FUNCTION_INFO(C_GenerateRandom)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,    /* the session's handle */
-  CK_BYTE_PTR       RandomData,  /* receives the random data */
-  CK_ULONG          ulRandomLen  /* # of bytes to generate */
-);
-#endif
-
-
-
-/* Parallel function management */
-
-/* C_GetFunctionStatus is a legacy function; it obtains an
- * updated status of a function running in parallel with an
- * application. */
-CK_PKCS11_FUNCTION_INFO(C_GetFunctionStatus)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession  /* the session's handle */
-);
-#endif
-
-
-/* C_CancelFunction is a legacy function; it cancels a function
- * running in parallel. */
-CK_PKCS11_FUNCTION_INFO(C_CancelFunction)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession  /* the session's handle */
-);
-#endif
-
-
-
-/* Functions added in for PKCS #11 Version 2.01 or later */
-
-/* C_WaitForSlotEvent waits for a slot event (token insertion,
- * removal, etc.) to occur. */
-CK_PKCS11_FUNCTION_INFO(C_WaitForSlotEvent)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_FLAGS flags,        /* blocking/nonblocking flag */
-  CK_SLOT_ID_PTR pSlot,  /* location that receives the slot ID */
-  CK_VOID_PTR pRserved   /* reserved.  Should be NULL_PTR */
-);
-#endif

