[Fedora-directory-commits] esc/src/lib/coolkey CoolKey.cpp, 1.1.1.1, 1.2 CoolKey.h, 1.1.1.1, 1.2 CoolKeyHandler.cpp, 1.1.1.1, 1.2 CoolKeyHandler.h, 1.1.1.1, 1.2 CoolKey_Message.cpp, 1.1.1.1, 1.2 NSSManager.cpp, 1.1.1.1, 1.2 NSSManager.h, 1.1.1.1, 1.2 SlotUtils.cpp, 1.1.1.1, 1.2 SlotUtils.h, 1.1.1.1, 1.2 SmartCardMonitoringThread.cpp, 1.1.1.1, 1.2 ckymanager.def, 1.1.1.1, 1.2 manifest.mn, 1.1.1.1, 1.2
Jack Magne (jmagne)
fedora-directory-commits at redhat.com
Wed Sep 27 17:47:49 UTC 2006
Author: jmagne
Update of /cvs/dirsec/esc/src/lib/coolkey
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv27376
Modified Files:
CoolKey.cpp CoolKey.h CoolKeyHandler.cpp CoolKeyHandler.h
CoolKey_Message.cpp NSSManager.cpp NSSManager.h SlotUtils.cpp
SlotUtils.h SmartCardMonitoringThread.cpp ckymanager.def
manifest.mn
Log Message:
Latest updates.
Index: CoolKey.cpp
===================================================================
RCS file: /cvs/dirsec/esc/src/lib/coolkey/CoolKey.cpp,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- CoolKey.cpp 12 Jun 2006 23:39:52 -0000 1.1.1.1
+++ CoolKey.cpp 27 Sep 2006 17:47:46 -0000 1.2
@@ -15,14 +15,8 @@
* All rights reserved.
* END COPYRIGHT BLOCK **/
-//#ifdef WIN32
-//#include "windows.h"
-//#include "CoolKeyCSP.h"
-//#define ENABLE_CSP
-//#endif
+#define FORCE_PR_LOG 1
-#include "CoolKey.h"
-#include "CoolKeyPref.h"
#include "SlotUtils.h"
#include "prthread.h"
@@ -38,10 +32,10 @@
#include <list>
#include <algorithm>
#include <prlog.h>
-
+#include "CoolKey.h"
static NSSManager* g_NSSManager = NULL;
-static PRLogModuleInfo *coolKeyLog = PR_NewLogModule("netkey");
+static PRLogModuleInfo *coolKeyLog = PR_NewLogModule("coolKeyLib");
static std::list<CoolKeyListener*> g_Listeners;
@@ -70,18 +64,17 @@
if (!g_NSSManager)
{
- PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("CoolKeyInit:Failed to create NSSManager.\n"));
+ PR_LOG( coolKeyLog, PR_LOG_ERROR, ("CoolKeyInit:Failed to create NSSManager.\n"));
return E_FAIL;
}
HRESULT rv = g_NSSManager->InitNSS(aAppDir);
if (rv == E_FAIL)
{
- PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("CoolKeyInit:Failed to Init NSSManager. \n"));
+ PR_LOG( coolKeyLog, PR_LOG_ERROR, ("Failed to initialize Crypto library! \n"));
return rv;
}
-
return S_OK;
}
@@ -89,14 +82,6 @@
{
PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("CoolKeyShutdown:\n"));
-// ShutdownUIThreadProxyService();
-
- std::list<CoolKeyListener*>::iterator it;
- for (it=g_Listeners.begin(); it!=g_Listeners.end(); ++it)
- {
- PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("CoolKeyShutdown: listener still in list %p\n",(*it)));
- }
-
DestroyCoolKeyList();
if (g_NSSManager) {
@@ -105,10 +90,6 @@
g_NSSManager = 0;
}
- //DestroyCoolKeyList();
-
- CoolKeyPrefShutdown();
-
return S_OK;
}
@@ -118,6 +99,8 @@
static CoolKeyGetConfigValue g_GetConfigValue = NULL;
static CoolKeySetConfigValue g_SetConfigValue = NULL;
+char* CoolKeyVerifyPassword(PK11SlotInfo *,PRBool,void *);
+
COOLKEY_API HRESULT CoolKeySetCallbacks(CoolKeyDispatch dispatch,
CoolKeyReference reference, CoolKeyRelease release,
CoolKeyGetConfigValue getconfigvalue,CoolKeySetConfigValue setconfigvalue)
@@ -127,6 +110,10 @@
g_Release = release;
g_GetConfigValue = getconfigvalue;
g_SetConfigValue = setconfigvalue;
+
+
+ PK11_SetPasswordFunc( CoolKeyVerifyPassword);
+ // Set the verify password callback here, no params needed we know what it is
return 0;
}
@@ -140,6 +127,11 @@
(*g_Reference)(list); \
}
+char *CoolKeyVerifyPassword(PK11SlotInfo *slot,PRBool retry,void *arg)
+{
+ PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("CoolKeyVerifyPassword: \n"));
+ return NULL;
+}
COOLKEY_API HRESULT CoolKeyRegisterListener(CoolKeyListener* aListener)
{
@@ -169,7 +161,6 @@
PR_LOG( coolKeyLog, PR_LOG_DEBUG,
("CoolKeyUnregisterListener: erasing listener %p \n",*it));
- //CoolKeyListener *listener = *it;
g_Listeners.erase(it);
RELEASE_LISTENER(aListener);
}
@@ -196,9 +187,6 @@
}
}
- PR_LOG( coolKeyLog, PR_LOG_DEBUG,
- ("CoolKeyNotify: leaving: key %s state %d data %d",
- aKey->mKeyID, aKeyState, aData));
return S_OK;
}
@@ -831,7 +819,7 @@
}
- return S_OK; // NSSManager::GetKeyCertInfo(aKey,aCertNickname,aCertInfo);
+ return NSSManager::GetKeyCertInfo(aKey,aCertNickname,aCertInfo);
}
@@ -843,6 +831,178 @@
return NSSManager::GetKeyPolicy(aKey, aBuf, aBufLen);
}
+HRESULT
+CoolKeyGetIssuedTo(const CoolKey *aKey, char *aBuf, int aBufLength)
+{
+ if (!aKey || !aKey->mKeyID || !aBuf || aBufLength < 1)
+ return E_FAIL;
+
+ return NSSManager::GetKeyIssuedTo(aKey,aBuf,aBufLength);
+
+}
+HRESULT CoolKeyGetIssuerInfo(const CoolKey *aKey, char *aBuf, int aBufLen)
+{
+ if (!aKey || !aKey->mKeyID || !aBuf || aBufLen < 1)
+ return E_FAIL;
+
+ aBuf[0] = 0;
+
+ PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("CoolKeyGetIssuerInfo::\n"));
+
+ CKYBuffer ISSUER_INFO;
+ CKYBuffer_InitEmpty(&ISSUER_INFO);
+ CKYCardConnection *conn = NULL;
+ CKYISOStatus apduRC = 0;
+ CKYStatus status;
+ const char *readerName = NULL;
+ const CKYByte *infoData = NULL;
+ CKYSize infoSize = 0;
+