mozilla/security/nss/lib/softoken/pkcs11i.h

@@ -1,687 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-/*
- * Internal data structures and functions used by pkcs11.c
- */
-#ifndef _PKCS11I_H_
-#define _PKCS11I_H_ 1
-
-#include "nssilock.h"
-#include "seccomon.h"
-#include "secoidt.h"
-#include "lowkeyti.h"
-#include "pkcs11t.h"
-
-#include "sftkdbt.h"
-
-
-/* 
- * Configuration Defines 
- *
- * The following defines affect the space verse speed trade offs of
- * the PKCS #11 module. For the most part the current settings are optimized
- * for web servers, where we want faster speed and lower lock contention at
- * the expense of space.
- */
-
-/* 
- * The attribute allocation strategy is static allocation:
- *   Attributes are pre-allocated as part of the session object and used from
- *   the object array.
- */
-#define MAX_OBJS_ATTRS 45	/* number of attributes to preallocate in
-				 * the object (must me the absolute max) */
-#define ATTR_SPACE 50  		/* Maximum size of attribute data before extra
-				 * data needs to be allocated. This is set to
-				 * enough space to hold an SSL MASTER secret */
-
-#define NSC_STRICT      PR_FALSE  /* forces the code to do strict template
-				   * matching when doing C_FindObject on token
-				   * objects. This will slow down search in
-				   * NSS. */
-/* default search block allocations and increments */
-#define NSC_CERT_BLOCK_SIZE     50
-#define NSC_SEARCH_BLOCK_SIZE   5 
-#define NSC_SLOT_LIST_BLOCK_SIZE 10
-
-#define NSC_FIPS_MODULE 1
-#define NSC_NON_FIPS_MODULE 0
-
-/* these are data base storage hashes, not cryptographic hashes.. The define
- * the effective size of the various object hash tables */
-/* clients care more about memory usage than lookup performance on
- * cyrptographic objects. Clients also have less objects around to play with 
- *
- * we eventually should make this configurable at runtime! Especially now that
- * NSS is a shared library.
- */
-#define SPACE_ATTRIBUTE_HASH_SIZE 32 
-#define SPACE_SESSION_OBJECT_HASH_SIZE 32
-#define SPACE_SESSION_HASH_SIZE 32
-#define TIME_ATTRIBUTE_HASH_SIZE 32
-#define TIME_SESSION_OBJECT_HASH_SIZE 1024
-#define TIME_SESSION_HASH_SIZE 1024
-#define MAX_OBJECT_LIST_SIZE 800  
-				  /* how many objects to keep on the free list
-				   * before we start freeing them */
-#define MAX_KEY_LEN 256 	  /* maximum symmetric key length in bytes */
-
-#define MULTIACCESS "multiaccess:"
-
-/*
- * LOG2_BUCKETS_PER_SESSION_LOCK must be a prime number.
- * With SESSION_HASH_SIZE=1024, LOG2 can be 9, 5, 1, or 0.
- * With SESSION_HASH_SIZE=4096, LOG2 can be 11, 9, 5, 1, or 0.
- *
- * HASH_SIZE   LOG2_BUCKETS_PER   BUCKETS_PER_LOCK  NUMBER_OF_BUCKETS
- * 1024        9                  512               2
- * 1024        5                  32                32
- * 1024        1                  2                 512
- * 1024        0                  1                 1024
- * 4096        11                 2048              2
- * 4096        9                  512               8
- * 4096        5                  32                128
- * 4096        1                  2                 2048
- * 4096        0                  1                 4096
- */
-#define LOG2_BUCKETS_PER_SESSION_LOCK 1
-#define BUCKETS_PER_SESSION_LOCK (1 << (LOG2_BUCKETS_PER_SESSION_LOCK))
-/* NOSPREAD sessionID to hash table index macro has been slower. */
-
-/* define typedefs, double as forward declarations as well */
-typedef struct SFTKAttributeStr SFTKAttribute;
-typedef struct SFTKObjectListStr SFTKObjectList;
-typedef struct SFTKObjectFreeListStr SFTKObjectFreeList;
-typedef struct SFTKObjectListElementStr SFTKObjectListElement;
-typedef struct SFTKObjectStr SFTKObject;
-typedef struct SFTKSessionObjectStr SFTKSessionObject;
-typedef struct SFTKTokenObjectStr SFTKTokenObject;
-typedef struct SFTKSessionStr SFTKSession;
-typedef struct SFTKSlotStr SFTKSlot;
-typedef struct SFTKSessionContextStr SFTKSessionContext;
-typedef struct SFTKSearchResultsStr SFTKSearchResults;
-typedef struct SFTKHashVerifyInfoStr SFTKHashVerifyInfo;
-typedef struct SFTKHashSignInfoStr SFTKHashSignInfo;
-typedef struct SFTKSSLMACInfoStr SFTKSSLMACInfo;
-
-/* define function pointer typdefs for pointer tables */
-typedef void (*SFTKDestroy)(void *, PRBool);
-typedef void (*SFTKBegin)(void *);
-typedef SECStatus (*SFTKCipher)(void *,void *,unsigned int *,unsigned int,
-					void *, unsigned int);
-typedef SECStatus (*SFTKVerify)(void *,void *,unsigned int,void *,unsigned int);
-typedef void (*SFTKHash)(void *,void *,unsigned int);
-typedef void (*SFTKEnd)(void *,void *,unsigned int *,unsigned int);
-typedef void (*SFTKFree)(void *);
-
-/* Value to tell if an attribute is modifiable or not.
- *    NEVER: attribute is only set on creation.
- *    ONCOPY: attribute is set on creation and can only be changed on copy.
- *    SENSITIVE: attribute can only be changed to TRUE.
- *    ALWAYS: attribute can always be changed.
- */
-typedef enum {
-	SFTK_NEVER = 0,
-	SFTK_ONCOPY = 1,
-	SFTK_SENSITIVE = 2,
-	SFTK_ALWAYS = 3
-} SFTKModifyType;
-
-/*
- * Free Status Enum... tell us more information when we think we're
- * deleting an object.
- */
-typedef enum {
-	SFTK_DestroyFailure,
-	SFTK_Destroyed,
-	SFTK_Busy
-} SFTKFreeStatus;
-
-/*
- * attribute values of an object.
- */
-struct SFTKAttributeStr {
-    SFTKAttribute  	*next;
-    SFTKAttribute  	*prev;
-    PRBool		freeAttr;
-    PRBool		freeData;
-    /*must be called handle to make sftkqueue_find work */
-    CK_ATTRIBUTE_TYPE	handle;
-    CK_ATTRIBUTE 	attrib;
-    unsigned char space[ATTR_SPACE];
-};
-
-
-/*
- * doubly link list of objects
- */
-struct SFTKObjectListStr {
-    SFTKObjectList *next;
-    SFTKObjectList *prev;
-    SFTKObject	   *parent;
-};
-
-struct SFTKObjectFreeListStr {
-    SFTKObject	*head;
-    PZLock	*lock;
-    int		count;
-};
-
-/*
- * PKCS 11 crypto object structure
- */
-struct SFTKObjectStr {
-    SFTKObject *next;
-    SFTKObject	*prev;
-    CK_OBJECT_CLASS 	objclass;
-    CK_OBJECT_HANDLE	handle;
-    int 		refCount;
-    PZLock 		*refLock;
-    SFTKSlot	   	*slot;
-    void 		*objectInfo;
-    SFTKFree 		infoFree;
-};
-
-struct SFTKTokenObjectStr {
-    SFTKObject  obj;
-    SECItem	dbKey;
-};
-
-struct SFTKSessionObjectStr {
-    SFTKObject	   obj;
-    SFTKObjectList sessionList;
-    PZLock		*attributeLock;
-    SFTKSession   	*session;
-    PRBool		wasDerived;
-    int nextAttr;
-    SFTKAttribute	attrList[MAX_OBJS_ATTRS];
-    PRBool		optimizeSpace;
-    unsigned int	hashSize;
-    SFTKAttribute 	*head[1];
-};
-
-/*
- * struct to deal with a temparary list of objects
- */
-struct SFTKObjectListElementStr {
-    SFTKObjectListElement	*next;
-    SFTKObject 			*object;
-};
-
-/*
- * Area to hold Search results
- */
-struct SFTKSearchResultsStr {
-    CK_OBJECT_HANDLE	*handles;
-    int			size;
-    int			index;
-    int			array_size;
-};
-
-
-/* 
- * the universal crypto/hash/sign/verify context structure
- */
-typedef enum {
-    SFTK_ENCRYPT,
-    SFTK_DECRYPT,
-    SFTK_HASH,
-    SFTK_SIGN,
-    SFTK_SIGN_RECOVER,
-    SFTK_VERIFY,
-    SFTK_VERIFY_RECOVER
-} SFTKContextType;
-
-
-#define SFTK_MAX_BLOCK_SIZE 16
-/* currently SHA512 is the biggest hash length */
-#define SFTK_MAX_MAC_LENGTH 64
-#define SFTK_INVALID_MAC_SIZE 0xffffffff
-
-struct SFTKSessionContextStr {
-    SFTKContextType	type;
-    PRBool		multi; 		/* is multipart */
-    PRBool		doPad; 		/* use PKCS padding for block ciphers */
-    unsigned int	blockSize; 	/* blocksize for padding */
-    unsigned int	padDataLength; 	/* length of the valid data in padbuf */
-    unsigned char	padBuf[SFTK_MAX_BLOCK_SIZE];
-    unsigned char	macBuf[SFTK_MAX_BLOCK_SIZE];
-    CK_ULONG		macSize;	/* size of a general block cipher mac*/
-    void		*cipherInfo;
-    void		*hashInfo;
-    unsigned int	cipherInfoLen;
-    CK_MECHANISM_TYPE	currentMech;
-    SFTKCipher		update;
-    SFTKHash		hashUpdate;
-    SFTKEnd		end;
-    SFTKDestroy		destroy;
-    SFTKDestroy		hashdestroy;
-    SFTKVerify		verify;
-    unsigned int	maxLen;
-    SFTKObject		*key;
-};
-
-/*
- * Sessions (have objects)
- */
-struct SFTKSessionStr {
-    SFTKSession        *next;
-    SFTKSession        *prev;
-    CK_SESSION_HANDLE	handle;
-    int			refCount;
-    PZLock		*objectLock;
-    int			objectIDCount;
-    CK_SESSION_INFO	info;
-    CK_NOTIFY		notify;
-    CK_VOID_PTR		appData;
-    SFTKSlot		*slot;
-    SFTKSearchResults	*search;
-    SFTKSessionContext	*enc_context;
-    SFTKSessionContext	*hash_context;
-    SFTKSessionContext	*sign_context;
-    SFTKObjectList	*objects[1];
-};
-
-/*
- * slots (have sessions and objects)
- *
- * The array of sessionLock's protect the session hash table (head[])
- * as well as the reference count of session objects in that bucket
- * (head[]->refCount),  objectLock protects all elements of the slot's
- * object hash tables (sessObjHashTable[] and tokObjHashTable), and
- * sessionObjectHandleCount.
- * slotLock protects the remaining protected elements:
- * password, isLoggedIn, ssoLoggedIn, and sessionCount,
- * and pwCheckLock serializes the key database password checks in
- * NSC_SetPIN and NSC_Login.
- *
- * Each of the fields below has the following lifetime as commented
- * next to the fields:
- *   invariant  - This value is set when the slot is first created and
- * never changed until it is destroyed.
- *   per load   - This value is set when the slot is first created, or 
- * when the slot is used to open another directory. Between open and close
- * this field does not change.
- *   variable - This value changes through the normal process of slot operation.
- *      - reset. The value of this variable is cleared during an open/close 
- *   cycles.
- *      - preserved. The value of this variable is preserved over open/close
- *   cycles.
- */
-struct SFTKSlotStr {
-    CK_SLOT_ID		slotID;			/* invariant */
-    PZLock		*slotLock;		/* invariant */
-    PZLock		**sessionLock;		/* invariant */
-    unsigned int	numSessionLocks;	/* invariant */
-    unsigned long	sessionLockMask;	/* invariant */
-    PZLock		*objectLock;		/* invariant */
-    PRLock		*pwCheckLock;		/* invariant */
-    PRBool		present;		/* variable -set */
-    PRBool		hasTokens;		/* per load */
-    PRBool		isLoggedIn;		/* variable - reset */
-    PRBool		ssoLoggedIn;		/* variable - reset */
-    PRBool		needLogin;		/* per load */
-    PRBool		DB_loaded;		/* per load */
-    PRBool		readOnly;		/* per load */
-    PRBool		optimizeSpace;		/* invariant */
-    SFTKDBHandle	*certDB;		/* per load */
-    SFTKDBHandle	*keyDB;			/* per load */
-    int			minimumPinLen;		/* per load */
-    PRInt32		sessionIDCount;		/* atomically incremented */
-                                        	/* (preserved) */
-    int			sessionIDConflict; 	/* not protected by a lock */
-                                            	/* (preserved) */
-    int			sessionCount;           /* variable - reset */
-    PRInt32             rwSessionCount;    	/* set by atomic operations */
-                                          	/* (reset) */
-    int			sessionObjectHandleCount;/* variable - perserved */
-    int			index;			/* invariant */
-    PLHashTable		*tokObjHashTable;	/* invariant */
-    SFTKObject		**sessObjHashTable;	/* variable - reset */
-    unsigned int	sessObjHashSize;	/* invariant */
-    SFTKSession		**head;			/* variable -reset */
-    unsigned int	sessHashSize;		/* invariant */
-    char		tokDescription[33];	/* per load */
-    char		slotDescription[64];	/* invariant */
-};
-
-/*
- * special joint operations Contexts
- */
-struct SFTKHashVerifyInfoStr {
-    SECOidTag   	hashOid;
-    NSSLOWKEYPublicKey	*key;
-};
-
-struct SFTKHashSignInfoStr {
-    SECOidTag   	hashOid;
-    NSSLOWKEYPrivateKey	*key;
-};
-
-/* context for the Final SSLMAC message */
-struct SFTKSSLMACInfoStr {
-    void 		*hashContext;
-    SFTKBegin		begin;
-    SFTKHash		update;
-    SFTKEnd		end;
-    CK_ULONG		macSize;
-    int			padSize;
-    unsigned char	key[MAX_KEY_LEN];
-    unsigned int	keySize;
-};
-
-/*
- * session handle modifiers
- */
-#define SFTK_SESSION_SLOT_MASK	0xff000000L
-
-/*
- * object handle modifiers
- */
-#define SFTK_TOKEN_MASK		0x80000000L
-#define SFTK_TOKEN_MAGIC	0x80000000L
-#define SFTK_TOKEN_TYPE_MASK	0x70000000L
-/* keydb (high bit == 0) */
-#define SFTK_TOKEN_TYPE_PRIV	0x10000000L
-#define SFTK_TOKEN_TYPE_PUB	0x20000000L
-#define SFTK_TOKEN_TYPE_KEY	0x30000000L
-/* certdb (high bit == 1) */
-#define SFTK_TOKEN_TYPE_TRUST	0x40000000L
-#define SFTK_TOKEN_TYPE_CRL	0x50000000L
-#define SFTK_TOKEN_TYPE_SMIME	0x60000000L
-#define SFTK_TOKEN_TYPE_CERT	0x70000000L
-
-#define SFTK_TOKEN_KRL_HANDLE	(SFTK_TOKEN_MAGIC|SFTK_TOKEN_TYPE_CRL|1)
-/* how big (in bytes) a password/pin we can deal with */
-#define SFTK_MAX_PIN	255
-/* minimum password/pin length (in Unicode characters) in FIPS mode */
-#define FIPS_MIN_PIN	7
-
-/* slot ID's */
-#define NETSCAPE_SLOT_ID 1
-#define PRIVATE_KEY_SLOT_ID 2
-#define FIPS_SLOT_ID 3
-
-/* slot helper macros */
-#define sftk_SlotFromSession(sp) ((sp)->slot)
-#define sftk_isToken(id) (((id) & SFTK_TOKEN_MASK) == SFTK_TOKEN_MAGIC)
-
-/* the session hash multiplier (see bug 201081) */
-#define SHMULTIPLIER 1791398085
-
-/* queueing helper macros */
-#define sftk_hash(value,size) \
-	((PRUint32)((value) * SHMULTIPLIER) & (size-1))
-#define sftkqueue_add(element,id,head,hash_size) \
-	{ int tmp = sftk_hash(id,hash_size); \
-	(element)->next = (head)[tmp]; \
-	(element)->prev = NULL; \
-	if ((head)[tmp]) (head)[tmp]->prev = (element); \
-	(head)[tmp] = (element); }
-#define sftkqueue_find(element,id,head,hash_size) \
-	for( (element) = (head)[sftk_hash(id,hash_size)]; (element) != NULL; \
-					 (element) = (element)->next) { \
-	    if ((element)->handle == (id)) { break; } }
-#define sftkqueue_is_queued(element,id,head,hash_size) \
-	( ((element)->next) || ((element)->prev) || \
-	 ((head)[sftk_hash(id,hash_size)] == (element)) )
-#define sftkqueue_delete(element,id,head,hash_size) \
-	if ((element)->next) (element)->next->prev = (element)->prev; \
-	if ((element)->prev) (element)->prev->next = (element)->next; \
-	   else (head)[sftk_hash(id,hash_size)] = ((element)->next); \
-	(element)->next = NULL; \
-	(element)->prev = NULL; \
-
-#define sftkqueue_init_element(element) \
-    (element)->prev = NULL;
-
-#define sftkqueue_add2(element, id, index, head) \
-    {                                            \
-	(element)->next = (head)[index];         \
-	if ((head)[index])                       \
-	    (head)[index]->prev = (element);     \
-	(head)[index] = (element);               \
-    }
-
-#define sftkqueue_find2(element, id, index, head) \
-    for ( (element) = (head)[index];              \
-          (element) != NULL;                      \
-          (element) = (element)->next) {          \
-	if ((element)->handle == (id)) { break; } \
-    }
-
-#define sftkqueue_delete2(element, id, index, head) \
-	if ((element)->next) (element)->next->prev = (element)->prev; \
-	if ((element)->prev) (element)->prev->next = (element)->next; \
-	   else (head)[index] = ((element)->next);
-
-#define sftkqueue_clear_deleted_element(element) \
-	(element)->next = NULL; \
-	(element)->prev = NULL; \
-
-
-/* sessionID (handle) is used to determine session lock bucket */
-#ifdef NOSPREAD
-/* NOSPREAD:	(ID>>L2LPB) & (perbucket-1) */
-#define SFTK_SESSION_LOCK(slot,handle) \
-    ((slot)->sessionLock[((handle) >> LOG2_BUCKETS_PER_SESSION_LOCK) \
-        & (slot)->sessionLockMask])
-#else
-/* SPREAD:	ID & (perbucket-1) */
-#define SFTK_SESSION_LOCK(slot,handle) \
-    ((slot)->sessionLock[(handle) & (slot)->sessionLockMask])
-#endif
-
-/* expand an attribute & secitem structures out */
-#define sftk_attr_expand(ap) (ap)->type,(ap)->pValue,(ap)->ulValueLen
-#define sftk_item_expand(ip) (ip)->data,(ip)->len
-
-typedef struct sftk_token_parametersStr {
-    CK_SLOT_ID slotID;
-    char *configdir;
-    char *certPrefix;
-    char *keyPrefix;
-    char *tokdes;
-    char *slotdes;
-    int minPW; 
-    PRBool readOnly;
-    PRBool noCertDB;
-    PRBool noKeyDB;
-    PRBool forceOpen;
-    PRBool pwRequired;
-    PRBool optimizeSpace;
-} sftk_token_parameters;
-
-typedef struct sftk_parametersStr {
-    char *configdir;
-    char *secmodName;
-    char *man;
-    char *libdes; 
-    PRBool readOnly;
-    PRBool noModDB;
-    PRBool noCertDB;
-    PRBool forceOpen;
-    PRBool pwRequired;
-    PRBool optimizeSpace;
-    sftk_token_parameters *tokens;
-    int token_count;
-} sftk_parameters;
-
-
-/* machine dependent path stuff used by dbinit.c and pk11db.c */
-#ifdef macintosh
-#define PATH_SEPARATOR ":"
-#define SECMOD_DB "Security Modules"
-#define CERT_DB_FMT "%sCertificates%s"
-#define KEY_DB_FMT "%sKey Database%s"
-#else
-#define PATH_SEPARATOR "/"
-#define SECMOD_DB "secmod.db"
-#define CERT_DB_FMT "%scert%s.db"
-#define KEY_DB_FMT "%skey%s.db"
-#endif
-
-SEC_BEGIN_PROTOS
-
-/* shared functions between pkcs11.c and fipstokn.c */
-extern PRBool nsf_init;
-extern CK_RV nsc_CommonInitialize(CK_VOID_PTR pReserved, PRBool isFIPS);
-extern CK_RV nsc_CommonFinalize(CK_VOID_PTR pReserved, PRBool isFIPS);
-extern CK_RV nsc_CommonGetSlotList(CK_BBOOL tokPresent, 
-	CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount, int moduleIndex);
-
-/* slot initialization, reinit, shutdown and destruction */
-extern CK_RV SFTK_SlotInit(char *configdir,
-			sftk_token_parameters *params, int moduleIndex);
-extern CK_RV SFTK_SlotReInit(SFTKSlot *slot, char *configdir,
-			sftk_token_parameters *params, int moduleIndex);
-extern CK_RV SFTK_DestroySlotData(SFTKSlot *slot);
-extern CK_RV SFTK_ShutdownSlot(SFTKSlot *slot);
-
-
-/* internal utility functions used by pkcs11.c */
-extern SFTKAttribute *sftk_FindAttribute(SFTKObject *object,
-					 CK_ATTRIBUTE_TYPE type);
-extern void sftk_FreeAttribute(SFTKAttribute *attribute);
-extern CK_RV sftk_AddAttributeType(SFTKObject *object, CK_ATTRIBUTE_TYPE type,
-				   void *valPtr,
-				  CK_ULONG length);
-extern CK_RV sftk_Attribute2SecItem(PLArenaPool *arena, SECItem *item,
-				    SFTKObject *object, CK_ATTRIBUTE_TYPE type);
-extern unsigned int sftk_GetLengthInBits(unsigned char *buf,
-							 unsigned int bufLen);
-extern CK_RV sftk_ConstrainAttribute(SFTKObject *object, 
-	CK_ATTRIBUTE_TYPE type, int minLength, int maxLength, int minMultiple);
-extern PRBool sftk_hasAttribute(SFTKObject *object, CK_ATTRIBUTE_TYPE type);
-extern PRBool sftk_isTrue(SFTKObject *object, CK_ATTRIBUTE_TYPE type);
-extern void sftk_DeleteAttributeType(SFTKObject *object,
-				     CK_ATTRIBUTE_TYPE type);
-extern CK_RV sftk_Attribute2SecItem(PLArenaPool *arena, SECItem *item,
-				    SFTKObject *object, CK_ATTRIBUTE_TYPE type);
-extern CK_RV sftk_Attribute2SSecItem(PLArenaPool *arena, SECItem *item,
-				     SFTKObject *object,
-				     CK_ATTRIBUTE_TYPE type);
-extern SFTKModifyType sftk_modifyType(CK_ATTRIBUTE_TYPE type,
-				      CK_OBJECT_CLASS inClass);
-extern PRBool sftk_isSensitive(CK_ATTRIBUTE_TYPE type, CK_OBJECT_CLASS inClass);
-extern char *sftk_getString(SFTKObject *object, CK_ATTRIBUTE_TYPE type);
-extern void sftk_nullAttribute(SFTKObject *object,CK_ATTRIBUTE_TYPE type);
-extern CK_RV sftk_GetULongAttribute(SFTKObject *object, CK_ATTRIBUTE_TYPE type,
-                                                         CK_ULONG *longData);
-extern CK_RV sftk_forceAttribute(SFTKObject *object, CK_ATTRIBUTE_TYPE type,
-				 void *value, unsigned int len);
-extern CK_RV sftk_defaultAttribute(SFTKObject *object, CK_ATTRIBUTE_TYPE type,
-				   void *value, unsigned int len);
-extern unsigned int sftk_MapTrust(CK_TRUST trust, PRBool clientAuth);
-
-extern SFTKObject *sftk_NewObject(SFTKSlot *slot);
-extern CK_RV sftk_CopyObject(SFTKObject *destObject, SFTKObject *srcObject);
-extern SFTKFreeStatus sftk_FreeObject(SFTKObject *object);
-extern CK_RV sftk_DeleteObject(SFTKSession *session, SFTKObject *object);
-extern void sftk_ReferenceObject(SFTKObject *object);
-extern SFTKObject *sftk_ObjectFromHandle(CK_OBJECT_HANDLE handle,
-					 SFTKSession *session);
-extern void sftk_AddSlotObject(SFTKSlot *slot, SFTKObject *object);
-extern void sftk_AddObject(SFTKSession *session, SFTKObject *object);
-/* clear out all the existing object ID to database key mappings.
- * used to reinit a token */
-extern CK_RV SFTK_ClearTokenKeyHashTable(SFTKSlot *slot);
-
-extern CK_RV sftk_searchObjectList(SFTKSearchResults *search,
-				   SFTKObject **head, unsigned int size,
-				   PZLock *lock, CK_ATTRIBUTE_PTR inTemplate,
-				   int count, PRBool isLoggedIn);
-extern SFTKObjectListElement *sftk_FreeObjectListElement(
-					     SFTKObjectListElement *objectList);
-extern void sftk_FreeObjectList(SFTKObjectListElement *objectList);
-extern void sftk_FreeSearch(SFTKSearchResults *search);
-extern CK_RV sftk_handleObject(SFTKObject *object, SFTKSession *session);
-
-extern SFTKSlot *sftk_SlotFromID(CK_SLOT_ID slotID, PRBool all);
-extern SFTKSlot *sftk_SlotFromSessionHandle(CK_SESSION_HANDLE handle);
-extern SFTKSession *sftk_SessionFromHandle(CK_SESSION_HANDLE handle);
-extern void sftk_FreeSession(SFTKSession *session);
-extern SFTKSession *sftk_NewSession(CK_SLOT_ID slotID, CK_NOTIFY notify,
-				    CK_VOID_PTR pApplication, CK_FLAGS flags);
-extern void sftk_update_state(SFTKSlot *slot,SFTKSession *session);
-extern void sftk_update_all_states(SFTKSlot *slot);
-extern void sftk_FreeContext(SFTKSessionContext *context);
-extern void sftk_InitFreeLists(void);
-extern void sftk_CleanupFreeLists(void);
-
-extern NSSLOWKEYPublicKey *sftk_GetPubKey(SFTKObject *object,
-					  CK_KEY_TYPE key_type, CK_RV *crvp);
-extern NSSLOWKEYPrivateKey *sftk_GetPrivKey(SFTKObject *object,
-					    CK_KEY_TYPE key_type, CK_RV *crvp);
-extern void sftk_FormatDESKey(unsigned char *key, int length);
-extern PRBool sftk_CheckDESKey(unsigned char *key);
-extern PRBool sftk_IsWeakKey(unsigned char *key,CK_KEY_TYPE key_type);
-
-/* mechanism allows this operation */
-extern CK_RV sftk_MechAllowsOperation(CK_MECHANISM_TYPE type, CK_ATTRIBUTE_TYPE op);
-
-/* helper function which calls nsslowkey_FindKeyByPublicKey after safely
- * acquiring a reference to the keydb from the slot */
-NSSLOWKEYPrivateKey *sftk_FindKeyByPublicKey(SFTKSlot *slot, SECItem *dbKey);
-
-/*
- * narrow objects
- */
-SFTKSessionObject * sftk_narrowToSessionObject(SFTKObject *);
-SFTKTokenObject * sftk_narrowToTokenObject(SFTKObject *);
-
-/*
- * token object utilities
- */
-void sftk_addHandle(SFTKSearchResults *search, CK_OBJECT_HANDLE handle);
-PRBool sftk_poisonHandle(SFTKSlot *slot, SECItem *dbkey, 
-						CK_OBJECT_HANDLE handle);
-SFTKObject * sftk_NewTokenObject(SFTKSlot *slot, SECItem *dbKey, 
-						CK_OBJECT_HANDLE handle);
-SFTKTokenObject *sftk_convertSessionToToken(SFTKObject *so);
-
-/****************************************
- * implement TLS Pseudo Random Function (PRF)
- */
-
-extern CK_RV
-sftk_TLSPRFInit(SFTKSessionContext *context, 
-		  SFTKObject *        key, 
-		  CK_KEY_TYPE         key_type);
-
-SEC_END_PROTOS
-
-#endif /* _PKCS11I_H_ */