+ HRESULT result = S_OK;
+
+
+ CKYCardContext *cardCtxt = CKYCardContext_Create(SCARD_SCOPE_USER);
+
+ assert(cardCtxt);
+ if (!cardCtxt) {
+ PR_LOG( coolKeyLog, PR_LOG_ERROR, ("Attempting to get key issuer info. Can't create Card Context !.\n"));
+ result = E_FAIL;
+ goto done;
+ }
+
+ conn = CKYCardConnection_Create(cardCtxt);
+ assert(conn);
+ if (!conn) {
+ PR_LOG( coolKeyLog, PR_LOG_ERROR, ("Attempting to get key issuer info. Can't create Card Connection!\n"));
+ result = E_FAIL;
+ goto done;
+ }
+
+ readerName = GetReaderNameForKeyID(aKey);
+ assert(readerName);
+ if (!readerName) {
+ PR_LOG( coolKeyLog, PR_LOG_ERROR, ("Attempting to get key issuer info. Can't get reader name!\n"));
+ result = E_FAIL;
+ goto done;
+ }
+
+ status = CKYCardConnection_Connect(conn, readerName);
+ if (status != CKYSUCCESS) {
+ PR_LOG( coolKeyLog, PR_LOG_ERROR, ("Attempting to get key issuer info. Can't connect to Card!\n"));
+
+ result = E_FAIL;
+ goto done;
+ }
+
+CKYCardConnection_BeginTransaction(conn);
+ apduRC = 0;
+ status = CKYApplet_SelectCoolKeyManager(conn, &apduRC);
+ if (status != CKYSUCCESS) {
+
+ PR_LOG( coolKeyLog, PR_LOG_ERROR, ("Attempting to get key issuer info. Can't select CoolKey manager!\n"));
+ goto done;
+ }
+
+ status = CKYApplet_GetIssuerInfo(conn, &ISSUER_INFO,
+ &apduRC);
+
+ if(status != CKYSUCCESS)
+ {
+ PR_LOG( coolKeyLog, PR_LOG_ERROR, ("Attempting to get key issuer info. Error actually getting IssuerInfo!\n"));
+ result = E_FAIL;
+ goto done;
+ }
+
+ infoSize = CKYBuffer_Size(&ISSUER_INFO);
+
+ if(infoSize == 0)
+ {
+ PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("CoolKeyGetIssuerInfo:: IssuerInfo buffer size is zero!\n"));
+ result = E_FAIL;
+ goto done;
+ }
+
+ if(infoSize >= (CKYSize ) aBufLen)
+ {
+ PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("CoolKeyGetIssuerInfo:: Insufficient space to put Issuer Info!\n"));
+
+ result = E_FAIL;
+ goto done;
+ }
+
+ infoData = CKYBuffer_Data(&ISSUER_INFO);
+
+ PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("CoolKeyGetIssuerInfo:: IssuerInfo actual data %s!\n",(char *) infoData));
+ if(infoData)
+ {
+ strcpy((char *) aBuf, (char *) infoData);
+ }
+
+ done:
+
+ if (conn) {
+ CKYCardConnection_EndTransaction(conn);
+ CKYCardConnection_Disconnect(conn);
+ CKYCardConnection_Destroy(conn);
+ }
+ if (cardCtxt) {
+ CKYCardContext_Destroy(cardCtxt);
+ }
+
+ CKYBuffer_FreeData(&ISSUER_INFO);
+
+ return result;
+}
+
+bool CoolKeyIsReallyCoolKey(const CoolKey *aKey)
+{
+ bool res = false;
+
+ if(!aKey)
+ return res;
+
+
+ CoolKeyInfo *info =
+ GetCoolKeyInfoByKeyID(aKey);
+
+ if(!info)
+ return res;
+
+ if( IS_REALLY_A_COOLKEY(info->mInfoFlags))
+ res = true;
+
+ return res;
+}
+
+int CoolKeyGetAppletVer(const CoolKey *aKey, const bool isMajor)
+{
+
+ int result = -1;
+ if(!aKey)
+ return result;
+
+ CoolKeyInfo *info =
+ GetCoolKeyInfoByKeyID(aKey);
+
+ if(!info)
+ return result;
+
+ PK11SlotInfo *slot = GetSlotForKeyID(aKey);
+
+ if(!slot)
+ return result;
+
+ CK_TOKEN_INFO tokenInfo;
+ PK11_GetTokenInfo(slot, &tokenInfo);
+
+ if(isMajor)
+ result = (int) tokenInfo.firmwareVersion.major;
+ else
+ result = (int) tokenInfo.firmwareVersion.minor;
+
+ return result;
+
+}
bool
Index: CoolKey.h
===================================================================
RCS file: /cvs/dirsec/esc/src/lib/coolkey/CoolKey.h,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- CoolKey.h 12 Jun 2006 23:39:52 -0000 1.1.1.1
+++ CoolKey.h 27 Sep 2006 17:47:46 -0000 1.2
@@ -120,6 +120,8 @@
COOLKEY_API bool CoolKeyHasApplet(const CoolKey *aKey);
COOLKEY_API bool CoolKeyIsEnrolled(const CoolKey *aKey);
COOLKEY_API bool CoolKeyHasReader(const CoolKey *aKey);
+COOLKEY_API bool CoolKeyIsReallyCoolKey(const CoolKey *aKey);
+
COOLKEY_API bool CoolKeyAuthenticate(const CoolKey *aKey, const char *aPIN);
COOLKEY_API HRESULT CoolKeyGenerateRandomData(unsigned char *aBuf, int aBufLen);
COOLKEY_API HRESULT CoolKeyGetSignatureLength(const CoolKey *aKey, int *aLength);
@@ -133,6 +135,8 @@
COOLKEY_API HRESULT CoolKeyGetCertInfo(const CoolKey *aKey, char *aCertNickname, std::string & aCertInfo);
+COOLKEY_API HRESULT CoolKeyGetIssuedTo(const CoolKey *aKey, char *aBuf, int aBufLength);
+
COOLKEY_API bool CoolKeyRequiresAuthentication(const CoolKey *aKey);
COOLKEY_API bool CoolKeyIsAuthenticated(const CoolKey *aKey);
@@ -165,6 +169,11 @@
COOLKEY_API HRESULT CoolKeySetDataValue(const CoolKey *aKey,const char *name, const char *value);
+
+COOLKEY_API HRESULT CoolKeyGetIssuerInfo(const CoolKey *aKey, char *aBuf, int aBufLen);
+
+COOLKEY_API int CoolKeyGetAppletVer(const CoolKey *aKey, const bool isMajor);
+
}
////////////////////////////////////////////////////////////////////////
Index: CoolKeyHandler.cpp
===================================================================
RCS file: /cvs/dirsec/esc/src/lib/coolkey/CoolKeyHandler.cpp,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- CoolKeyHandler.cpp 12 Jun 2006 23:39:51 -0000 1.1.1.1
+++ CoolKeyHandler.cpp 27 Sep 2006 17:47:46 -0000 1.2
@@ -15,11 +15,12 @@
* All rights reserved.