mozilla/security/nss/lib/softoken/pkcs11n.h

@@ -1,281 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *   Dr Stephen Henson <stephen.henson@gemplus.com>
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-#ifndef _PKCS11N_H_
-#define _PKCS11N_H_
-
-#ifdef DEBUG
-static const char CKT_CVS_ID[] = "@(#) $RCSfile: pkcs11n.h,v $ $Revision: 1.15.22.1 $ $Date: 2007-05-17 01:08:18 $";
-#endif /* DEBUG */
-
-/*
- * pkcs11n.h
- *
- * This file contains the NSS-specific type definitions for Cryptoki
- * (PKCS#11).
- */
-
-/*
- * NSSCK_VENDOR_NSS
- *
- * Cryptoki reserves the high half of all the number spaces for
- * vendor-defined use.  I'd like to keep all of our NSS-
- * specific values together, but not in the oh-so-obvious
- * 0x80000001, 0x80000002, etc. area.  So I've picked an offset,
- * and constructed values for the beginnings of our spaces.
- *
- * Note that some "historical" Netscape values don't fall within
- * this range.
- */
-#define NSSCK_VENDOR_NSS 0x4E534350 /* NSCP */
-
-/*
- * NSS-defined object classes
- * 
- */
-#define CKO_NSS (CKO_VENDOR_DEFINED|NSSCK_VENDOR_NSS)
-
-#define CKO_NSS_CRL                (CKO_NSS + 1)
-#define CKO_NSS_SMIME              (CKO_NSS + 2)
-#define CKO_NSS_TRUST              (CKO_NSS + 3)
-#define CKO_NSS_BUILTIN_ROOT_LIST  (CKO_NSS + 4)
-#define CKO_NSS_NEWSLOT            (CKO_NSS + 5)
-#define CKO_NSS_DELSLOT            (CKO_NSS + 6)
-
-
-/*
- * NSS-defined key types
- *
- */
-#define CKK_NSS (CKK_VENDOR_DEFINED|NSSCK_VENDOR_NSS)
-
-#define CKK_NSS_PKCS8              (CKK_NSS + 1)
-/*
- * NSS-defined certificate types
- *
- */
-#define CKC_NSS (CKC_VENDOR_DEFINED|NSSCK_VENDOR_NSS)
-
-/*
- * NSS-defined object attributes
- *
- */
-#define CKA_NSS (CKA_VENDOR_DEFINED|NSSCK_VENDOR_NSS)
-
-#define CKA_NSS_URL                (CKA_NSS +  1)
-#define CKA_NSS_EMAIL              (CKA_NSS +  2)
-#define CKA_NSS_SMIME_INFO         (CKA_NSS +  3)
-#define CKA_NSS_SMIME_TIMESTAMP    (CKA_NSS +  4)
-#define CKA_NSS_PKCS8_SALT         (CKA_NSS +  5)
-#define CKA_NSS_PASSWORD_CHECK     (CKA_NSS +  6)
-#define CKA_NSS_EXPIRES            (CKA_NSS +  7)
-#define CKA_NSS_KRL                (CKA_NSS +  8)
-
-#define CKA_NSS_PQG_COUNTER        (CKA_NSS +  20)
-#define CKA_NSS_PQG_SEED           (CKA_NSS +  21)
-#define CKA_NSS_PQG_H              (CKA_NSS +  22)
-#define CKA_NSS_PQG_SEED_BITS      (CKA_NSS +  23)
-#define CKA_NSS_MODULE_SPEC        (CKA_NSS +  24)
-#define CKA_NSS_OVERRIDE_EXTENSIONS (CKA_NSS +  25)
-
-/*
- * Trust attributes:
- *
- * If trust goes standard, these probably will too.  So I'll
- * put them all in one place.
- */
-
-#define CKA_TRUST (CKA_NSS + 0x2000)
-
-/* "Usage" key information */
-#define CKA_TRUST_DIGITAL_SIGNATURE     (CKA_TRUST +  1)
-#define CKA_TRUST_NON_REPUDIATION       (CKA_TRUST +  2)
-#define CKA_TRUST_KEY_ENCIPHERMENT      (CKA_TRUST +  3)
-#define CKA_TRUST_DATA_ENCIPHERMENT     (CKA_TRUST +  4)
-#define CKA_TRUST_KEY_AGREEMENT         (CKA_TRUST +  5)
-#define CKA_TRUST_KEY_CERT_SIGN         (CKA_TRUST +  6)
-#define CKA_TRUST_CRL_SIGN              (CKA_TRUST +  7)
-
-/* "Purpose" trust information */
-#define CKA_TRUST_SERVER_AUTH           (CKA_TRUST +  8)
-#define CKA_TRUST_CLIENT_AUTH           (CKA_TRUST +  9)
-#define CKA_TRUST_CODE_SIGNING          (CKA_TRUST + 10)
-#define CKA_TRUST_EMAIL_PROTECTION      (CKA_TRUST + 11)
-#define CKA_TRUST_IPSEC_END_SYSTEM      (CKA_TRUST + 12)
-#define CKA_TRUST_IPSEC_TUNNEL          (CKA_TRUST + 13)
-#define CKA_TRUST_IPSEC_USER            (CKA_TRUST + 14)
-#define CKA_TRUST_TIME_STAMPING         (CKA_TRUST + 15)
-#define CKA_TRUST_STEP_UP_APPROVED      (CKA_TRUST + 16)
-
-#define CKA_CERT_SHA1_HASH	        (CKA_TRUST + 100)
-#define CKA_CERT_MD5_HASH		(CKA_TRUST + 101)
-
-/* NSS trust stuff */
-/* XXX fgmr new ones here-- step-up, etc. */
-
-/* HISTORICAL: define used to pass in the database key for DSA private keys */
-#define CKA_NETSCAPE_DB                 0xD5A0DB00L
-#define CKA_NETSCAPE_TRUST              0x80000001L
-
-/*
- * NSS-defined crypto mechanisms
- *
- */
-#define CKM_NSS (CKM_VENDOR_DEFINED|NSSCK_VENDOR_NSS)
-
-#define CKM_NSS_AES_KEY_WRAP      (CKM_NSS + 1)
-#define CKM_NSS_AES_KEY_WRAP_PAD  (CKM_NSS + 2)
-
-/*
- * HISTORICAL:
- * Do not attempt to use these. They are only used by NETSCAPE's internal
- * PKCS #11 interface. Most of these are place holders for other mechanism
- * and will change in the future.
- */
-#define CKM_NETSCAPE_PBE_SHA1_DES_CBC           0x80000002L
-#define CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC    0x80000003L
-#define CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC    0x80000004L
-#define CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC   0x80000005L
-#define CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4        0x80000006L
-#define CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4       0x80000007L
-#define CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC   0x80000008L
-#define CKM_NETSCAPE_PBE_SHA1_HMAC_KEY_GEN      0x80000009L
-#define CKM_NETSCAPE_PBE_MD5_HMAC_KEY_GEN       0x8000000aL
-#define CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN       0x8000000bL
-
-#define CKM_TLS_PRF_GENERAL                     0x80000373L
-
-/*
- * NSS-defined return values
- *
- */
-#define CKR_NSS (CKM_VENDOR_DEFINED|NSSCK_VENDOR_NSS)
-
-#define CKR_NSS_CERTDB_FAILED      (CKR_NSS + 1)
-#define CKR_NSS_KEYDB_FAILED       (CKR_NSS + 2)
-
-/*
- * Trust info
- *
- * This isn't part of the Cryptoki standard (yet), so I'm putting
- * all the definitions here.  Some of this would move to nssckt.h
- * if trust info were made part of the standard.  In view of this
- * possibility, I'm putting my (NSS) values in the NSS
- * vendor space, like everything else.
- */
-
-typedef CK_ULONG          CK_TRUST;
-
-/* The following trust types are defined: */
-#define CKT_VENDOR_DEFINED     0x80000000
-
-#define CKT_NSS (CKT_VENDOR_DEFINED|NSSCK_VENDOR_NSS)
-
-/* If trust goes standard, these'll probably drop out of vendor space. */
-#define CKT_NSS_TRUSTED            (CKT_NSS + 1)
-#define CKT_NSS_TRUSTED_DELEGATOR  (CKT_NSS + 2)
-#define CKT_NSS_UNTRUSTED          (CKT_NSS + 3)
-#define CKT_NSS_MUST_VERIFY        (CKT_NSS + 4)
-#define CKT_NSS_TRUST_UNKNOWN      (CKT_NSS + 5) /* default */
-
-/* 
- * These may well remain NSS-specific; I'm only using them
- * to cache resolution data.
- */
-#define CKT_NSS_VALID              (CKT_NSS + 10)
-#define CKT_NSS_VALID_DELEGATOR    (CKT_NSS + 11)
-
-/* don't leave old programs in a lurch just yet, give them the old NETSCAPE
- * synonym */
-#define CKO_NETSCAPE_CRL                CKO_NSS_CRL
-#define CKO_NETSCAPE_SMIME              CKO_NSS_SMIME
-#define CKO_NETSCAPE_TRUST              CKO_NSS_TRUST
-#define CKO_NETSCAPE_BUILTIN_ROOT_LIST  CKO_NSS_BUILTIN_ROOT_LIST
-#define CKO_NETSCAPE_NEWSLOT            CKO_NSS_NEWSLOT
-#define CKO_NETSCAPE_DELSLOT            CKO_NSS_DELSLOT
-#define CKK_NETSCAPE_PKCS8              CKK_NSS_PKCS8
-#define CKA_NETSCAPE_URL                CKA_NSS_URL
-#define CKA_NETSCAPE_EMAIL              CKA_NSS_EMAIL
-#define CKA_NETSCAPE_SMIME_INFO         CKA_NSS_SMIME_INFO
-#define CKA_NETSCAPE_SMIME_TIMESTAMP    CKA_NSS_SMIME_TIMESTAMP
-#define CKA_NETSCAPE_PKCS8_SALT         CKA_NSS_PKCS8_SALT
-#define CKA_NETSCAPE_PASSWORD_CHECK     CKA_NSS_PASSWORD_CHECK
-#define CKA_NETSCAPE_EXPIRES            CKA_NSS_EXPIRES
-#define CKA_NETSCAPE_KRL                CKA_NSS_KRL
-#define CKA_NETSCAPE_PQG_COUNTER        CKA_NSS_PQG_COUNTER
-#define CKA_NETSCAPE_PQG_SEED           CKA_NSS_PQG_SEED
-#define CKA_NETSCAPE_PQG_H              CKA_NSS_PQG_H
-#define CKA_NETSCAPE_PQG_SEED_BITS      CKA_NSS_PQG_SEED_BITS
-#define CKA_NETSCAPE_MODULE_SPEC        CKA_NSS_MODULE_SPEC
-#define CKM_NETSCAPE_AES_KEY_WRAP	CKM_NSS_AES_KEY_WRAP
-#define CKM_NETSCAPE_AES_KEY_WRAP_PAD	CKM_NSS_AES_KEY_WRAP_PAD
-#define CKR_NETSCAPE_CERTDB_FAILED      CKR_NSS_CERTDB_FAILED
-#define CKR_NETSCAPE_KEYDB_FAILED       CKR_NSS_KEYDB_FAILED
-#define CKT_NETSCAPE_TRUSTED            CKT_NSS_TRUSTED
-#define CKT_NETSCAPE_TRUSTED_DELEGATOR  CKT_NSS_TRUSTED_DELEGATOR
-#define CKT_NETSCAPE_UNTRUSTED          CKT_NSS_UNTRUSTED
-#define CKT_NETSCAPE_MUST_VERIFY        CKT_NSS_MUST_VERIFY
-#define CKT_NETSCAPE_TRUST_UNKNOWN      CKT_NSS_TRUST_UNKNOWN
-#define CKT_NETSCAPE_VALID              CKT_NSS_VALID
-#define CKT_NETSCAPE_VALID_DELEGATOR    CKT_NSS_VALID_DELEGATOR
-
-/*
- * These are not really PKCS #11 values specifically. They are the 'loadable'
- * module spec NSS uses. The are available for others to use as well, but not
- * part of the formal PKCS #11 spec.
- *
- * The function 'FIND' returns an array of PKCS #11 initialization strings
- * The function 'ADD' takes a PKCS #11 initialization string and stores it.
- * The function 'DEL' takes a 'name= library=' value and deletes the associated
- *  string.
- * The function 'RELEASE' frees the array returned by 'FIND'
- */
-#define SECMOD_MODULE_DB_FUNCTION_FIND  0
-#define SECMOD_MODULE_DB_FUNCTION_ADD   1
-#define SECMOD_MODULE_DB_FUNCTION_DEL   2
-#define SECMOD_MODULE_DB_FUNCTION_RELEASE 3 
-typedef char ** (PR_CALLBACK *SECMODModuleDBFunc)(unsigned long function,
-                                        char *parameters, void *moduleSpec);
-
-/* softoken slot ID's */
-#define SFTK_MIN_USER_SLOT_ID 4
-#define SFTK_MAX_USER_SLOT_ID 100
-#define SFTK_MIN_FIPS_USER_SLOT_ID 101
-#define SFTK_MAX_FIPS_USER_SLOT_ID 127
-
-
-#endif /* _PKCS11N_H_ */

mozilla/security/nss/lib/softoken/pkcs11ni.h

@@ -1,52 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Red Hat, Inc.
- * Portions created by the Initial Developer are Copyright (C) 2005
- * the Initial Developer. All Rights Reserved.
- *
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-#ifndef _PKCS11NI_H_
-#define _PKCS11NI_H_
-
-/*
- * pkcs11ni.h
- *
- * This file contains softoken private exports for NSS
- */
-
-/* softoken slot ID's */
-#define SFTK_MIN_USER_SLOT_ID 4
-#define SFTK_MAX_USER_SLOT_ID 100
-#define SFTK_MIN_FIPS_USER_SLOT_ID 101
-#define SFTK_MAX_FIPS_USER_SLOT_ID 127
-
-
-#endif /* _PKCS11NI_H_ */

mozilla/security/nss/lib/softoken/pkcs11p.h

@@ -1,54 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-/*
- * Copyright (C) 1994-1999 RSA Security Inc. Licence to copy this document
- * is granted provided that it is identified as "RSA Security Inc. Public-Key
- * Cryptography Standards (PKCS)" in all material mentioning or referencing
- * this document.
- */
-/* these data types are platform/implementation dependent. */
-/*
- * Packing was removed from the shipped RSA header files, even
- * though it's still needed. put in a central file to help merging..
- */
-
-#if defined(_WIN32)
-#ifdef _MSC_VER
-#pragma warning(disable:4103)
-#endif
-#pragma pack(push, cryptoki, 1)
-#endif
-

mozilla/security/nss/lib/softoken/pkcs11u.h

@@ -1,52 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-/*
- * Copyright (C) 1994-1999 RSA Security Inc. Licence to copy this document
- * is granted provided that it is identified as "RSA Security Inc. Public-Key
- * Cryptography Standards (PKCS)" in all material mentioning or referencing
- * this document.
- */
-/*
- * reset any packing set by pkcs11p.h
- */
-
-#if defined (_WIN32)
-#ifdef _MSC_VER
-#pragma warning(disable:4103)
-#endif
-#pragma pack(pop, cryptoki)
-#endif
-