* END COPYRIGHT BLOCK **/
+#define FORCE_PR_LOG 1
+
#include <memory.h>
#include <assert.h>
#include <stdio.h>
#include <string>
-//#include <winscard.h>
#include "prprf.h"
#include "nss.h"
@@ -35,7 +36,6 @@
#include "CoolKeyID.h"
#include "CoolKey.h"
-#include "CoolKeyPref.h"
#include "cky_base.h"
#include "cky_applet.h"
@@ -55,7 +55,7 @@
#define CKA_MOZILLA_ATR (CKO_NETSCAPE+25)
#endif
-static PRLogModuleInfo *coolKeyLogHN = PR_NewLogModule("netkey");
+static PRLogModuleInfo *coolKeyLogHN = PR_NewLogModule("coolKeyHandler");
void NotifyEndResult(CoolKeyHandler* context, int operation, int result, int description);
@@ -446,7 +446,7 @@
const char *tokenCode,int op) {
int error_no = 0;
- int config_error_no = 44;
+ int config_error_no = CONFIG_ERROR;
PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("CoolKeyHandler::Init:\n"));
@@ -455,7 +455,7 @@
const char *readerName = NULL;
if (!aKey || aKey->mKeyType != eCKType_CoolKey || !aKey->mKeyID) {
- PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("CoolKeyHandler::Init: failure 1\n"));
+ PR_LOG( coolKeyLogHN, PR_LOG_ERROR, ("Cannot begin CoolKey operation. Insuficient input parameters. \n"));
goto done;
}
@@ -468,14 +468,14 @@
if (!readerName) {
- PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("CoolKeyHandler::Init: failure 2\n"));
+ PR_LOG( coolKeyLogHN, PR_LOG_ERROR, ("Cannot begin CoolKey operation. Cannot locate card reader name! \n"));
goto done;
}
mDataLock = PR_NewLock();
if (!mDataLock)
{
- PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("CoolKeyHandler::Init: failure Can't initialize Lock for data.\n"));
+ PR_LOG( coolKeyLogHN, PR_LOG_ERROR, ("Cannot begin CoolKey operation. Cannnot initialize internal locking mechanism.\n"));
return E_FAIL;
}
@@ -483,41 +483,36 @@
mDataCondVar = PR_NewCondVar(mDataLock);
if (!mDataCondVar)
{
- PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("CoolKeyHandler::Init: failure Can't initialize Cond Var for data.\n"));
+ PR_LOG( coolKeyLogHN, PR_LOG_ERROR, ("Cannot begin CoolKey operation. Cannot initialize internal syncronization mechanism.\n"));
return E_FAIL;
}
CollectPreferences();
-
mHttpDisconnected = false;
mCancelled = false;
- //CoolKeyGetPref("TPS_HOST_USES_SSL", &temp);
-
-
if(!mCharHostName || !mRAUrl)
{
- PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("CoolKeyHandler::Init: Didn't collect proper config info..\n"));
+ PR_LOG( coolKeyLogHN, PR_LOG_ERROR, ("Cannot begin CoolKey operation. Didn't collect proper config information.\n"));
error_no = config_error_no;
goto done;
}
-
PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("CoolKeyHandler::Init: Past configuration tests, about to attempt operation.\n"));
mCardContext = CKYCardContext_Create(SCARD_SCOPE_USER);
if (!mCardContext) {
- PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("CoolKeyHandler::Init: failure 3\n"));
- error_no = 45;
+ PR_LOG( coolKeyLogHN, PR_LOG_ERROR, ("Cannot begin CoolKey operation. Cannot create card context! \n"));
+ error_no = CARD_CONTEXT_ERROR;
goto done;
}
mPDUWriter = new PDUWriterThread(this);
if (!mPDUWriter) {
- error_no = 46;
- PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("CoolKeyHandler::Init: failure 4\n"));
+ error_no = PDU_WRITER_ERROR;
+ PR_LOG( coolKeyLogHN, PR_LOG_ERROR, ("Cannot begin CoolKey operation. Cannot create internal PDU writer thread!\n"));
goto done;
}
@@ -528,8 +523,8 @@
if(mHttp_handle <= 0)
{
- PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("CoolKeyHandler::Init: failure 5\n"));
- error_no = 47;
+ PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("Cannot begin CoolKey operation. Can't create internal Http Client!\n"));
+ error_no = HTTP_CLIENT_ERROR;
goto done;
}
@@ -537,8 +532,8 @@
connected = ConnectToReader(readerName);
if (!connected) {
- PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("CoolKeyHandler::Init: failure 6\n"));
- error_no = 48;
+ PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("Cannot begin CoolKey operation. Can't connect to card reader!\n"));
+ error_no = CONN_READER_ERROR;
goto done;
}
@@ -569,12 +564,8 @@
CKYCardContext_Destroy(mCardContext);
mCardContext = 0;
}
- PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("CoolKeyHandler::Init: failure 7\n"));
-
-
- NotifyEndResult(this, op, 1, error_no);
- PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("CoolKeyHandler::Init: failure attempted to NotifyEndResult error no %d\n",error_no));
+ NotifyEndResult(this, op, 1, error_no);
return E_FAIL;
}
@@ -586,22 +577,27 @@
{
PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("CoolKeyHandler::CollectPreferences !\n"));
+ //Grab the keyID which we will need
- int httpMessageTimeout = 30;
+ const char *keyID = mKey.mKeyID;
+ if(!keyID)
+ {
+ PR_LOG( coolKeyLogHN, PR_LOG_ERROR,("Collecting CoolKey preferences. Cannot get keyID , cannot proceed. \n"));
- //Quickly grab the configurable http message timeout
+ return;
+ }
+
+ int httpMessageTimeout = 30;
+ //Quickly grab the configurable http message timeout
const char *msg_timeout = CoolKeyGetConfig("esc.tps.message.timeout");
-
if(msg_timeout)
{
-
httpMessageTimeout = atoi(msg_timeout);
-
PR_LOG( coolKeyLogHN, PR_LOG_DEBUG,("CoolKeyHandler::CollectPreferences! Message timeout %d\n",httpMessageTimeout));
}
@@ -610,12 +606,27 @@
// Now grab the url for the tps server from config store.