mozilla/security/nss/lib/softoken/rsawrapr.c

@@ -1,917 +0,0 @@
-/*
- * PKCS#1 encoding and decoding functions.
- * This file is believed to contain no code licensed from other parties.
- *
- * ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-/* $Id: rsawrapr.c,v 1.11 2006-10-23 21:24:38 wtchang%redhat.com Exp $ */
-
-#include "blapi.h"
-#include "softoken.h"
-#include "sechash.h"
-
-#include "lowkeyi.h"
-#include "secerr.h"
-
-#define RSA_BLOCK_MIN_PAD_LEN		8
-#define RSA_BLOCK_FIRST_OCTET		0x00
-#define RSA_BLOCK_PRIVATE0_PAD_OCTET	0x00
-#define RSA_BLOCK_PRIVATE_PAD_OCTET	0xff
-#define RSA_BLOCK_AFTER_PAD_OCTET	0x00
-
-#define OAEP_SALT_LEN		8
-#define OAEP_PAD_LEN		8
-#define OAEP_PAD_OCTET		0x00
-
-#define FLAT_BUFSIZE 512	/* bytes to hold flattened SHA1Context. */
-
-static SHA1Context *
-SHA1_CloneContext(SHA1Context *original)
-{
-    SHA1Context *  clone	= NULL;
-    unsigned char *pBuf;
-    int            sha1ContextSize = SHA1_FlattenSize(original);
-    SECStatus      frv;
-    unsigned char  buf[FLAT_BUFSIZE];
-
-    PORT_Assert(sizeof buf >= sha1ContextSize);
-    if (sizeof buf >= sha1ContextSize) {
-    	pBuf = buf;
-    } else {
-        pBuf = PORT_Alloc(sha1ContextSize);
-	if (!pBuf)
-	    goto done;
-    }
-
-    frv = SHA1_Flatten(original, pBuf);
-    if (frv == SECSuccess) {
-	clone = SHA1_Resurrect(pBuf, NULL);
-	memset(pBuf, 0, sha1ContextSize);
-    }
-done:
-    if (pBuf != buf)
-    	PORT_Free(pBuf);
-    return clone;
-}
-
-/*
- * Modify data by XORing it with a special hash of salt.
- */
-static SECStatus
-oaep_xor_with_h1(unsigned char *data, unsigned int datalen,
-		 unsigned char *salt, unsigned int saltlen)
-{
-    SHA1Context *sha1cx;
-    unsigned char *dp, *dataend;
-    unsigned char end_octet;
-
-    sha1cx = SHA1_NewContext();
-    if (sha1cx == NULL) {
-	return SECFailure;
-    }
-
-    /*
-     * Get a hash of salt started; we will use it several times,
-     * adding in a different end octet (x00, x01, x02, ...).
-     */
-    SHA1_Begin (sha1cx);
-    SHA1_Update (sha1cx, salt, saltlen);
-    end_octet = 0;
-
-    dp = data;
-    dataend = data + datalen;
-
-    while (dp < dataend) {
-	SHA1Context *sha1cx_h1;
-	unsigned int sha1len, sha1off;
-	unsigned char sha1[SHA1_LENGTH];
-
-	/*
-	 * Create hash of (salt || end_octet)
-	 */
-	sha1cx_h1 = SHA1_CloneContext (sha1cx);
-	SHA1_Update (sha1cx_h1, &end_octet, 1);
-	SHA1_End (sha1cx_h1, sha1, &sha1len, sizeof(sha1));
-	SHA1_DestroyContext (sha1cx_h1, PR_TRUE);
-	PORT_Assert (sha1len == SHA1_LENGTH);
-
-	/*
-	 * XOR that hash with the data.
-	 * When we have fewer than SHA1_LENGTH octets of data
-	 * left to xor, use just the low-order ones of the hash.
-	 */
-	sha1off = 0;
-	if ((dataend - dp) < SHA1_LENGTH)
-	    sha1off = SHA1_LENGTH - (dataend - dp);
-	while (sha1off < SHA1_LENGTH)
-	    *dp++ ^= sha1[sha1off++];
-
-	/*
-	 * Bump for next hash chunk.
-	 */
-	end_octet++;
-    }
-
-    SHA1_DestroyContext (sha1cx, PR_TRUE);
-    return SECSuccess;
-}
-
-/*
- * Modify salt by XORing it with a special hash of data.
- */
-static SECStatus
-oaep_xor_with_h2(unsigned char *salt, unsigned int saltlen,
-		 unsigned char *data, unsigned int datalen)
-{
-    unsigned char sha1[SHA1_LENGTH];
-    unsigned char *psalt, *psha1, *saltend;
-    SECStatus rv;
-
-    /*
-     * Create a hash of data.
-     */
-    rv = SHA1_HashBuf (sha1, data, datalen);
-    if (rv != SECSuccess) {
-	return rv;
-    }
-
-    /*
-     * XOR the low-order octets of that hash with salt.
-     */
-    PORT_Assert (saltlen <= SHA1_LENGTH);
-    saltend = salt + saltlen;
-    psalt = salt;
-    psha1 = sha1 + SHA1_LENGTH - saltlen;
-    while (psalt < saltend) {
-	*psalt++ ^= *psha1++;
-    }
-
-    return SECSuccess;
-}
-
-/*
- * Format one block of data for public/private key encryption using
- * the rules defined in PKCS #1.
- */
-static unsigned char *
-rsa_FormatOneBlock(unsigned modulusLen, RSA_BlockType blockType,
-		   SECItem *data)
-{
-    unsigned char *block;
-    unsigned char *bp;
-    int padLen;
-    int i;
-    SECStatus rv;
-
-    block = (unsigned char *) PORT_Alloc(modulusLen);
-    if (block == NULL)
-	return NULL;
-
-    bp = block;
-
-    /*
-     * All RSA blocks start with two octets:
-     *	0x00 || BlockType
-     */
-    *bp++ = RSA_BLOCK_FIRST_OCTET;
-    *bp++ = (unsigned char) blockType;
-
-    switch (blockType) {
-
-      /*
-       * Blocks intended for private-key operation.
-       */
-      case RSA_BlockPrivate0: /* essentially unused */
-      case RSA_BlockPrivate:	 /* preferred method */
-	/*
-	 * 0x00 || BT || Pad || 0x00 || ActualData
-	 *   1      1   padLen    1      data->len
-	 * Pad is either all 0x00 or all 0xff bytes, depending on blockType.
-	 */
-	padLen = modulusLen - data->len - 3;
-	PORT_Assert (padLen >= RSA_BLOCK_MIN_PAD_LEN);
-	if (padLen < RSA_BLOCK_MIN_PAD_LEN) {
-	    PORT_Free (block);
-	    return NULL;
-	}
-	PORT_Memset (bp,
-		   blockType == RSA_BlockPrivate0
-			? RSA_BLOCK_PRIVATE0_PAD_OCTET
-			: RSA_BLOCK_PRIVATE_PAD_OCTET,
-		   padLen);
-	bp += padLen;
-	*bp++ = RSA_BLOCK_AFTER_PAD_OCTET;
-	PORT_Memcpy (bp, data->data, data->len);
-	break;
-
-      /*
-       * Blocks intended for public-key operation.
-       */
-      case RSA_BlockPublic:
-
-	/*
-	 * 0x00 || BT || Pad || 0x00 || ActualData
-	 *   1      1   padLen    1      data->len
-	 * Pad is all non-zero random bytes.
-	 */
-	padLen = modulusLen - data->len - 3;
-	PORT_Assert (padLen >= RSA_BLOCK_MIN_PAD_LEN);
-	if (padLen < RSA_BLOCK_MIN_PAD_LEN) {
-	    PORT_Free (block);
-	    return NULL;
-	}
-	for (i = 0; i < padLen; i++) {
-	    /* Pad with non-zero random data. */
-	    do {
-		rv = RNG_GenerateGlobalRandomBytes(bp + i, 1);
-	    } while (rv == SECSuccess && bp[i] == RSA_BLOCK_AFTER_PAD_OCTET);
-	    if (rv != SECSuccess) {
-		sftk_fatalError = PR_TRUE;
-		PORT_Free (block);
-		return NULL;
-	    }
-	}
-	bp += padLen;
-	*bp++ = RSA_BLOCK_AFTER_PAD_OCTET;
-	PORT_Memcpy (bp, data->data, data->len);
-
-	break;
-
-      /*
-       * Blocks intended for public-key operation, using
-       * Optimal Asymmetric Encryption Padding (OAEP).
-       */
-      case RSA_BlockOAEP:
-	/*
-	 * 0x00 || BT || Modified2(Salt) || Modified1(PaddedData)
-	 *   1      1     OAEP_SALT_LEN     OAEP_PAD_LEN + data->len [+ N]
-	 *
-	 * where:
-	 *   PaddedData is "Pad1 || ActualData [|| Pad2]"
-	 *   Salt is random data.
-	 *   Pad1 is all zeros.
-	 *   Pad2, if present, is random data.
-	 *   (The "modified" fields are all the same length as the original
-	 * unmodified values; they are just xor'd with other values.)
-	 *
-	 *   Modified1 is an XOR of PaddedData with a special octet
-	 * string constructed of iterated hashing of Salt (see below).
-	 *   Modified2 is an XOR of Salt with the low-order octets of
-	 * the hash of Modified1 (see farther below ;-).
-	 *
-	 * Whew!
-	 */
-
-
-	/*
-	 * Salt
-	 */
-	rv = RNG_GenerateGlobalRandomBytes(bp, OAEP_SALT_LEN);
-	if (rv != SECSuccess) {
-	    sftk_fatalError = PR_TRUE;
-	    PORT_Free (block);
-	    return NULL;
-	}
-	bp += OAEP_SALT_LEN;
-
-	/*
-	 * Pad1
-	 */
-	PORT_Memset (bp, OAEP_PAD_OCTET, OAEP_PAD_LEN);
-	bp += OAEP_PAD_LEN;
-
-	/*
-	 * Data
-	 */
-	PORT_Memcpy (bp, data->data, data->len);
-	bp += data->len;
-
-	/*
-	 * Pad2
-	 */
-	if (bp < (block + modulusLen)) {
-	    rv = RNG_GenerateGlobalRandomBytes(bp, block - bp + modulusLen);
-	    if (rv != SECSuccess) {
-		sftk_fatalError = PR_TRUE;
-		PORT_Free (block);
-		return NULL;
-	    }
-	}
-
-	/*
-	 * Now we have the following:
-	 * 0x00 || BT || Salt || PaddedData
-	 * (From this point on, "Pad1 || Data [|| Pad2]" is treated
-	 * as the one entity PaddedData.)
-	 *
-	 * We need to turn PaddedData into Modified1.
-	 */
-	if (oaep_xor_with_h1(block + 2 + OAEP_SALT_LEN,
-			     modulusLen - 2 - OAEP_SALT_LEN,
-			     block + 2, OAEP_SALT_LEN) != SECSuccess) {
-	    PORT_Free (block);
-	    return NULL;
-	}
-
-	/*
-	 * Now we have:
-	 * 0x00 || BT || Salt || Modified1(PaddedData)
-	 *
-	 * The remaining task is to turn Salt into Modified2.
-	 */
-	if (oaep_xor_with_h2(block + 2, OAEP_SALT_LEN,
-			     block + 2 + OAEP_SALT_LEN,
-			     modulusLen - 2 - OAEP_SALT_LEN) != SECSuccess) {
-	    PORT_Free (block);
-	    return NULL;
-	}
-
-	break;
-
-      default:
-	PORT_Assert (0);
-	PORT_Free (block);
-	return NULL;
-    }
-
-    return block;
-}
-
-static SECStatus
-rsa_FormatBlock(SECItem *result, unsigned modulusLen,
-		RSA_BlockType blockType, SECItem *data)
-{
-    /*
-     * XXX For now assume that the data length fits in a single
-     * XXX encryption block; the ASSERTs below force this.
-     * XXX To fix it, each case will have to loop over chunks whose
-     * XXX lengths satisfy the assertions, until all data is handled.
-     * XXX (Unless RSA has more to say about how to handle data
-     * XXX which does not fit in a single encryption block?)
-     * XXX And I do not know what the result is supposed to be,
-     * XXX so the interface to this function may need to change
-     * XXX to allow for returning multiple blocks, if they are
-     * XXX not wanted simply concatenated one after the other.
-     */
-
-    switch (blockType) {
-      case RSA_BlockPrivate0:
-      case RSA_BlockPrivate:
-      case RSA_BlockPublic:
-	/*
-	 * 0x00 || BT || Pad || 0x00 || ActualData
-	 *
-	 * The "3" below is the first octet + the second octet + the 0x00
-	 * octet that always comes just before the ActualData.
-	 */
-	PORT_Assert (data->len <= (modulusLen - (3 + RSA_BLOCK_MIN_PAD_LEN)));
-
-	result->data = rsa_FormatOneBlock(modulusLen, blockType, data);
-	if (result->data == NULL) {
-	    result->len = 0;
-	    return SECFailure;
-	}
-	result->len = modulusLen;
-
-	break;
-
-      case RSA_BlockOAEP:
-	/*
-	 * 0x00 || BT || M1(Salt) || M2(Pad1||ActualData[||Pad2])
-	 *
-	 * The "2" below is the first octet + the second octet.
-	 * (The other fields do not contain the clear values, but are
-	 * the same length as the clear values.)
-	 */
-	PORT_Assert (data->len <= (modulusLen - (2 + OAEP_SALT_LEN
-						 + OAEP_PAD_LEN)));
-
-	result->data = rsa_FormatOneBlock(modulusLen, blockType, data);
-	if (result->data == NULL) {
-	    result->len = 0;
-	    return SECFailure;
-	}
-	result->len = modulusLen;
-
-	break;
-
-      case RSA_BlockRaw:
-	/*
-	 * Pad || ActualData
-	 * Pad is zeros. The application is responsible for recovering
-	 * the actual data.
-	 */
-	if (data->len > modulusLen ) {
-	    return SECFailure;
-	}
-	result->data = (unsigned char*)PORT_ZAlloc(modulusLen);
-	result->len = modulusLen;
-	PORT_Memcpy(result->data+(modulusLen-data->len),data->data,data->len);
-	break;
-
-      default:
-	PORT_Assert (0);
-	result->data = NULL;
-	result->len = 0;
-	return SECFailure;
-    }
-
-    return SECSuccess;
-}
-
-/* XXX Doesn't set error code */
-SECStatus
-RSA_Sign(NSSLOWKEYPrivateKey *key, 
-         unsigned char *      output, 
-	 unsigned int *       output_len,
-         unsigned int         maxOutputLen, 
-	 unsigned char *      input, 
-	 unsigned int         input_len)
-{
-    SECStatus     rv          = SECSuccess;
-    unsigned int  modulus_len = nsslowkey_PrivateModulusLen(key);
-    SECItem       formatted;
-    SECItem       unformatted;
-
-    if (maxOutputLen < modulus_len) 
-    	return SECFailure;
-    PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
-    if (key->keyType != NSSLOWKEYRSAKey)
-    	return SECFailure;
-
-    unformatted.len  = input_len;
-    unformatted.data = input;
-    formatted.data   = NULL;
-    rv = rsa_FormatBlock(&formatted, modulus_len, RSA_BlockPrivate,
-			 &unformatted);
-    if (rv != SECSuccess) 
-    	goto done;
-
-    rv = RSA_PrivateKeyOpDoubleChecked(&key->u.rsa, output, formatted.data);
-    if (rv != SECSuccess && PORT_GetError() == SEC_ERROR_LIBRARY_FAILURE) {
-	sftk_fatalError = PR_TRUE;
-    }
-    *output_len = modulus_len;
-
-    goto done;
-
-done:
-    if (formatted.data != NULL) 
-    	PORT_ZFree(formatted.data, modulus_len);
-    return rv;
-}
-
-/* XXX Doesn't set error code */
-SECStatus
-RSA_CheckSign(NSSLOWKEYPublicKey *key,
-              unsigned char *     sign, 
-	      unsigned int        sign_len, 
-	      unsigned char *     hash, 
-	      unsigned int        hash_len)
-{
-    SECStatus       rv;
-    unsigned int    modulus_len = nsslowkey_PublicModulusLen(key);
-    unsigned int    i;
-    unsigned char * buffer;
-
-    modulus_len = nsslowkey_PublicModulusLen(key);
-    if (sign_len != modulus_len) 
-    	goto failure;
-    /*
-     * 0x00 || BT || Pad || 0x00 || ActualData
-     *
-     * The "3" below is the first octet + the second octet + the 0x00
-     * octet that always comes just before the ActualData.
-     */
-    if (hash_len > modulus_len - (3 + RSA_BLOCK_MIN_PAD_LEN)) 
-    	goto failure;
-    PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
-    if (key->keyType != NSSLOWKEYRSAKey)
-    	goto failure;
-
-    buffer = (unsigned char *)PORT_Alloc(modulus_len + 1);
-    if (!buffer)
-    	goto failure;
-
-    rv = RSA_PublicKeyOp(&key->u.rsa, buffer, sign);
-    if (rv != SECSuccess)
-	goto loser;
-
-    /*
-     * check the padding that was used
-     */
-    if (buffer[0] != 0 || buffer[1] != 1) 
-    	goto loser;
-    for (i = 2; i < modulus_len - hash_len - 1; i++) {
-	if (buffer[i] != 0xff) 
-	    goto loser;
-    }
-    if (buffer[i] != 0) 
-	goto loser;
-
-    /*
-     * make sure we get the same results
-     */
-    if (PORT_Memcmp(buffer + modulus_len - hash_len, hash, hash_len) != 0)
-	goto loser;
-
-    PORT_Free(buffer);
-    return SECSuccess;
-
-loser:
-    PORT_Free(buffer);
-failure:
-    return SECFailure;
-}
-
-/* XXX Doesn't set error code */
-SECStatus
-RSA_CheckSignRecover(NSSLOWKEYPublicKey *key,
-                     unsigned char *     data,
-                     unsigned int *      data_len, 
-		     unsigned int        max_output_len, 
-		     unsigned char *     sign,
-		     unsigned int        sign_len)
-{
-    SECStatus       rv;
-    unsigned int    modulus_len = nsslowkey_PublicModulusLen(key);
-    unsigned int    i;
-    unsigned char * buffer;
-
-    if (sign_len != modulus_len) 
-    	goto failure;
-    PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
-    if (key->keyType != NSSLOWKEYRSAKey)
-    	goto failure;
-
-    buffer = (unsigned char *)PORT_Alloc(modulus_len + 1);
-    if (!buffer)
-    	goto failure;
-
-    rv = RSA_PublicKeyOp(&key->u.rsa, buffer, sign);
-    if (rv != SECSuccess)
-    	goto loser;
-    *data_len = 0;
-
-    /*
-     * check the padding that was used
-     */
-    if (buffer[0] != 0 || buffer[1] != 1) 
-    	goto loser;
-    for (i = 2; i < modulus_len; i++) {
-	if (buffer[i] == 0) {
-	    *data_len = modulus_len - i - 1;
-	    break;
-	}
-	if (buffer[i] != 0xff) 
-	    goto loser;
-    }
-    if (*data_len == 0) 
-    	goto loser;
-    if (*data_len > max_output_len) 
-    	goto loser;
-
-    /*
-     * make sure we get the same results
-     */
-    PORT_Memcpy(data,buffer + modulus_len - *data_len, *data_len);
-
-    PORT_Free(buffer);
-    return SECSuccess;
-
-loser:
-    PORT_Free(buffer);
-failure:
-    return SECFailure;
-}
-
-/* XXX Doesn't set error code */
-SECStatus
-RSA_EncryptBlock(NSSLOWKEYPublicKey *key, 
-                 unsigned char *     output, 
-		 unsigned int *      output_len,
-                 unsigned int        max_output_len, 
-		 unsigned char *     input, 
-		 unsigned int        input_len)
-{
-    SECStatus     rv;
-    unsigned int  modulus_len = nsslowkey_PublicModulusLen(key);
-    SECItem       formatted;
-    SECItem       unformatted;
-
-    formatted.data = NULL;
-    if (max_output_len < modulus_len) 
-    	goto failure;
-    PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
-    if (key->keyType != NSSLOWKEYRSAKey)
-    	goto failure;
-
-    unformatted.len  = input_len;
-    unformatted.data = input;
-    formatted.data   = NULL;
-    rv = rsa_FormatBlock(&formatted, modulus_len, RSA_BlockPublic,
-			 &unformatted);
-    if (rv != SECSuccess) 
-	goto failure;
-
-    rv = RSA_PublicKeyOp(&key->u.rsa, output, formatted.data);
-    if (rv != SECSuccess) 
-    	goto failure;
-
-    PORT_ZFree(formatted.data, modulus_len);
-    *output_len = modulus_len;
-    return SECSuccess;
-
-failure:
-    if (formatted.data != NULL) 
-	PORT_ZFree(formatted.data, modulus_len);
-    return SECFailure;
-}
-
-/* XXX Doesn't set error code */
-SECStatus
-RSA_DecryptBlock(NSSLOWKEYPrivateKey *key, 
-                 unsigned char *      output, 
-		 unsigned int *       output_len,
-                 unsigned int         max_output_len, 
-		 unsigned char *      input, 
-		 unsigned int         input_len)
-{
-    SECStatus       rv;
-    unsigned int    modulus_len = nsslowkey_PrivateModulusLen(key);
-    unsigned int    i;
-    unsigned char * buffer;
-
-    PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
-    if (key->keyType != NSSLOWKEYRSAKey)
-    	goto failure;
-    if (input_len != modulus_len)
-    	goto failure;
-
-    buffer = (unsigned char *)PORT_Alloc(modulus_len + 1);
-    if (!buffer)
-    	goto failure;
-
-    rv = RSA_PrivateKeyOp(&key->u.rsa, buffer, input);
-    if (rv != SECSuccess) {
-	if (PORT_GetError() == SEC_ERROR_LIBRARY_FAILURE) {
-	    sftk_fatalError = PR_TRUE;
-	}
-    	goto loser;
-    }
-
-    if (buffer[0] != 0 || buffer[1] != 2) 
-    	goto loser;
-    *output_len = 0;
-    for (i = 2; i < modulus_len; i++) {
-	if (buffer[i] == 0) {
-	    *output_len = modulus_len - i - 1;
-	    break;
-	}
-    }
-    if (*output_len == 0) 
-    	goto loser;
-    if (*output_len > max_output_len) 
-    	goto loser;
-
-    PORT_Memcpy(output, buffer + modulus_len - *output_len, *output_len);
-
-    PORT_Free(buffer);
-    return SECSuccess;
-
-loser:
-    PORT_Free(buffer);
-failure:
-    return SECFailure;
-}
-
-/* XXX Doesn't set error code */
-/*
- * added to make pkcs #11 happy
- *   RAW is RSA_X_509
- */
-SECStatus
-RSA_SignRaw(NSSLOWKEYPrivateKey *key, 
-            unsigned char *      output, 
-	    unsigned int *       output_len,
-            unsigned int         maxOutputLen, 
-	    unsigned char *      input, 
-	    unsigned int         input_len)
-{
-    SECStatus    rv          = SECSuccess;
-    unsigned int modulus_len = nsslowkey_PrivateModulusLen(key);
-    SECItem      formatted;
-    SECItem      unformatted;
-
-    if (maxOutputLen < modulus_len) 
-    	return SECFailure;
-    PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
-    if (key->keyType != NSSLOWKEYRSAKey)
-    	return SECFailure;
-
-    unformatted.len  = input_len;
-    unformatted.data = input;
-    formatted.data   = NULL;
-    rv = rsa_FormatBlock(&formatted, modulus_len, RSA_BlockRaw, &unformatted);
-    if (rv != SECSuccess) 
-    	goto done;
-
-    rv = RSA_PrivateKeyOpDoubleChecked(&key->u.rsa, output, formatted.data);
-    if (rv != SECSuccess && PORT_GetError() == SEC_ERROR_LIBRARY_FAILURE) {
-	sftk_fatalError = PR_TRUE;
-    }
-    *output_len = modulus_len;
-
-done:
-    if (formatted.data != NULL) 
-    	PORT_ZFree(formatted.data, modulus_len);
-    return rv;
-}
-
-/* XXX Doesn't set error code */
-SECStatus
-RSA_CheckSignRaw(NSSLOWKEYPublicKey *key,
-                 unsigned char *     sign, 
-		 unsigned int        sign_len, 
-		 unsigned char *     hash, 
-		 unsigned int        hash_len)
-{
-    SECStatus       rv;
-    unsigned int    modulus_len = nsslowkey_PublicModulusLen(key);
-    unsigned char * buffer;
-
-    if (sign_len != modulus_len) 
-    	goto failure;
-    if (hash_len > modulus_len) 
-    	goto failure;
-    PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
-    if (key->keyType != NSSLOWKEYRSAKey)
-    	goto failure;
-
-    buffer = (unsigned char *)PORT_Alloc(modulus_len + 1);
-    if (!buffer)
-    	goto failure;
-
-    rv = RSA_PublicKeyOp(&key->u.rsa, buffer, sign);
-    if (rv != SECSuccess)
-	goto loser;
-
-    /*
-     * make sure we get the same results
-     */
-    /* NOTE: should we verify the leading zeros? */
-    if (PORT_Memcmp(buffer + (modulus_len-hash_len), hash, hash_len) != 0)
-	goto loser;
-
-    PORT_Free(buffer);
-    return SECSuccess;
-
-loser:
-    PORT_Free(buffer);
-failure:
-    return SECFailure;
-}
-
-/* XXX Doesn't set error code */
-SECStatus
-RSA_CheckSignRecoverRaw(NSSLOWKEYPublicKey *key,
-                        unsigned char *     data,
-                        unsigned int *      data_len, 
-			unsigned int        max_output_len, 
-			unsigned char *     sign,
-			unsigned int        sign_len)
-{
-    SECStatus      rv;
-    unsigned int   modulus_len = nsslowkey_PublicModulusLen(key);
-
-    if (sign_len != modulus_len) 
-    	goto failure;
-    if (max_output_len < modulus_len) 
-    	goto failure;
-    PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
-    if (key->keyType != NSSLOWKEYRSAKey)
-    	goto failure;
-
-    rv = RSA_PublicKeyOp(&key->u.rsa, data, sign);
-    if (rv != SECSuccess)
-	goto failure;
-
-    *data_len = modulus_len;
-    return SECSuccess;
-
-failure:
-    return SECFailure;
-}
-
-
-/* XXX Doesn't set error code */
-SECStatus
-RSA_EncryptRaw(NSSLOWKEYPublicKey *key, 
-	       unsigned char *     output, 
-	       unsigned int *      output_len,
-               unsigned int        max_output_len, 
-	       unsigned char *     input, 
-	       unsigned int        input_len)
-{
-    SECStatus rv;
-    unsigned int  modulus_len = nsslowkey_PublicModulusLen(key);
-    SECItem       formatted;
-    SECItem       unformatted;
-
-    formatted.data = NULL;
-    if (max_output_len < modulus_len) 
-    	goto failure;
-    PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
-    if (key->keyType != NSSLOWKEYRSAKey)
-    	goto failure;
-
-    unformatted.len  = input_len;
-    unformatted.data = input;
-    formatted.data   = NULL;
-    rv = rsa_FormatBlock(&formatted, modulus_len, RSA_BlockRaw, &unformatted);
-    if (rv != SECSuccess)
-	goto failure;
-
-    rv = RSA_PublicKeyOp(&key->u.rsa, output, formatted.data);
-    if (rv != SECSuccess) 
-    	goto failure;
-
-    PORT_ZFree(formatted.data, modulus_len);
-    *output_len = modulus_len;
-    return SECSuccess;
-
-failure:
-    if (formatted.data != NULL) 
-	PORT_ZFree(formatted.data, modulus_len);
-    return SECFailure;
-}
-
-/* XXX Doesn't set error code */
-SECStatus
-RSA_DecryptRaw(NSSLOWKEYPrivateKey *key, 
-               unsigned char *      output, 
-	       unsigned int *       output_len,
-               unsigned int         max_output_len, 
-	       unsigned char *      input, 
-	       unsigned int         input_len)
-{
-    SECStatus     rv;
-    unsigned int  modulus_len = nsslowkey_PrivateModulusLen(key);
-
-    if (modulus_len <= 0) 
-    	goto failure;
-    if (modulus_len > max_output_len) 
-    	goto failure;
-    PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
-    if (key->keyType != NSSLOWKEYRSAKey)
-    	goto failure;
-    if (input_len != modulus_len) 
-    	goto failure;
-
-    rv = RSA_PrivateKeyOp(&key->u.rsa, output, input);
-    if (rv != SECSuccess) {
-	if (PORT_GetError() == SEC_ERROR_LIBRARY_FAILURE) {
-	    sftk_fatalError = PR_TRUE;
-	}
-    	goto failure;
-    }
-
-    *output_len = modulus_len;
-    return SECSuccess;
-
-failure:
-    return SECFailure;
-}