- const char *tps_url = CoolKeyGetConfig("esc.tps.url");
+ string tps_operation = "Operation";
+
+ string tps_url_for_key = tps_operation + "-" + keyID;
+
+ const char *tps_url_for_key_str = tps_url_for_key.c_str();
+
+ PR_LOG( coolKeyLogHN, PR_LOG_DEBUG,("CoolKeyHandler::CollectPreferences! tps_url %s\n",tps_url_for_key_str));
+ const char *tps_url = CoolKeyGetConfig(tps_url_for_key_str);
if(!tps_url)
{
- PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("CoolKeyHandler::CollectPreferences Can't find value for esc.tps.url \n"));
- return;
+ //now try to get the hard coded entry out of the config file.
+
+ tps_url = CoolKeyGetConfig("esc.tps.url");
+
+ if(!tps_url)
+ {
+ PR_LOG( coolKeyLogHN, PR_LOG_ERROR, ("Collecting CoolKey preferences. Cannot find value for the TPS URL. \n"));
+
+ return;
+ }
}
PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("CoolKeyHandler::CollectPreferences esc.tps.url %s\n",tps_url));
@@ -642,7 +653,7 @@
pos = tps_url_str.find(non_ssl_str,0);
if(pos == string::npos)
{
- PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("CoolKeyHandler::CollectPreferences esc.tps.url illegal protocol! \n"));
+ PR_LOG( coolKeyLogHN, PR_LOG_ERROR, ("Collecting CoolKey preferences. TPS URL has specified an illegal protocol! \n"));
return;
}
@@ -685,7 +696,7 @@
if(!host_name_port_str.length())
{
- PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("CoolKeyHandler::CollectPreferences Bad hostname and port sttring!.\n"));
+ PR_LOG( coolKeyLogHN, PR_LOG_ERROR, ("Collecting CoolKey preferences. Bad hostname and port value!.\n"));
return;
}
@@ -811,7 +822,7 @@
HRESULT CoolKeyHandler::SetPassword(const char *password)
{
- PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("CoolKeyHandler::CloseConnection:\n"));
+ PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("CoolKeyHandler::SetPassword:\n"));
PR_Lock(mDataLock);
if(!mCharScreenNamePwd)
@@ -1162,7 +1173,7 @@
string ext_buffer = "";
- char *clientVer = "ESC 1.1";
+ char *clientVer = "ESC 1.0.0";
sprintf(buffer,"clientVersion=%s",clientVer);
ext_buffer = buffer;
@@ -1224,23 +1235,25 @@
void CoolKeyHandler::HttpProcessTokenPDU(CoolKeyHandler *context,eCKMessage_TOKEN_PDU_REQUEST *req)
{
- PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("CoolKeyHandler::ProcessTokenPDU:\n"));
- if(!req)
- {
- return;
- }
-
- int size = 4096;
- unsigned char pduData[4096];
-
+ PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("CoolKeyHandler::ProcessTokenPDU:\n"));
+ if(!req || !context)
+ {
+ PR_LOG( coolKeyLogHN, PR_LOG_ERROR, ("Processing HTTP message. Bad input data. \n"));
+ context->HttpOnDisconnect();
+ return;
+ }
- req->getPduData(pduData,&size);
+ int size = 4096;
+ unsigned char pduData[4096];
+ req->getPduData(pduData,&size);
- if(size == 0)
- {
- return;
- }
+ if(size == 0)
+ {
+ PR_LOG( coolKeyLogHN, PR_LOG_ERROR, ("Processing HTTP message. Can't extract PDU data from message! \n"));
+ context->HttpOnDisconnect();
+ return;
+ }
// Send the PDU to the token
@@ -1250,56 +1263,61 @@
// structure is a C struct that contains a single member
// which just so happens to be an CKYBuffer.
- AutoCKYBuffer pduBuffer(pduData, size);
- CKYAPDU *requestAPDU = (CKYAPDU*)((CKYBuffer*)&pduBuffer);
+ AutoCKYBuffer pduBuffer(pduData, size);
+ CKYAPDU *requestAPDU = (CKYAPDU*)((CKYBuffer*)&pduBuffer);
- // XXX
+ AutoCKYBuffer response;
-
- AutoCKYBuffer response;
-
- CKYStatus status = CKYCardConnection_ExchangeAPDU(context->GetCardConnection(),
+ CKYStatus status = CKYCardConnection_ExchangeAPDU(context->GetCardConnection(),
requestAPDU, &response);
-
- if (status != CKYSUCCESS) {
- return;
- }
-
- eCKMessage_TOKEN_PDU_RESPONSE pdu_response;
+ if (status != CKYSUCCESS) {
+ PR_LOG( coolKeyLogHN, PR_LOG_ERROR,
+ ("Processing HTTP message. Can't write apdu to card! status %d response[0] %x response[1] %x error %d \n"
+ ,status,CKYBuffer_GetChar(&response,0),CKYBuffer_GetChar(&response,1),
+ CKYCardConnection_GetLastError(context->GetCardConnection())));
- int pduSizeRet = (MESSAGE_u08) CKYBuffer_Size(&response);
- MESSAGE_byte *pduDataRet = (MESSAGE_byte *) CKYBuffer_Data(&response);
+ context->HttpOnDisconnect();
- if(pduSizeRet == 0 || !pduDataRet)
- {
- return;
- }
+ return;
+ }
+
+ eCKMessage_TOKEN_PDU_RESPONSE pdu_response;
- pdu_response.setPduData(pduDataRet,pduSizeRet);
+ int pduSizeRet = (MESSAGE_u08) CKYBuffer_Size(&response);
+ MESSAGE_byte *pduDataRet = (MESSAGE_byte *) CKYBuffer_Data(&response);
- string output = "";
+ if(pduSizeRet == 0 || !pduDataRet)
+ {
+ PR_LOG( coolKeyLogHN, PR_LOG_ERROR, ("Processing HTTP message. No PDU response from card! \n"));
+ context->HttpOnDisconnect();
+ return;
+ }
- pdu_response.encode(output);
-
- NSS_HTTP_HANDLE handle = context->getHttpHandle();
+ pdu_response.setPduData(pduDataRet,pduSizeRet);
+ string output = "";
- if(handle && output.size())
- {
- PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("CoolKeyHandler::sending to RA: %s \n",output.c_str()));
- NSS_HTTP_RESULT res = sendChunkedEntityData(output.size(),(unsigned char *) output.c_str(),handle);
+ pdu_response.encode(output);
+
+ NSS_HTTP_HANDLE handle = context->getHttpHandle();
- if(res == 0)
- {
- PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("CoolKeyHandler::write back to RA failed , disconnecting: \n"));
+ if(handle && output.size())
+ {
+ PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("CoolKeyHandler::sending to RA: %s \n",output.c_str()));
+ NSS_HTTP_RESULT res = sendChunkedEntityData(output.size(),(unsigned char *) output.c_str(),handle);
- context->CloseConnection();
- context->HttpOnDisconnect();
-
- }
+ if(res == 0)
+ {
+ PR_LOG( coolKeyLogHN, PR_LOG_ERROR, ("Processing HTTP message. Write back to TPS failed , disconnecting. \n"));
+ context->HttpOnDisconnect();
+ }
+ else
+ {
+ PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("CoolKeyHandler:ProcessTokenPDU data written to RA .\n"));
+ }
- }
- return;
}
+
+}
HRESULT CoolKeyHandler::HttpProcessStatusUpdate(eCKMessage_STATUS_UPDATE_REQUEST * msg)
{
@@ -1624,25 +1642,33 @@
switch (operation) {
case ENROLL:
if (result == 0) {
+
+ PR_LOG( coolKeyLogHN, PR_LOG_ALWAYS, ("Key Enrollment success.\n"));
CoolKeyAuthenticate(context->GetAutoCoolKey(), context->GetPIN());
CoolKeyNotify(context->GetAutoCoolKey(), eCKState_EnrollmentComplete,
context->GetScreenName() == NULL ? 1 : 0);
} else {
+ PR_LOG( coolKeyLogHN, PR_LOG_ALWAYS, ("Key Enrollment failure. Error: %d.\n",description));
CoolKeyNotify(context->GetAutoCoolKey(), eCKState_EnrollmentError, description); // XXX: Need INIT_FAILED error code!
}
break;
case RESET_PIN:
if (result == 0) {
+
+ PR_LOG( coolKeyLogHN, PR_LOG_ALWAYS, ("Key Reset Password success.\n"));
CoolKeyAuthenticate(context->GetAutoCoolKey(), context->GetPIN());
CoolKeyNotify(context->GetAutoCoolKey(), eCKState_PINResetComplete, 0);
} else {
+ PR_LOG( coolKeyLogHN, PR_LOG_ALWAYS, ("Key Reset Password failure. Error: %d.\n",description));
CoolKeyNotify(context->GetAutoCoolKey(), eCKState_PINResetError, description); // XXX: Need PIN_RESET_FAILED error code!
}
break;
case FORMAT:
if (result == 0) {
+ PR_LOG( coolKeyLogHN, PR_LOG_ALWAYS, ("Key Format success.\n"));
CoolKeyNotify(context->GetAutoCoolKey(), eCKState_FormatComplete, 0);
} else {
+ PR_LOG( coolKeyLogHN, PR_LOG_ALWAYS, ("Key Format failure. Error: %d.\n",description));
CoolKeyNotify(context->GetAutoCoolKey(), eCKState_FormatError, description); // XXX: Need FORMAT_FAILED error code!
}
break;
@@ -1981,6 +2007,7 @@
if (tokenInfo->flags & CKF_TOKEN_INITIALIZED) {
mask |= COOLKEY_INFO_IS_PERSONALIZED_MASK;
}
+
return mask;
}
@@ -2059,6 +2086,7 @@
if (status != SECSuccess) {
return 0;
}
+
return MapGetFlags(&tokenInfo);
}
@@ -2075,9 +2103,14 @@
HRESULT hres;
int atrSize;
char *atrString;
+ SECItem isCOOLKey;
ATR.data = NULL; // initialize for error processing
label.data = NULL; // initialize for error processing
+ isCOOLKey.data = NULL;
+
+
+ int isACOOLKey = 0;
/* if it's one of "ours" it'll have a reader object */
obj = PK11_FindGenericObjects(aSlot, CKO_MOZILLA_READER);
@@ -2093,8 +2126,7 @@
// get the ATR (though, again, we probably don't need it
status = PK11_ReadRawAttribute(PK11_TypeGeneric, obj, CKA_MOZILLA_ATR, &ATR);
- PK11_DestroyGenericObjects(obj);
- obj = NULL;
+ // PK11_DestroyGenericObjects(obj);
if (status != SECSuccess) {
goto failed;
}
@@ -2104,6 +2136,34 @@
goto failed;
}
+ //get the are we a CoolKey value
+
+ status = PK11_ReadRawAttribute(PK11_TypeGeneric, obj, CKA_MOZILLA_IS_COOL_KEY, &isCOOLKey);
+
+ PK11_DestroyGenericObjects(obj);
+ obj = NULL;
+
+ if (status != SECSuccess) {
+ goto failed;
+ }
+
+ if(isCOOLKey.len == 1)
+ {
+ PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("CKHGetCoolKeyInfo: CKA_MOZILLA_IS_COOL_KEY %d.\n",(int) isCOOLKey.data[0]));
+
+ isACOOLKey=(int) isCOOLKey.data[0];
+ }
+
+ PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("CKHGetCoolKeyInfo: info->flags %u.\n",tokenInfo.flags));
+
+ PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("CKHGetCoolKeyInfo: info->label %s.\n",(char *)tokenInfo.label));
+ PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("CKHGetCoolKeyInfo: info->manufacturerID %s.\n",(char *)tokenInfo.manufacturerID));
+ PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("CKHGetCoolKeyInfo: info->model %s.\n",(char *)tokenInfo.model));
+ PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("CKHGetCoolKeyInfo: info->serialNumber %s.\n",(char *)tokenInfo.serialNumber));
+
+ PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("CKHGetCoolKeyInfo: info->firmwareVersion.major %d info->firmwareVersion.minor %d \n",(int)tokenInfo.firmwareVersion.major,(int) tokenInfo.firmwareVersion.minor));
+
+
// OK, we have everything we need, now build the COOLKEYInfo structure.
info = new CoolKeyInfo();
if (!info) {
@@ -2122,6 +2182,10 @@
SECITEM_FreeItem(&ATR,PR_FALSE);
ATR.data = NULL;
+
+ PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("CKHGetCoolKeyInfo: info->atr %s.\n",(char *)atrString));
+
+
info->mATR = atrString;
info->mReaderName= (char *)malloc(label.len+1);
if (!info->mReaderName) {
@@ -2130,6 +2194,12 @@
memcpy(info->mReaderName, label.data, label.len);
info->mReaderName[label.len] = 0;
info->mInfoFlags = MapGetFlags(&tokenInfo);
+
+ //Handle the isCOOLKey flag
+ if(isACOOLKey) {
+ info->mInfoFlags |= COOLKEY_INFO_IS_REALLY_A_COOLKEY_MASK;
+ }
+
info->mCUID = (char *)malloc(35); /* should be a define ! */
if (!info->mCUID) {
goto failed;
@@ -2142,6 +2212,8 @@
SECITEM_FreeItem(&ATR,PR_FALSE);
SECITEM_FreeItem(&label,PR_FALSE);
+ SECITEM_FreeItem(&isCOOLKey,PR_FALSE);
+
info->mSlot = PK11_ReferenceSlot(aSlot);
info->mSeries = PK11_GetSlotSeries(aSlot);
return info;
Index: CoolKeyHandler.h
===================================================================
RCS file: /cvs/dirsec/esc/src/lib/coolkey/CoolKeyHandler.h,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- CoolKeyHandler.h 12 Jun 2006 23:39:51 -0000 1.1.1.1
+++ CoolKeyHandler.h 27 Sep 2006 17:47:46 -0000 1.2
@@ -95,6 +95,15 @@
FORMAT
};
+enum {
+ CONFIG_ERROR = 44,
+ CARD_CONTEXT_ERROR,
+ PDU_WRITER_ERROR,
+ HTTP_CLIENT_ERROR,
+ CONN_READER_ERROR
+
+};
+
class CoolKeyHandler
{
public:
Index: CoolKey_Message.cpp
===================================================================
RCS file: /cvs/dirsec/esc/src/lib/coolkey/CoolKey_Message.cpp,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- CoolKey_Message.cpp 12 Jun 2006 23:39:52 -0000 1.1.1.1
+++ CoolKey_Message.cpp 27 Sep 2006 17:47:46 -0000 1.2
@@ -15,12 +15,14 @@
* All rights reserved.