mozilla/security/nss/lib/softoken/sdb.h

@@ -1,115 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is Red Hat, Inc.
- *
- * The Initial Developer of the Original Code is
- * Red Hat, Inc.
- * Portions created by the Initial Developer are Copyright (C) 2005
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *   Robert Relyea (rrelyea@redhat.com)
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-/*
- * This file implements PKCS 11 on top of our existing security modules
- *
- * For more information about PKCS 11 See PKCS 11 Token Inteface Standard.
- *   This implementation has two slots:
- *	slot 1 is our generic crypto support. It does not require login.
- *   It supports Public Key ops, and all they bulk ciphers and hashes. 
- *   It can also support Private Key ops for imported Private keys. It does 
- *   not have any token storage.
- *	slot 2 is our private key support. It requires a login before use. It
- *   can store Private Keys and Certs as token objects. Currently only private
- *   keys and their associated Certificates are saved on the token.
- *
- *   In this implementation, session objects are only visible to the session
- *   that created or generated them.
- */
-
-/*
- * the following data structures should be moved to a 'rdb.h'.
- */
-
-#ifndef _SDB_H
-#define _SDB_H 1
-#include "pkcs11t.h"
-#include "secitem.h"
-#include "sftkdbt.h"
-#include <sqlite3.h>
-
-#define STATIC_CMD_SIZE 2048
-
-typedef struct SDBFindStr SDBFind;
-typedef struct SDBStr SDB;
-typedef struct SDBPasswordEntryStr SDBPasswordEntry;
-
-struct SDBStr {
-    void *private;
-    int  version;
-    SDBType sdb_type;
-    int  sdb_flags;
-    void *app_private;
-    CK_RV (*sdb_FindObjectsInit)(SDB *sdb, const CK_ATTRIBUTE *template, 
-				 CK_ULONG count, SDBFind **find);
-    CK_RV (*sdb_FindObjects)(SDB *sdb, SDBFind *find, CK_OBJECT_HANDLE *ids, 
-				CK_ULONG arraySize, CK_ULONG *count);
-    CK_RV (*sdb_FindObjectsFinal)(SDB *sdb, SDBFind *find);
-    CK_RV (*sdb_GetAttributeValue)(SDB *sdb, CK_OBJECT_HANDLE object, 
-				CK_ATTRIBUTE *template, CK_ULONG count);
-    CK_RV (*sdb_SetAttributeValue)(SDB *sdb, CK_OBJECT_HANDLE object, 
-				const CK_ATTRIBUTE *template, CK_ULONG count);
-    CK_RV (*sdb_CreateObject)(SDB *sdb, CK_OBJECT_HANDLE *object, 
-				const CK_ATTRIBUTE *template, CK_ULONG count);
-    CK_RV (*sdb_DestroyObject)(SDB *sdb, CK_OBJECT_HANDLE object);
-    CK_RV (*sdb_GetPWEntry)(SDB *sdb, SDBPasswordEntry *entry);
-    CK_RV (*sdb_PutPWEntry)(SDB *sdb, SDBPasswordEntry *entry);
-    CK_RV (*sdb_Begin)(SDB *sdb);
-    CK_RV (*sdb_Commit)(SDB *sdb);
-    CK_RV (*sdb_Abort)(SDB *sdb);
-    CK_RV (*sdb_Reset)(SDB *sdb);
-    CK_RV (*sdb_Close)(SDB *sdb);
-};
-
-struct SDBPasswordEntryStr {
-    SECItem salt;
-    SECItem value;
-    unsigned char data[128];
-};
-
-CK_RV s_open(const char *directory, const char *certPrefix, 
-	     const char *keyPrefix,
-	     int cert_version, int key_version, 
-	     int flags, SDB **certdb, SDB **keydb, int *newInit);
-CK_RV s_shutdown();
-
-/* flags */
-#define SDB_RDONLY      1
-#define SDB_RDWR        2
-#define SDB_CREATE      4
-
-#endif