* END COPYRIGHT BLOCK **/
+#define FORCE_PR_LOG 1
+
#include "nspr.h"
#include "CoolKey_Message.h"
#include "math.h"
#include <iostream>
-PRLogModuleInfo *nkeyLogMS = PR_NewLogModule("netkey");
+PRLogModuleInfo *nkeyLogMS = PR_NewLogModule("coolKeyMessage");
void URLEncode(unsigned char *buf,char *ret, int *ret_len,int buff_len);
void URLDecode(char *buf,unsigned char *ret, int *ret_len,int buff_len);
Index: NSSManager.cpp
===================================================================
RCS file: /cvs/dirsec/esc/src/lib/coolkey/NSSManager.cpp,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- NSSManager.cpp 12 Jun 2006 23:39:51 -0000 1.1.1.1
+++ NSSManager.cpp 27 Sep 2006 17:47:46 -0000 1.2
@@ -15,6 +15,8 @@
* All rights reserved.
* END COPYRIGHT BLOCK **/
+#define FORCE_PR_LOG 1
+
#include "NSSManager.h"
#include "SmartCardMonitoringThread.h"
@@ -31,14 +33,19 @@
#include "p12plcy.h"
#include "secmod.h"
#include "secerr.h"
+#include "secder.h"
#include "certdb.h"
#include "secmodt.h"
#include "keythi.h"
#include "keyhi.h"
+#include <iostream>
+ #include <sstream>
+
+
#include "SlotUtils.h"
-static PRLogModuleInfo *coolKeyLogNSS = PR_NewLogModule("coolKey");
+static PRLogModuleInfo *coolKeyLogNSS = PR_NewLogModule("coolKeyNSS");
NSSManager::NSSManager()
{
@@ -59,6 +66,9 @@
{
// Init NSS
+ PR_LOG( coolKeyLogNSS, PR_LOG_ALWAYS, ("Initializing the NSS Crypto Library. \n"));
+
+
if(aAppDir)
{
SECStatus status = NSS_Init(aAppDir);
@@ -85,7 +95,7 @@
char modSpec[512];
- sprintf(modSpec,"library='%s' name='%s' parameters='%s'\n",COOLKEY_PKCS11_LIBRARY,COOLKEY_NAME,PROMISCUOUS_PARAMETER);
+ sprintf(modSpec,"library=\"%s\" name=\"%s\" parameters=\"%s\" NSS=\"slotParams={0x00000002=[slotFlags='PublicCerts']}\"\n",COOLKEY_PKCS11_LIBRARY,COOLKEY_NAME,PROMISCUOUS_PARAMETER);
PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("InitNSS: modSpec %s\n",modSpec));
@@ -96,7 +106,7 @@
if(!userModule || !userModule->loaded)
{
- PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("NSSManager::InitNSS problem loading PKCS11 module. \n"));
+ PR_LOG( coolKeyLogNSS, PR_LOG_ALWAYS, ("NSSManager::InitNSS problem loading PKCS11 module. No keys will be recognized!\n"));
return E_FAIL;
}
@@ -122,13 +132,6 @@
// Logout all tokens.
PK11_LogoutAll();
-
- //No longer Shutdown NSS, we are using the PSM XPCOM service which
- // takes care of this
-
- // SECStatus rv = NSS_Shutdown();
-
- PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("NSSManager::Shutdown \n"));
}
bool
@@ -246,13 +249,11 @@
PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("NSSManager::GetKeyCertNickNames \n"));
-
if(!aKey )
{
return E_FAIL;
}
-
PK11SlotInfo *slot = GetSlotForKeyID(aKey);
if (!slot)
@@ -260,7 +261,33 @@
return E_FAIL;
}
- CERTCertList *certs = PK11_ListCertsInSlot(slot);
+ CERTCertList *certs = PK11_ListCerts(PK11CertListAll,NULL);
+
+ if (!certs)
+ {
+ PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("NSSManager::GetCertNicknames no certs found! \n"));
+ PK11_FreeSlot(slot);
+ return E_FAIL;
+ }
+ CERTCertListNode *node= NULL;
+ for( node = CERT_LIST_HEAD(certs);
+ ! CERT_LIST_END(node, certs);
+ node = CERT_LIST_NEXT(node))
+ {
+ if(node->cert)
+ {
+ CERTCertificate *cert = node->cert;
+ if(cert)
+ {
+ if(cert->slot != slot)
+ {
+ CERT_RemoveCertListNode(node);
+ }
+ }
+ }
+
+ }
+
if (!certs)
{
@@ -306,10 +333,91 @@
}
+HRESULT NSSManager::GetKeyIssuedTo(const CoolKey *aKey, char *aBuf, int aBufLength)
+{
+
+ if(!aBuf)
+ return E_FAIL;
+
+ aBuf[0]=0;
+
+ PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("NSSManager::GetKeyIssuedTo \n"));
+
+ if(!aKey )
+ {
+ return E_FAIL;
+ }
+
+ PK11SlotInfo *slot = GetSlotForKeyID(aKey);
+
+ if (!slot)
+ {
+ return E_FAIL;
+ }
+
+
+ CERTCertList *certs = PK11_ListCerts(PK11CertListAll,NULL);
+
+ if (!certs)
+ {
+ PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("NSSManager::GetKeyIssuedTo no certs found! \n"));
+ PK11_FreeSlot(slot);
+ return E_FAIL;
+ }
+
+ CERTCertListNode *node= NULL;
+
+ char *certID = NULL;
+
+
+ for( node = CERT_LIST_HEAD(certs);
+ ! CERT_LIST_END(node, certs);
+ node = CERT_LIST_NEXT(node))
+ {
+ if(node->cert)
+ {
+ CERTCertificate *cert = node->cert;
+
+ if(cert)
+ {
+
+
+ if(cert->slot == slot)
+ {
+
+ certID = CERT_GetCommonName(&cert->subject);
+ PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("NSSManager::GetKeyIssuedTo ourSlot %p curSlot %p certID %s \n",slot,cert->slot,certID));