mozilla/security/nss/lib/softoken/sftkdb.h

@@ -1,89 +0,0 @@
-/*
- * license
- */
-
-#include "sftkdbt.h"
-#include "sdb.h"
-#include "pkcs11i.h"
-#include "pkcs11t.h"
-
-/* raw database stuff */
-CK_RV sftkdb_write(SFTKDBHandle *handle, SFTKObject *,CK_OBJECT_HANDLE *);
-CK_RV sftkdb_FindObjectsInit(SFTKDBHandle *sdb, const CK_ATTRIBUTE *template,
-				 CK_ULONG count, SDBFind **find);
-CK_RV sftkdb_FindObjects(SFTKDBHandle *sdb, SDBFind *find, 
-			CK_OBJECT_HANDLE *ids, int arraySize, CK_ULONG *count);
-CK_RV sftkdb_FindObjectsFinal(SFTKDBHandle *sdb, SDBFind *find);
-CK_RV sftkdb_GetAttributeValue(SFTKDBHandle *handle,
-	 CK_OBJECT_HANDLE object_id, CK_ATTRIBUTE *template, CK_ULONG count);
-CK_RV sftkdb_SetAttributeValue(SFTKDBHandle *handle, 
-	 CK_OBJECT_HANDLE object_id, const CK_ATTRIBUTE *template, 
-	 CK_ULONG count);
-CK_RV sftkdb_DestroyObject(SFTKDBHandle *handle, CK_OBJECT_HANDLE object_id);
-CK_RV sftkdb_closeDB(SFTKDBHandle *handle);
-
-
-/* secmod.db functions */
-char ** sftkdb_ReadSecmodDB(SDBType dbType, const char *appName, 
-			    const char *filename, const char *dbname, 
-			    char *params, PRBool rw);
-SECStatus sftkdb_ReleaseSecmodDBData(SDBType dbType, const char *appName, 
-				     const char *filename, const char *dbname, 
-				     char **moduleSpecList, PRBool rw);
-SECStatus sftkdb_DeleteSecmodDB(SDBType dbType, const char *appName, 
-				const char *filename, const char *dbname, 
-				char *args, PRBool rw);
-SECStatus sftkdb_AddSecmodDB(SDBType dbType, const char *appName, 
-			     const char *filename, const char *dbname, 
-			     char *module, PRBool rw);
-
-/* keydb functions */
-
-SECStatus sftkdb_PWIsInitialized(SFTKDBHandle *keydb);
-SECStatus sftkdb_CheckPassword(SFTKDBHandle *keydb, const char *pw);
-SECStatus sftkdb_PWCached(SFTKDBHandle *keydb);
-SECStatus sftkdb_HasPasswordSet(SFTKDBHandle *keydb);
-SECStatus sftkdb_ResetKeyDB(SFTKDBHandle *keydb);
-SECStatus sftkdb_ChangePassword(SFTKDBHandle *keydb, char *oldPin, char *newPin);
-SECStatus sftkdb_ClearPassword(SFTKDBHandle *keydb);
-
-/* Utility functions */
-/*
- * OK there are now lots of options here, lets go through them all:
- *
- * configdir - base directory where all the cert, key, and module datbases live.
- * certPrefix - prefix added to the beginning of the cert database example: "
- *                      "https-server1-"
- * keyPrefix - prefix added to the beginning of the key database example: "
- *                      "https-server1-"
- * secmodName - name of the security module database (usually "secmod.db").
- * readOnly - Boolean: true if the databases are to be openned read only.
- * nocertdb - Don't open the cert DB and key DB's, just initialize the
- *                      Volatile certdb.
- * nomoddb - Don't open the security module DB, just initialize the
- *                      PKCS #11 module.
- * forceOpen - Continue to force initializations even if the databases cannot
- *                      be opened.
- */
-CK_RV sftk_DBInit(const char *configdir, const char *certPrefix,
-	 	const char *keyPrefix, PRBool readOnly, PRBool noCertDB, 
-		PRBool noKeyDB, PRBool forceOpen, 
-		SFTKDBHandle **certDB, SFTKDBHandle **keyDB);
-CK_RV sftkdb_Shutdown(void);
-
-SFTKDBHandle *sftk_getCertDB(SFTKSlot *slot);
-SFTKDBHandle *sftk_getKeyDB(SFTKSlot *slot);
-SFTKDBHandle *sftk_getDBForObject(SFTKSlot *slot, CK_OBJECT_HANDLE objectID);
-void sftk_freeDB(SFTKDBHandle *certHandle);
-
-/*
- * for lgglue, stubs to encrypt and decrypt password entries
- */
-SECStatus sftkdb_encrypt_stub(PRArenaPool *arena, SDB *sdb, SECItem *plainText,
-                    SECItem **cipherText);
-SECStatus sftkdb_decrypt_stub(SDB *sdb, SECItem *cipherText, 
-		    SECItem **plainText);
-
-
-
-

mozilla/security/nss/lib/softoken/sftkdbt.h

@@ -1,17 +0,0 @@
-/*
- * license
- */
-
-
-#ifndef SFTKDBT_H
-#define SFTKDBT_H 1
-typedef struct SFTKDBHandleStr SFTKDBHandle;
-
-typedef enum {
-   SDB_SQL,
-   SDB_EXTERN,
-   SDB_LEGACY,
-   SDB_MULTIACCESS
-} SDBType;
-
-#endif

mozilla/security/nss/lib/softoken/sftkpars.c

@@ -1,616 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-/* 
- *  The following code handles the storage of PKCS 11 modules used by the
- * NSS. This file is written to abstract away how the modules are
- * stored so we can deside that later.
- */
-#include "sftkpars.h"
-#include "pkcs11i.h"
-#include "sdb.h"
-#include "prprf.h" 
-#include "prenv.h"
-
-/*
- * this file contains routines for parsing PKCS #11 module spec
- * strings.
- */
-
-#define SFTK_HANDLE_STRING_ARG(param,target,value,command) \
-    if (PORT_Strncasecmp(param,value,sizeof(value)-1) == 0) { \
-	param += sizeof(value)-1; \
-	target = sftk_argFetchValue(param,&next); \
-	param += next; \
-	command ;\
-    } else  
-
-#define SFTK_HANDLE_FINAL_ARG(param) \
-    { param = sftk_argSkipParameter(param); } param = sftk_argStrip(param);
-
-static PRBool sftk_argGetPair(char c) {
-    switch (c) {
-    case '\'': return c;
-    case '\"': return c;
-    case '<': return '>';
-    case '{': return '}';
-    case '[': return ']';
-    case '(': return ')';
-    default: break;
-    }
-    return ' ';
-}
-
-static PRBool sftk_argIsBlank(char c) {
-   return isspace(c);
-}
-
-static PRBool sftk_argIsEscape(char c) {
-    return c == '\\';
-}
-
-static PRBool sftk_argIsQuote(char c) {
-    switch (c) {
-    case '\'':
-    case '\"':
-    case '<':
-    case '{': /* } end curly to keep vi bracket matching working */
-    case '(': /* ) */
-    case '[': /* ] */ return PR_TRUE;
-    default: break;
-    }
-    return PR_FALSE;
-}
-
-char *sftk_argStrip(char *c) {
-   while (*c && sftk_argIsBlank(*c)) c++;
-   return c;
-}
-
-static char *
-sftk_argFindEnd(char *string) {
-    char endChar = ' ';
-    PRBool lastEscape = PR_FALSE;
-
-    if (sftk_argIsQuote(*string)) {
-	endChar = sftk_argGetPair(*string);
-	string++;
-    }
-
-    for (;*string; string++) {
-	if (lastEscape) {
-	    lastEscape = PR_FALSE;
-	    continue;
-	}
-	if (sftk_argIsEscape(*string) && !lastEscape) {
-	    lastEscape = PR_TRUE;
-	    continue;
-	} 
-	if ((endChar == ' ') && sftk_argIsBlank(*string)) break;
-	if (*string == endChar) {
-	    break;
-	}
-    }
-
-    return string;
-}
-
-char *
-sftk_argFetchValue(char *string, int *pcount)
-{
-    char *end = sftk_argFindEnd(string);
-    char *retString, *copyString;
-    PRBool lastEscape = PR_FALSE;
-    int len;
-
-    len = end - string;
-    if (len == 0) {
-	*pcount = 0;
-	return NULL;
-    }
-
-    copyString = retString = (char *)PORT_Alloc(len+1);
-
-    if (*end) len++;
-    *pcount = len;
-    if (retString == NULL) return NULL;
-
-
-    if (sftk_argIsQuote(*string)) string++;
-    for (; string < end; string++) {
-	if (sftk_argIsEscape(*string) && !lastEscape) {
-	    lastEscape = PR_TRUE;
-	    continue;
-	}
-	lastEscape = PR_FALSE;
-	*copyString++ = *string;
-    }
-    *copyString = 0;
-    return retString;
-}
-
-static char *
-sftk_argSkipParameter(char *string) 
-{
-     char *end;
-     /* look for the end of the <name>= */
-     for (;*string; string++) {
-	if (*string == '=') { string++; break; }
-	if (sftk_argIsBlank(*string)) return(string); 
-     }
-
-     end = sftk_argFindEnd(string);
-     if (*end) end++;
-     return end;
-}
-
-char *
-sftk_argGetParamValue(char *paramName,char *parameters)
-{
-    char searchValue[256];
-    int paramLen = strlen(paramName);
-    char *returnValue = NULL;
-    int next;
-
-    if ((parameters == NULL) || (*parameters == 0)) return NULL;
-
-    PORT_Assert(paramLen+2 < sizeof(searchValue));
-
-    PORT_Strcpy(searchValue,paramName);
-    PORT_Strcat(searchValue,"=");
-    while (*parameters) {
-	if (PORT_Strncasecmp(parameters,searchValue,paramLen+1) == 0) {
-	    parameters += paramLen+1;
-	    returnValue = sftk_argFetchValue(parameters,&next);
-	    break;
-	} else {
-	    parameters = sftk_argSkipParameter(parameters);
-	}
-	parameters = sftk_argStrip(parameters);
-   }
-   return returnValue;
-}
-    
-static char *
-sftk_argNextFlag(char *flags)
-{
-    for (; *flags ; flags++) {
-	if (*flags == ',') {
-	    flags++;
-	    break;
-	}
-    }
-    return flags;
-}
-
-static PRBool
-sftk_argHasFlag(char *label, char *flag, char *parameters)
-{
-    char *flags,*index;
-    int len = strlen(flag);
-    PRBool found = PR_FALSE;
-
-    flags = sftk_argGetParamValue(label,parameters);
-    if (flags == NULL) return PR_FALSE;
-
-    for (index=flags; *index; index=sftk_argNextFlag(index)) {
-	if (PORT_Strncasecmp(index,flag,len) == 0) {
-	    found=PR_TRUE;
-	    break;
-	}
-    }
-    PORT_Free(flags);
-    return found;
-}
-
-/*
- * decode a number. handle octal (leading '0'), hex (leading '0x') or decimal
- */
-static long
-sftk_argDecodeNumber(char *num)
-{
-    int	radix = 10;
-    unsigned long value = 0;
-    long retValue = 0;
-    int sign = 1;
-    int digit;
-
-    if (num == NULL) return retValue;
-
-    num = sftk_argStrip(num);
-
-    if (*num == '-') {
-	sign = -1;
-	num++;
-    }
-
-    if (*num == '0') {
-	radix = 8;
-	num++;
-	if ((*num == 'x') || (*num == 'X')) {
-	    radix = 16;
-	    num++;
-	}
-    }
-
-   
-    for ( ;*num; num++ ) {
-	if (isdigit(*num)) {
-	    digit = *num - '0';
-	} else if ((*num >= 'a') && (*num <= 'f'))  {
-	    digit = *num - 'a' + 10;
-	} else if ((*num >= 'A') && (*num <= 'F'))  {
-	    digit = *num - 'A' + 10;
-	} else {
-	    break;
-	}
-	if (digit >= radix) break;
-	value = value*radix + digit;
-    }
-
-    retValue = ((int) value) * sign;
-    return retValue;
-}
-
-static char *
-sftk_argGetName(char *inString, int *next) 
-{
-    char *name=NULL;
-    char *string;
-    int len;
-
-    /* look for the end of the <name>= */
-    for (string = inString;*string; string++) {
-	if (*string == '=') { break; }
-	if (sftk_argIsBlank(*string)) break;
-    }
-
-    len = string - inString;
-
-    *next = len; 
-    if (*string == '=') (*next) += 1;
-    if (len > 0) {
-	name = PORT_Alloc(len+1);
-	PORT_Strncpy(name,inString,len);
-	name[len] = 0;
-    }
-    return name;
-}
-
-#define FREE_CLEAR(p) if (p) { PORT_Free(p); p = NULL; }
-
-static void
-sftk_parseTokenFlags(char *tmp, sftk_token_parameters *parsed) { 
-    parsed->readOnly = sftk_argHasFlag("flags","readOnly",tmp);
-    parsed->noCertDB = sftk_argHasFlag("flags","noCertDB",tmp);
-    parsed->noKeyDB = sftk_argHasFlag("flags","noKeyDB",tmp);
-    parsed->forceOpen = sftk_argHasFlag("flags","forceOpen",tmp);
-    parsed->pwRequired = sftk_argHasFlag("flags","passwordRequired",tmp);
-    parsed->optimizeSpace = sftk_argHasFlag("flags","optimizeSpace",tmp);
-    return;
-}
-
-static void
-sftk_parseFlags(char *tmp, sftk_parameters *parsed) { 
-    parsed->noModDB = sftk_argHasFlag("flags","noModDB",tmp);
-    parsed->readOnly = sftk_argHasFlag("flags","readOnly",tmp);
-    /* keep legacy interface working */
-    parsed->noCertDB = sftk_argHasFlag("flags","noCertDB",tmp);
-    parsed->forceOpen = sftk_argHasFlag("flags","forceOpen",tmp);
-    parsed->pwRequired = sftk_argHasFlag("flags","passwordRequired",tmp);
-    parsed->optimizeSpace = sftk_argHasFlag("flags","optimizeSpace",tmp);
-    return;
-}
-
-static CK_RV
-sftk_parseTokenParameters(char *param, sftk_token_parameters *parsed) 
-{
-    int next;
-    char *tmp;
-    char *index;
-    index = sftk_argStrip(param);
-
-    while (*index) {
-	SFTK_HANDLE_STRING_ARG(index,parsed->configdir,"configDir=",;)
-	SFTK_HANDLE_STRING_ARG(index,parsed->certPrefix,"certPrefix=",;)
-	SFTK_HANDLE_STRING_ARG(index,parsed->keyPrefix,"keyPrefix=",;)
-	SFTK_HANDLE_STRING_ARG(index,parsed->tokdes,"tokenDescription=",;)
-	SFTK_HANDLE_STRING_ARG(index,parsed->slotdes,"slotDescription=",;)
-	SFTK_HANDLE_STRING_ARG(index,tmp,"minPWLen=", 
-			if(tmp) { parsed->minPW=atoi(tmp); PORT_Free(tmp); })
-	SFTK_HANDLE_STRING_ARG(index,tmp,"flags=", 
-	   if(tmp) { sftk_parseTokenFlags(param,parsed); PORT_Free(tmp); })
-	SFTK_HANDLE_FINAL_ARG(index)
-   }
-   return CKR_OK;
-}
-
-static void
-sftk_parseTokens(char *tokenParams, sftk_parameters *parsed)
-{
-    char *tokenIndex;
-    sftk_token_parameters *tokens = NULL;
-    int i=0,count = 0,next;
-
-    if ((tokenParams == NULL) || (*tokenParams == 0))  return;
-
-    /* first count the number of slots */
-    for (tokenIndex = sftk_argStrip(tokenParams); *tokenIndex;
-	 tokenIndex = sftk_argStrip(sftk_argSkipParameter(tokenIndex))) {
-	count++;
-    }
-
-    /* get the data structures */
-    tokens = (sftk_token_parameters *) 
-			PORT_ZAlloc(count*sizeof(sftk_token_parameters));
-    if (tokens == NULL) return;
-
-    for (tokenIndex = sftk_argStrip(tokenParams), i = 0;
-					*tokenIndex && i < count ; i++ ) {
-	char *name;
-	name = sftk_argGetName(tokenIndex,&next);
-	tokenIndex += next;
-
-	tokens[i].slotID = sftk_argDecodeNumber(name);
-        tokens[i].readOnly = PR_FALSE;
-	tokens[i].noCertDB = PR_FALSE;
-	tokens[i].noKeyDB = PR_FALSE;
-	if (!sftk_argIsBlank(*tokenIndex)) {
-	    char *args = sftk_argFetchValue(tokenIndex,&next);
-	    tokenIndex += next;
-	    if (args) {
-		sftk_parseTokenParameters(args,&tokens[i]);
-		PORT_Free(args);
-	    }
-	}
-	if (name) PORT_Free(name);
-	tokenIndex = sftk_argStrip(tokenIndex);
-    }
-    parsed->token_count = i;
-    parsed->tokens = tokens;
-    return; 
-}
-
-CK_RV
-sftk_parseParameters(char *param, sftk_parameters *parsed, PRBool isFIPS) 
-{
-    int next;
-    char *tmp;
-    char *index;
-    char *certPrefix = NULL, *keyPrefix = NULL;
-    char *tokdes = NULL, *ptokdes = NULL;
-    char *slotdes = NULL, *pslotdes = NULL;
-    char *fslotdes = NULL, *fpslotdes = NULL;
-    char *minPW = NULL;
-    index = sftk_argStrip(param);
-
-    PORT_Memset(parsed, 0, sizeof(sftk_parameters));
-
-    while (*index) {
-	SFTK_HANDLE_STRING_ARG(index,parsed->configdir,"configDir=",;)
-	SFTK_HANDLE_STRING_ARG(index,parsed->secmodName,"secmod=",;)
-	SFTK_HANDLE_STRING_ARG(index,parsed->man,"manufacturerID=",;)
-	SFTK_HANDLE_STRING_ARG(index,parsed->libdes,"libraryDescription=",;)
-	/* constructed values, used so legacy interfaces still work */
-	SFTK_HANDLE_STRING_ARG(index,certPrefix,"certPrefix=",;)
-        SFTK_HANDLE_STRING_ARG(index,keyPrefix,"keyPrefix=",;)
-        SFTK_HANDLE_STRING_ARG(index,tokdes,"cryptoTokenDescription=",;)
-        SFTK_HANDLE_STRING_ARG(index,ptokdes,"dbTokenDescription=",;)
-        SFTK_HANDLE_STRING_ARG(index,slotdes,"cryptoSlotDescription=",;)
-        SFTK_HANDLE_STRING_ARG(index,pslotdes,"dbSlotDescription=",;)
-        SFTK_HANDLE_STRING_ARG(index,fslotdes,"FIPSSlotDescription=",;)
-        SFTK_HANDLE_STRING_ARG(index,fpslotdes,"FIPSTokenDescription=",;)
-	SFTK_HANDLE_STRING_ARG(index,minPW,"minPWLen=",;)
-
-	SFTK_HANDLE_STRING_ARG(index,tmp,"flags=", 
-		if(tmp) { sftk_parseFlags(param,parsed); PORT_Free(tmp); })
-	SFTK_HANDLE_STRING_ARG(index,tmp,"tokens=", 
-		if(tmp) { sftk_parseTokens(tmp,parsed); PORT_Free(tmp); })
-	SFTK_HANDLE_FINAL_ARG(index)
-    }
-    if (parsed->tokens == NULL) {
-	int  count = isFIPS ? 1 : 2;
-	int  index = count-1;
-	sftk_token_parameters *tokens = NULL;
-
-	tokens = (sftk_token_parameters *) 
-			PORT_ZAlloc(count*sizeof(sftk_token_parameters));
-	if (tokens == NULL) {
-	    goto loser;
-	}
-	parsed->tokens = tokens;
-    	parsed->token_count = count;
-	tokens[index].slotID = isFIPS ? FIPS_SLOT_ID : PRIVATE_KEY_SLOT_ID;
-	tokens[index].certPrefix = certPrefix;
-	tokens[index].keyPrefix = keyPrefix;
-	tokens[index].minPW = minPW ? atoi(minPW) : 0;
-	tokens[index].readOnly = parsed->readOnly;
-	tokens[index].noCertDB = parsed->noCertDB;
-	tokens[index].noKeyDB = parsed->noCertDB;
-	tokens[index].forceOpen = parsed->forceOpen;
-	tokens[index].pwRequired = parsed->pwRequired;
-	tokens[index].optimizeSpace = parsed->optimizeSpace;
-	tokens[0].optimizeSpace = parsed->optimizeSpace;
-	certPrefix = NULL;
-	keyPrefix = NULL;
-	if (isFIPS) {
-	    tokens[index].tokdes = fslotdes;
-	    tokens[index].slotdes = fpslotdes;
-	    fslotdes = NULL;
-	    fpslotdes = NULL;
-	} else {
-	    tokens[index].tokdes = ptokdes;
-	    tokens[index].slotdes = pslotdes;
-	    tokens[0].slotID = NETSCAPE_SLOT_ID;
-	    tokens[0].tokdes = tokdes;
-	    tokens[0].slotdes = slotdes;
-	    tokens[0].noCertDB = PR_TRUE;
-	    tokens[0].noKeyDB = PR_TRUE;
-	    ptokdes = NULL;
-	    pslotdes = NULL;
-	    tokdes = NULL;
-	    slotdes = NULL;
-	}
-    }
-
-loser:
-    FREE_CLEAR(certPrefix);
-    FREE_CLEAR(keyPrefix);
-    FREE_CLEAR(tokdes);
-    FREE_CLEAR(ptokdes);
-    FREE_CLEAR(slotdes);
-    FREE_CLEAR(pslotdes);
-    FREE_CLEAR(fslotdes);
-    FREE_CLEAR(fpslotdes);
-    FREE_CLEAR(minPW);
-    return CKR_OK;
-}
-
-void
-sftk_freeParams(sftk_parameters *params)
-{
-    int i;
-
-    for (i=0; i < params->token_count; i++) {
-	FREE_CLEAR(params->tokens[i].configdir);
-	FREE_CLEAR(params->tokens[i].certPrefix);
-	FREE_CLEAR(params->tokens[i].keyPrefix);
-	FREE_CLEAR(params->tokens[i].tokdes);
-	FREE_CLEAR(params->tokens[i].slotdes);
-    }
-
-    FREE_CLEAR(params->configdir);
-    FREE_CLEAR(params->secmodName);
-    FREE_CLEAR(params->man);
-    FREE_CLEAR(params->libdes); 
-    FREE_CLEAR(params->tokens);
-}
-
-#define SQLDB "sql:"
-#define EXTERNDB "extern:"
-#define LEGACY "dbm:"
-const char *
-sftk_EvaluateConfigDir(const char *configdir, SDBType *dbType, char **appName)
-{
-    *appName = NULL;
-    *dbType = SDB_LEGACY;
-    if (PORT_Strncmp(configdir, MULTIACCESS, sizeof(MULTIACCESS)-1) == 0) {
-	char *cdir;
-	*dbType = SDB_MULTIACCESS;
-
-	*appName = PORT_Strdup(configdir+sizeof(MULTIACCESS)-1);
-	if (*appName == NULL) {
-	    return configdir;
-	}
-	cdir = *appName;
-	while (*cdir && *cdir != ':') {
-	    cdir++;
-	}
-	if (*cdir == ':') {
-	   *cdir = 0;
-	   cdir++;
-	}
-	configdir = cdir;
-    } else if (PORT_Strncmp(configdir, SQLDB, sizeof(SQLDB)-1) == 0) {
-	*dbType = SDB_SQL;
-	configdir = configdir + sizeof(SQLDB) -1;
-    } else if (PORT_Strncmp(configdir, EXTERNDB, sizeof(EXTERNDB)-1) == 0) {
-	*dbType = SDB_EXTERN;
-	configdir = configdir + sizeof(EXTERNDB) -1;
-    } else if (PORT_Strncmp(configdir, LEGACY, sizeof(LEGACY)-1) == 0) {
-	*dbType = SDB_LEGACY;
-	configdir = configdir + sizeof(LEGACY) -1;
-    } else {
-	/* look up the default from the environment */
-	char *defaultType = PR_GetEnv("NSS_DEFAULT_DB_TYPE");
-	if (defaultType == NULL) {
-	    /* none specified, go with the legacy */
-	    return configdir;
-	}
-	if (PORT_Strncmp(defaultType, SQLDB, sizeof(SQLDB)-2) == 0) {
-	    *dbType = SDB_SQL;
-	} else if (PORT_Strncmp(defaultType,EXTERNDB,sizeof(EXTERNDB)-2)==0) {
-	    *dbType = SDB_EXTERN;
-	} else if (PORT_Strncmp(defaultType, LEGACY, sizeof(LEGACY)-2) == 0) {
-	    *dbType = SDB_LEGACY;
-	}
-    }
-    return configdir;
-}
-
-char *
-sftk_getSecmodName(char *param, SDBType *dbType, char **appName,
-		   char **filename, PRBool *rw)
-{
-    int next;
-    char *configdir = NULL;
-    char *secmodName = NULL;
-    char *value = NULL;
-    char *save_params = param;
-    const char *lconfigdir;
-    param = sftk_argStrip(param);
-	
-
-    while (*param) {
-	SFTK_HANDLE_STRING_ARG(param,configdir,"configDir=",;)
-	SFTK_HANDLE_STRING_ARG(param,secmodName,"secmod=",;)
-	SFTK_HANDLE_FINAL_ARG(param)
-   }
-
-   *rw = PR_TRUE;
-   if (sftk_argHasFlag("flags","readOnly",save_params) ||
-	sftk_argHasFlag("flags","noModDB",save_params)) *rw = PR_FALSE;
-
-   if (!secmodName || *secmodName == '\0') {
-	if (secmodName) PORT_Free(secmodName);
-	secmodName = PORT_Strdup(SECMOD_DB);
-   }
-
-   *filename = secmodName;
-   lconfigdir = sftk_EvaluateConfigDir(configdir, dbType, appName);
-
-   /* only use the renamed secmod for legacy databases */
-   if ((*dbType != SDB_LEGACY) && (*dbType != SDB_MULTIACCESS)) {
-	secmodName="pkcs11.txt";
-   }
-
-   if (lconfigdir) {
-	value = PR_smprintf("%s" PATH_SEPARATOR "%s",lconfigdir,secmodName);
-   } else {
-	value = PR_smprintf("%s",secmodName);
-   }
-   if (configdir) PORT_Free(configdir);
-   return value;
-}

mozilla/security/nss/lib/softoken/sftkpars.h

@@ -1,17 +0,0 @@
-/*
- * license
- */
-#include "pkcs11i.h"
-#include "sftkdbt.h"
-
-/* parsing functions */
-char * sftk_argFetchValue(char *string, int *pcount);
-char * sftk_getSecmodName(char *param, SDBType *dbType, char **appName, char **filename,PRBool *rw);
-char *sftk_argStrip(char *c);
-CK_RV sftk_parseParameters(char *param, sftk_parameters *parsed, PRBool isFIPS);
-void sftk_freeParams(sftk_parameters *params);
-const char *sftk_EvaluateConfigDir(const char *configdir, SDBType *dbType, char **app);
-char * sftk_argGetParamValue(char *paramName,char *parameters);
-
-
-

mozilla/security/nss/lib/softoken/softkver.c

@@ -1,56 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 2002
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-/* Library identity and versioning */
-
-#include "softkver.h"
-
-#if defined(DEBUG)
-#define _DEBUG_STRING " (debug)"
-#else
-#define _DEBUG_STRING ""
-#endif
-
-/*
- * Version information for the 'ident' and 'what commands
- *
- * NOTE: the first component of the concatenated rcsid string
- * must not end in a '$' to prevent rcs keyword substitution.
- */
-const char __nss_softokn_rcsid[] = "$Header: NSS " SOFTOKEN_VERSION _DEBUG_STRING
-        "  " __DATE__ " " __TIME__ " $";
-const char __nss_softokn_sccsid[] = "@(#)NSS " SOFTOKEN_VERSION _DEBUG_STRING
-        "  " __DATE__ " " __TIME__;

mozilla/security/nss/lib/softoken/softkver.h

@@ -1,66 +0,0 @@
-/*
- * Softoken version numbers
- *
- * ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-#ifndef _SOFTKVER_H_
-#define _SOFTKVER_H_
-
-#ifdef NSS_ENABLE_ECC
-#ifdef NSS_ECC_MORE_THAN_SUITE_B
-#define SOFTOKEN_ECC_STRING " Extended ECC"
-#else
-#define SOFTOKEN_ECC_STRING " Basic ECC"
-#endif
-#else
-#define SOFTOKEN_ECC_STRING ""
-#endif
-
-/*
- * Softoken's major version, minor version, patch level, and whether
- * this is a beta release.
- *
- * The format of the version string should be
- *     "<major version>.<minor version>[.<patch level>][ <ECC>][ <Beta>]"
- */
-#define SOFTOKEN_VERSION  "3.12" SOFTOKEN_ECC_STRING " Beta"
-#define SOFTOKEN_VMAJOR   3
-#define SOFTOKEN_VMINOR   12
-#define SOFTOKEN_VPATCH   0
-#define SOFTOKEN_BETA     PR_TRUE
-
-#endif /* _SOFTKVER_H_ */