+
+ }
+
+ if(certID)
+ break;
+ }
+ }
+
+ }
+
+ if(certID && ((int)strlen(certID) < aBufLength))
+ {
+ strcpy(aBuf,certID);
+ }
+
+ if(certs)
+ CERT_DestroyCertList(certs);
+
+ if(slot)
+ PK11_FreeSlot(slot);
+
+ if(certID)
+ PORT_Free(certID);
+
+ return S_OK;
+}
+
HRESULT NSSManager::GetKeyCertInfo(const CoolKey *aKey, char *aCertNickname, string & aCertInfo)
{
- PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("NSSManager::GetKeyCertInfo \n"));
+ PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("NSSManager::GetKeyCertInfo Nickname %s \n",aCertNickname));
aCertInfo = "";
@@ -330,7 +438,7 @@
return E_FAIL;
}
- CERTCertList *certs = PK11_ListCertsInSlot(slot);
+ CERTCertList *certs = PK11_ListCerts(PK11CertListAll,NULL);
if (!certs)
{
@@ -339,19 +447,75 @@
return E_FAIL;
}
- CERTCertListNode *node= CERT_LIST_HEAD(certs);
+ PR_LOG(coolKeyLogNSS, PR_LOG_DEBUG, ("NSSManager::GetKeyCertInfo About to get CertList for slot. \n"));
- if(!CERT_LIST_END(node,certs))
- {
- CERTCertificate *cert = CERT_FindCertByNickname(node->cert->dbhandle,aCertNickname);
-
- if(cert)
+ CERTCertListNode *node= NULL;
+ for( node = CERT_LIST_HEAD(certs);
+ ! CERT_LIST_END(node, certs);
+ node = CERT_LIST_NEXT(node))
{
- aCertInfo = (char *) "";
- }
- }
+ if(node->cert)
+ {
+ CERTCertificate *cert = node->cert;
+ if(cert)
+ {
+ if(cert->slot == slot)
+ {
+ if(!strcmp(cert->nickname,aCertNickname))
+ {
+ PR_LOG(coolKeyLogNSS, PR_LOG_DEBUG, ("NSSManager::GetKeyCertInfo We have a matching cert to our slot. nickname %s \n",cert->nickname));
+
+ char *issuerCN = NULL;
+ char *issuedToCN = NULL;
+
+ aCertInfo = (char *) "";
+ issuedToCN = cert->subjectName;
+ issuerCN = cert->issuerName;
+
+ string issuerCNStr = "";
+ if(issuerCN)
+ issuerCNStr = issuerCN;
+
+ string issuedToCNStr = "" ;
+ if(issuedToCN)
+ issuedToCNStr = issuedToCN;
+
+ string notBeforeStr = "";
+ string notAfterStr = "";
+
+ char *nBefore = (char *) DER_UTCTimeToAscii(&cert->validity.notBefore);
+ char *nAfter = (char *) DER_UTCTimeToAscii(&cert->validity.notAfter);
+
+
+
+ if(nBefore)
+ notBeforeStr = nBefore;
+ if(nAfter)
+ notAfterStr = nAfter;
+
+ PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("NSSManager::GetKeyCertInfo notBefore %s notAfter %s \n",nBefore, nAfter));
+
+
+ int serialNumber = DER_GetInteger(&cert->serialNumber);
+
+ std::ostringstream o;
+ string serialStr = "";
+ if (o << serialNumber)
+ serialStr = o.str();
+
+ aCertInfo = issuedToCNStr + "\n" + issuerCNStr + "\n"
+ + notBeforeStr + "\n" + notAfterStr + "\n" + serialStr ;
+ PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("NSSManager::GetKeyCertInfo issuerCN %s issuedToCN %s \n",issuerCN, issuedToCN));
+
+
+ break;
+ }
+ }
+ }
+ }
+ }
- PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("NSSManager::GetKeyCertINfo info %s \n",aCertInfo.c_str()));
+ PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("NSSManager::GetKeyCertInfo info: %s \n",aCertInfo.c_str()));
if(certs)
CERT_DestroyCertList(certs);
@@ -361,6 +525,7 @@
return S_OK;
}
+
HRESULT
NSSManager::GetKeyPolicy(const CoolKey *aKey, char *aBuf, int aBufLength)
{
@@ -404,6 +569,7 @@
if (aBufLength - policyLen - 1 >=0) {
// if this policy ID isn't in the buffer, add it.
+
if (!strstr(aBuf, policyID)) {
// assuming that this isn't the start, add our delimiter
Index: NSSManager.h
===================================================================
RCS file: /cvs/dirsec/esc/src/lib/coolkey/NSSManager.h,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- NSSManager.h 12 Jun 2006 23:39:52 -0000 1.1.1.1
+++ NSSManager.h 27 Sep 2006 17:47:46 -0000 1.2
@@ -23,7 +23,9 @@
#define COOLKEY_NAME "COOL Key Module"
#define MUSCLE_NAME "SLB PKCS #11 module"
-#define PROMISCUOUS_PARAMETER "promiscuous=yes"
+#define PROMISCUOUS_PARAMETER "noAppletOK=yes"
+#define NSS_PUBLIC_CERTS "slotFlags=PublicCerts"
+
#ifndef NSSMANAGER_H
#define NSSMANAGER_H
@@ -64,6 +66,8 @@
static HRESULT GetKeyCertNicknames( const CoolKey *aKey, vector<string> & aStrings );
+ static HRESULT GetKeyIssuedTo(const CoolKey *aKey, char *aBuf, int aBufLength);
+
Index: SlotUtils.cpp
===================================================================
RCS file: /cvs/dirsec/esc/src/lib/coolkey/SlotUtils.cpp,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- SlotUtils.cpp 12 Jun 2006 23:39:52 -0000 1.1.1.1
+++ SlotUtils.cpp 27 Sep 2006 17:47:46 -0000 1.2
@@ -15,6 +15,8 @@
* All rights reserved.