mozilla/security/nss/lib/softoken/softoken.h

@@ -1,263 +0,0 @@
-/*
- * softoken.h - private data structures and prototypes for the softoken lib
- *
- * ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-/* $Id: softoken.h,v 1.14.2.1 2007-04-03 22:50:01 rrelyea%redhat.com Exp $ */
-
-#ifndef _SOFTOKEN_H_
-#define _SOFTOKEN_H_
-
-#include "blapi.h"
-#include "lowkeyti.h"
-#include "softoknt.h"
-#include "secoidt.h"
-
-#include "pkcs11t.h"     /* CK_RV Required for sftk_fipsPowerUpSelfTest(). */
-
-SEC_BEGIN_PROTOS
-
-/*
-** RSA encryption/decryption. When encrypting/decrypting the output
-** buffer must be at least the size of the public key modulus.
-*/
-
-/*
-** Format some data into a PKCS#1 encryption block, preparing the
-** data for RSA encryption.
-**	"result" where the formatted block is stored (memory is allocated)
-**	"modulusLen" the size of the formatted block
-**	"blockType" what block type to use (SEC_RSABlock*)
-**	"data" the data to format
-*/
-extern SECStatus RSA_FormatBlock(SECItem *result,
-				 unsigned int modulusLen,
-				 RSA_BlockType blockType,
-				 SECItem *data);
-/*
-** Similar, but just returns a pointer to the allocated memory, *and*
-** will *only* format one block, even if we (in the future) modify
-** RSA_FormatBlock() to loop over multiples of modulusLen.
-*/
-extern unsigned char *RSA_FormatOneBlock(unsigned int modulusLen,
-					 RSA_BlockType blockType,
-					 SECItem *data);
-
-
-
-/*
- * convenience wrappers for doing single RSA operations. They create the
- * RSA context internally and take care of the formatting
- * requirements. Blinding happens automagically within RSA_Sign and
- * RSA_DecryptBlock.
- */
-extern
-SECStatus RSA_Sign(NSSLOWKEYPrivateKey *key, unsigned char *output,
-		       unsigned int *outputLen, unsigned int maxOutputLen,
-		       unsigned char *input, unsigned int inputLen);
-extern
-SECStatus RSA_HashSign(SECOidTag hashOid,
-			NSSLOWKEYPrivateKey *key, unsigned char *sig,
-			unsigned int *sigLen, unsigned int maxLen,
-			unsigned char *hash, unsigned int hashLen);
-extern
-SECStatus RSA_CheckSign(NSSLOWKEYPublicKey *key, unsigned char *sign,
-			    unsigned int signLength, unsigned char *hash,
-			    unsigned int hashLength);
-extern
-SECStatus RSA_HashCheckSign(SECOidTag hashOid,
-			    NSSLOWKEYPublicKey *key, unsigned char *sig,
-			    unsigned int sigLen, unsigned char *digest,
-			    unsigned int digestLen);
-extern
-SECStatus RSA_CheckSignRecover(NSSLOWKEYPublicKey *key, unsigned char *data,
-    			    unsigned int *data_len,unsigned int max_output_len, 
-			    unsigned char *sign, unsigned int sign_len);
-extern
-SECStatus RSA_EncryptBlock(NSSLOWKEYPublicKey *key, unsigned char *output,
-			   unsigned int *outputLen, unsigned int maxOutputLen,
-			   unsigned char *input, unsigned int inputLen);
-extern
-SECStatus RSA_DecryptBlock(NSSLOWKEYPrivateKey *key, unsigned char *output,
-			   unsigned int *outputLen, unsigned int maxOutputLen,
-			   unsigned char *input, unsigned int inputLen);
-
-/*
- * added to make pkcs #11 happy
- *   RAW is RSA_X_509
- */
-extern
-SECStatus RSA_SignRaw( NSSLOWKEYPrivateKey *key, unsigned char *output,
-			 unsigned int *output_len, unsigned int maxOutputLen,
-			 unsigned char *input, unsigned int input_len);
-extern
-SECStatus RSA_CheckSignRaw( NSSLOWKEYPublicKey *key, unsigned char *sign, 
-			    unsigned int sign_len, unsigned char *hash, 
-			    unsigned int hash_len);
-extern
-SECStatus RSA_CheckSignRecoverRaw( NSSLOWKEYPublicKey *key, unsigned char *data,
-			    unsigned int *data_len, unsigned int max_output_len,
-			    unsigned char *sign, unsigned int sign_len);
-extern
-SECStatus RSA_EncryptRaw( NSSLOWKEYPublicKey *key, unsigned char *output,
-			    unsigned int *output_len,
-			    unsigned int max_output_len, 
-			    unsigned char *input, unsigned int input_len);
-extern
-SECStatus RSA_DecryptRaw(NSSLOWKEYPrivateKey *key, unsigned char *output,
-			     unsigned int *output_len,
-    			     unsigned int max_output_len,
-			     unsigned char *input, unsigned int input_len);
-#ifdef NSS_ENABLE_ECC
-/*
-** pepare an ECParam structure from DEREncoded params
- */
-extern SECStatus EC_FillParams(PRArenaPool *arena,
-                               const SECItem *encodedParams, ECParams *params);
-extern SECStatus EC_DecodeParams(const SECItem *encodedParams, 
-				ECParams **ecparams);
-extern SECStatus EC_CopyParams(PRArenaPool *arena, ECParams *dstParams,
-              			const ECParams *srcParams);
-#endif
-
-
-/*
-** Prepare a buffer for DES encryption, growing to the appropriate boundary,
-** filling with the appropriate padding.
-** We add from 1 to DES_KEY_LENGTH bytes -- we *always* grow.
-** The extra bytes contain the value of the length of the padding:
-** if we have 2 bytes of padding, then the padding is "0x02, 0x02".
-**
-** NOTE: If arena is non-NULL, we re-allocate from there, otherwise
-** we assume (and use) PR memory (re)allocation.
-** Maybe this belongs in util?
-*/
-extern unsigned char * DES_PadBuffer(PRArenaPool *arena, unsigned char *inbuf, 
-                                     unsigned int inlen, unsigned int *outlen);
-
-
-/****************************************/
-/*
-** Power-Up selftests required for FIPS and invoked only
-** under PKCS #11 FIPS mode.
-*/
-extern CK_RV sftk_fipsPowerUpSelfTest( void ); 
-
-/*
-** make known fixed PKCS #11 key types to their sizes in bytes
-*/	
-unsigned long sftk_MapKeySize(CK_KEY_TYPE keyType);
-
-/*
-** FIPS 140-2 auditing
-*/
-extern PRBool sftk_audit_enabled;
-
-extern void sftk_LogAuditMessage(NSSAuditSeverity severity, const char *msg);
-
-extern void sftk_AuditCreateObject(CK_SESSION_HANDLE hSession,
-			CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
-			CK_OBJECT_HANDLE_PTR phObject, CK_RV rv);
-
-extern void sftk_AuditCopyObject(CK_SESSION_HANDLE hSession,
-			CK_OBJECT_HANDLE hObject,
-			CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
-			CK_OBJECT_HANDLE_PTR phNewObject, CK_RV rv);
-
-extern void sftk_AuditDestroyObject(CK_SESSION_HANDLE hSession,
-			CK_OBJECT_HANDLE hObject, CK_RV rv);
-
-extern void sftk_AuditGetObjectSize(CK_SESSION_HANDLE hSession,
-			CK_OBJECT_HANDLE hObject, CK_ULONG_PTR pulSize,
-			CK_RV rv);
-
-extern void sftk_AuditGetAttributeValue(CK_SESSION_HANDLE hSession,
-			CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate,
-			CK_ULONG ulCount, CK_RV rv);
-
-extern void sftk_AuditSetAttributeValue(CK_SESSION_HANDLE hSession,
-			CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate,
-			CK_ULONG ulCount, CK_RV rv);
-
-extern void sftk_AuditCryptInit(const char *opName,
-			CK_SESSION_HANDLE hSession,
-			CK_MECHANISM_PTR pMechanism,
-			CK_OBJECT_HANDLE hKey, CK_RV rv);
-
-extern void sftk_AuditGenerateKey(CK_SESSION_HANDLE hSession,
-			CK_MECHANISM_PTR pMechanism,
-			CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
-			CK_OBJECT_HANDLE_PTR phKey, CK_RV rv);
-
-extern void sftk_AuditGenerateKeyPair(CK_SESSION_HANDLE hSession,
-			CK_MECHANISM_PTR pMechanism,
-			CK_ATTRIBUTE_PTR pPublicKeyTemplate,
-			CK_ULONG ulPublicKeyAttributeCount,
-			CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
-			CK_ULONG ulPrivateKeyAttributeCount,
-			CK_OBJECT_HANDLE_PTR phPublicKey,
-			CK_OBJECT_HANDLE_PTR phPrivateKey, CK_RV rv);
-
-extern void sftk_AuditWrapKey(CK_SESSION_HANDLE hSession,
-			CK_MECHANISM_PTR pMechanism,
-			CK_OBJECT_HANDLE hWrappingKey, CK_OBJECT_HANDLE hKey,
-			CK_BYTE_PTR pWrappedKey,
-			CK_ULONG_PTR pulWrappedKeyLen, CK_RV rv);
-
-extern void sftk_AuditUnwrapKey(CK_SESSION_HANDLE hSession,
-			CK_MECHANISM_PTR pMechanism,
-			CK_OBJECT_HANDLE hUnwrappingKey,
-			CK_BYTE_PTR pWrappedKey, CK_ULONG ulWrappedKeyLen,
-			CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount,
-			CK_OBJECT_HANDLE_PTR phKey, CK_RV rv);
-
-extern void sftk_AuditDeriveKey(CK_SESSION_HANDLE hSession,
-			CK_MECHANISM_PTR pMechanism,
-			CK_OBJECT_HANDLE hBaseKey,
-			CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount,
-			CK_OBJECT_HANDLE_PTR phKey, CK_RV rv);
-
-extern void sftk_AuditDigestKey(CK_SESSION_HANDLE hSession,
-			CK_OBJECT_HANDLE hKey, CK_RV rv);
-
-/*
-** FIPS 140-2 Error state
-*/
-extern PRBool sftk_fatalError;
-
-SEC_END_PROTOS
-
-#endif /* _SOFTOKEN_H_ */

mozilla/security/nss/lib/softoken/softokn.def

@@ -1,61 +0,0 @@
-;+#
-;+# ***** BEGIN LICENSE BLOCK *****
-;+# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-;+#
-;+# The contents of this file are subject to the Mozilla Public License Version
-;+# 1.1 (the "License"); you may not use this file except in compliance with
-;+# the License. You may obtain a copy of the License at
-;+# http://www.mozilla.org/MPL/
-;+#
-;+# Software distributed under the License is distributed on an "AS IS" basis,
-;+# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-;+# for the specific language governing rights and limitations under the
-;+# License.
-;+#
-;+# The Original Code is the Netscape security libraries.
-;+#
-;+# The Initial Developer of the Original Code is
-;+# Netscape Communications Corporation.
-;+# Portions created by the Initial Developer are Copyright (C) 2000
-;+# the Initial Developer. All Rights Reserved.
-;+#
-;+# Contributor(s):
-;+#   Dr Stephen Henson <stephen.henson@gemplus.com>
-;+#
-;+# Alternatively, the contents of this file may be used under the terms of
-;+# either the GNU General Public License Version 2 or later (the "GPL"), or
-;+# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-;+# in which case the provisions of the GPL or the LGPL are applicable instead
-;+# of those above. If you wish to allow use of your version of this file only
-;+# under the terms of either the GPL or the LGPL, and not to allow others to
-;+# use your version of this file under the terms of the MPL, indicate your
-;+# decision by deleting the provisions above and replace them with the notice
-;+# and other provisions required by the GPL or the LGPL. If you do not delete
-;+# the provisions above, a recipient may use your version of this file under
-;+# the terms of any one of the MPL, the GPL or the LGPL.
-;+#
-;+# ***** END LICENSE BLOCK *****
-;+#
-;+# OK, this file is meant to support SUN, LINUX, AIX and WINDOWS
-;+#   1. For all unix platforms, the string ";-"  means "remove this line"
-;+#   2. For all unix platforms, the string " DATA " will be removed from any 
-;+#	line on which it occurs.
-;+#   3. Lines containing ";+" will have ";+" removed on SUN and LINUX.
-;+#      On AIX, lines containing ";+" will be removed.  
-;+#   4. For all unix platforms, the string ";;" will thave the ";;" removed.
-;+#   5. For all unix platforms, after the above processing has taken place,
-;+#    all characters after the first ";" on the line will be removed.  
-;+#    And for AIX, the first ";" will also be removed.
-;+#  This file is passed directly to windows. Since ';' is a comment, all UNIX
-;+#   directives are hidden behind ";", ";+", and ";-"
-;+NSS_3.4 {       # NSS 3.4 release
-;+    global:
-LIBRARY softokn3 ;-
-EXPORTS ;-
-C_GetFunctionList; Make this function like a real PKCS #11 module as well
-FC_GetFunctionList;
-NSC_GetFunctionList;
-NSC_ModuleDBFunc;
-;+    local:
-;+       *;
-;+};

mozilla/security/nss/lib/softoken/softokn.rc

@@ -1,100 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 2001
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-#include "softkver.h"
-#include <winver.h>
-
-#define MY_LIBNAME "softokn"
-#define MY_FILEDESCRIPTION "NSS PKCS #11 Library"
-
-#define STRINGIZE(x) #x
-#define STRINGIZE2(x) STRINGIZE(x)
-#define SOFTOKEN_VMAJOR_STR STRINGIZE2(SOFTOKEN_VMAJOR)
-
-#ifdef _DEBUG
-#define MY_DEBUG_STR " (debug)"
-#define MY_FILEFLAGS_1 VS_FF_DEBUG
-#else
-#define MY_DEBUG_STR ""
-#define MY_FILEFLAGS_1 0x0L
-#endif
-#if SOFTOKEN_BETA
-#define MY_FILEFLAGS_2 MY_FILEFLAGS_1|VS_FF_PRERELEASE
-#else
-#define MY_FILEFLAGS_2 MY_FILEFLAGS_1
-#endif
-
-#ifdef WINNT
-#define MY_FILEOS VOS_NT_WINDOWS32
-#else
-#define MY_FILEOS VOS__WINDOWS32
-#endif
-
-#define MY_INTERNAL_NAME MY_LIBNAME SOFTOKEN_VMAJOR_STR
-
-/////////////////////////////////////////////////////////////////////////////
-//
-// Version-information resource
-//
-
-VS_VERSION_INFO VERSIONINFO
- FILEVERSION SOFTOKEN_VMAJOR,SOFTOKEN_VMINOR,SOFTOKEN_VPATCH,0
- PRODUCTVERSION SOFTOKEN_VMAJOR,SOFTOKEN_VMINOR,SOFTOKEN_VPATCH,0
- FILEFLAGSMASK VS_FFI_FILEFLAGSMASK
- FILEFLAGS MY_FILEFLAGS_2
- FILEOS MY_FILEOS
- FILETYPE VFT_DLL
- FILESUBTYPE 0x0L // not used
-
-BEGIN
-    BLOCK "StringFileInfo"
-    BEGIN
-        BLOCK "040904B0" // Lang=US English, CharSet=Unicode
-        BEGIN
-            VALUE "CompanyName", "Mozilla Foundation\0"
-            VALUE "FileDescription", MY_FILEDESCRIPTION MY_DEBUG_STR "\0"
-            VALUE "FileVersion", SOFTOKEN_VERSION "\0"
-            VALUE "InternalName", MY_INTERNAL_NAME "\0"
-            VALUE "OriginalFilename", MY_INTERNAL_NAME ".dll\0"
-            VALUE "ProductName", "Network Security Services\0"
-            VALUE "ProductVersion", SOFTOKEN_VERSION "\0"
-        END
-    END
-    BLOCK "VarFileInfo"
-    BEGIN
-        VALUE "Translation", 0x409, 1200
-    END
-END

mozilla/security/nss/lib/softoken/softoknt.h

@@ -1,73 +0,0 @@
-/*
- * softoknt.h - public data structures for the software token library
- *
- * ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-/* $Id: softoknt.h,v 1.4 2006-05-05 20:02:47 wtchang%redhat.com Exp $ */
-
-#ifndef _SOFTOKNT_H_
-#define _SOFTOKNT_H_
-
-/*
- * RSA block types
- *
- * The actual values are important -- they are fixed, *not* arbitrary.
- * The explicit value assignments are not needed (because C would give
- * us those same values anyway) but are included as a reminder...
- */
-typedef enum {
-    RSA_BlockPrivate0 = 0,	/* unused, really */
-    RSA_BlockPrivate = 1,	/* pad for a private-key operation */
-    RSA_BlockPublic = 2,	/* pad for a public-key operation */
-    RSA_BlockOAEP = 3,		/* use OAEP padding */
-				/* XXX is this only for a public-key
-				   operation? If so, add "Public" */
-    RSA_BlockRaw = 4,		/* simply justify the block appropriately */
-    RSA_BlockTotal
-} RSA_BlockType;
-
-#define NSS_SOFTOKEN_DEFAULT_CHUNKSIZE   2048
-
-/*
- * FIPS 140-2 auditing
- */
-typedef enum {
-    NSS_AUDIT_ERROR = 3,    /* errors */
-    NSS_AUDIT_WARNING = 2,  /* warning messages */
-    NSS_AUDIT_INFO = 1      /* informational messages */
-} NSSAuditSeverity;
-
-#endif /* _SOFTOKNT_H_ */