* END COPYRIGHT BLOCK **/
+#define FORCE_PR_LOG 1
+
#include "nss.h"
#include "secmod.h"
#include "pk11func.h"
@@ -42,7 +44,7 @@
static std::list<CoolKeyInfo*> gCoolKeyList;
PRLock *gCoolKeyListLock = NULL;
-static PRLogModuleInfo *coolKeyLogSU = PR_NewLogModule("coolKey");
+static PRLogModuleInfo *coolKeyLogSU = PR_NewLogModule("coolKeySlot");
#ifdef DEBUG
int gCoolKeyListLockCount = 0;
#endif // DEBUG
@@ -315,6 +317,10 @@
CoolKeyInfo *info = GetCoolKeyInfoByKeyIDInternal(aKey);
+ int alreadyCoolKey = 0;
+ if( IS_REALLY_A_COOLKEY(info->mInfoFlags))
+ alreadyCoolKey = 1;
+
if (!info)
return -1;
@@ -323,6 +329,11 @@
info->mInfoFlags = CKHGetInfoFlags(info->mSlot);
+ if(alreadyCoolKey)
+ {
+ info->mInfoFlags |= COOLKEY_INFO_IS_REALLY_A_COOLKEY_MASK;
+ }
+
return 0;
}
Index: SlotUtils.h
===================================================================
RCS file: /cvs/dirsec/esc/src/lib/coolkey/SlotUtils.h,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- SlotUtils.h 12 Jun 2006 23:39:52 -0000 1.1.1.1
+++ SlotUtils.h 27 Sep 2006 17:47:46 -0000 1.2
@@ -38,10 +38,12 @@
#define COOLKEY_INFO_HAS_ATR_MASK (1 << 0)
#define COOLKEY_INFO_HAS_APPLET_MASK (1 << 1)
#define COOLKEY_INFO_IS_PERSONALIZED_MASK (1 << 2)
+#define COOLKEY_INFO_IS_REALLY_A_COOLKEY_MASK (1 << 3)
#define HAS_ATR(info) ((info)&COOLKEY_INFO_HAS_ATR_MASK)
#define HAS_APPLET(info) ((info)&COOLKEY_INFO_HAS_APPLET_MASK)
#define IS_PERSONALIZED(info) ((info)&COOLKEY_INFO_IS_PERSONALIZED_MASK)
+#define IS_REALLY_A_COOLKEY(info) ((info)&COOLKEY_INFO_IS_REALLY_A_COOLKEY_MASK)
struct CoolKeyInfo
{
Index: SmartCardMonitoringThread.cpp
===================================================================
RCS file: /cvs/dirsec/esc/src/lib/coolkey/SmartCardMonitoringThread.cpp,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- SmartCardMonitoringThread.cpp 12 Jun 2006 23:39:52 -0000 1.1.1.1
+++ SmartCardMonitoringThread.cpp 27 Sep 2006 17:47:46 -0000 1.2
@@ -15,13 +15,7 @@
* All rights reserved.
* END COPYRIGHT BLOCK **/
-//#include "XptlBase.h"
-//#include "CoolBucky.h"
-//#include "CoolSec.h"
-//#include "CoolBos.h"
-//#include "ILocateManager.h"
-//#include "ICertificateBlob.h"
-//#include "atlbase.h"
+#define FORCE_PR_LOG 1
#include "nspr.h"
@@ -32,14 +26,10 @@
#include "NSSManager.h"
#include "CoolKeyID.h"
#include "SlotUtils.h"
-//#include "CoolKeyThreadEventService.h"
-
#include <assert.h>
-static PRLogModuleInfo *coolKeyLogSC = PR_NewLogModule("coolKey");
-
-//WINOLEAPI CoInitializeEx(IN LPVOID pvReserved, IN DWORD dwCoInit);
+static PRLogModuleInfo *coolKeyLogSC = PR_NewLogModule("coolKeySmart");
SmartCardMonitoringThread::SmartCardMonitoringThread(SECMODModule *aModule)
: mModule(aModule), mThread(NULL)
@@ -79,7 +69,7 @@
{
PR_LOG( coolKeyLogSC, PR_LOG_DEBUG,
- ("SmartCardMonitoringThread::Insert pig: \n"));
+ ("SmartCardMonitoringThread::Insert Key. \n"));
CoolKeyInfo *info = CKHGetCoolKeyInfo(aSlot);
if (info) {
@@ -95,7 +85,7 @@
void SmartCardMonitoringThread::Remove(CoolKeyInfo *info)
{
PR_LOG( coolKeyLogSC, PR_LOG_DEBUG,
- ("SmartCardMonitoringThread::Remove : \n"));
+ ("SmartCardMonitoringThread::Remove Key: \n"));
info->mInfoFlags = 0;
AutoCoolKey key(eCKType_CoolKey, info->mCUID);
@@ -136,9 +126,8 @@
slot = SECMOD_WaitForAnyTokenEvent(mModule, 0, PR_SecondsToInterval(1) );
- PR_LOG( coolKeyLogSC, PR_LOG_DEBUG,
- ("SmartCardMonitoringThread::Execute Token Event fired :"
- " slot %p \n", slot));
+ PR_LOG( coolKeyLogSC, PR_LOG_ALWAYS,
+ ("SmartCard thread event detected. \n"));
if (slot == NULL) {
Index: ckymanager.def
===================================================================
RCS file: /cvs/dirsec/esc/src/lib/coolkey/ckymanager.def,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- ckymanager.def 12 Jun 2006 23:39:52 -0000 1.1.1.1
+++ ckymanager.def 27 Sep 2006 17:47:46 -0000 1.2
@@ -56,10 +56,6 @@
CoolKeySetDataValue;
CoolKeyGetTokenName;
CoolKeyGetKeyID;
-CoolKeyGetPref;
-CoolKeyFreePref;
-CoolKeyPrefInit;
-CoolKeyPrefShutdown;
;+ local:
;+ *;
;+};
Index: manifest.mn
===================================================================
RCS file: /cvs/dirsec/esc/src/lib/coolkey/manifest.mn,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- manifest.mn 12 Jun 2006 23:39:51 -0000 1.1.1.1
+++ manifest.mn 27 Sep 2006 17:47:46 -0000 1.2
@@ -17,10 +17,14 @@
CORE_DEPTH = ../../..
+SYS_INC = /usr/include
MODULE = ckymanager
LIBRARY_NAME = $(MODULE)
REQUIRES = httpchunked nss nspr ckyapplet
-DEFINES += -I$(CORE_DEPTH)/esc/app/xpcom
+ifndef MOZ_OFFSET
+MOZ_OFFSET = mozilla-1.7.13
+endif
+DEFINES += -I$(CORE_DEPTH)/esc/app/xpcom -I$(SYS_INC)/nspr4 -I$(SYS_INC)/nss3 -I$(SYS_INC)/PCSC -I$(SYS_INC)/$(MOZ_OFFSET)/nspr -I$(SYS_INC)/$(MOZ_OFFSET)/nss
MAPFILE = $(OBJDIR)/ckymanager.def
#EXTRA_LIBS += -L$(DIST)/lib -lckyapplet
@@ -31,12 +35,10 @@
CoolKey_Message.cpp \
CoolKeyHandler.cpp \
CoolKey.cpp \
- CoolKeyPref.cpp \
SmartCardMonitoringThread.cpp \
$(NULL)
EXPORTS = \
CoolKey.h \
- CoolKeyPref.h \
$(NULL)
More information about the Fedora-directory-commits
mailing list